nemesis-icmp —
ICMP Protocol (The Nemesis Project)
nemesis-icmp |
[ -vZ?
]
[-a
TIME
]
[-b
ADDR
]
[-B
ADDR
]
[-c
CODE
]
[-d
IFNAME
]
[-D
ADDR
]
[-e
ID
]
[-f
OFFSET
]
[-F
OPT
]
[-G
ADDR
]
[-H
MAC
]
[-i
TYPE
]
[-I
ID
]
[-j
TOS
]
[-J
TTL
]
[-l
FILE
]
[-m
MASK
]
[-M
MAC
]
[-o
TIME
]
[-O
FILE
]
[-p
PROTO
]
[-P
FILE
]
[-q
MODE
]
[-r
TIME
]
[-s
NUM
]
[-S
ADDR
]
[-t
TOS
]
[-T
TTL
] |
nemesis is designed to be a command
line-based, portable human IP stack for UNIX-like and Windows systems. The
suite is broken down by protocol, and should allow for useful scripting of
injected packets from simple shell scripts.
nemesis-icmp provides an interface to craft
and inject ICMP packets allowing the user to specify any portion of an ICMP
packet as well as lower-level IP packet information.
-c
CODE- Specify the ICMP code within the ICMP header.
-e
ID- Specify the ICMP ID within the ICMP header.
-G
ADDR- Specify the preferred gateway IP address for ICMP redirect injection.
-i
TYPE- Specify the ICMP type within the ICMP header.
-m
MASK- Specify the IP address mask for ICMP address mask packets.
-P
FILE- This will cause
nemesis-icmp to use the
specified payload file as the payload when injecting ICMP packets. For
packets injected using the raw interface (where
-d is not used), the maximum payload
size is 65387 bytes. For packets injected using the link layer interface
(where -d IS used), the maximum payload
size is 1352 bytes. Payloads can also be read from stdin by specifying
-P- instead.
Windows systems are limited to a maximum payload size of 1352 bytes for ICMP
packets.
-q
MODE- Specify the ICMP injection mode to use when injecting. Valid modes are:
-qE- ICMP echo
-qM- ICMP address mask
-qU- ICMP unreachable
-qX- ICMP time exceeded
-qR- ICMP redirect
-qT- ICMP timestamp
Only one mode may be specified at a time.
-s
NUM- Specify the ICMP sequence number within the ICMP header.
-v- Display the injected packet in human readable form. Use twice to see a
hexdump of the injected packet with printable ASCII characters on the
right. Use three times for a hexdump without decoded ASCII.
-a
TIME- Specify the ICMP timestamp request reply transmit time (the time a reply
to an ICMP timestamp request was transmitted) within the ICMP timestamp
header.
-o
TIME- Specify the ICMP timestamp request transmit time (the time an ICMP
timestamp request was transmitted) within the ICMP timestamp header.
-r
TIME- Specify the ICMP timestamp request reply received time (the time a reply
to an ICMP timestamp request was received) within the ICMP timestamp
header.
-b
ADDR- Specify the original destination IP address within an ICMP unreachable,
redirect or time exceeded packet.
-B
ADDR- Specify the original source IP address within an ICMP unreachable,
redirect or time exceeded packet.
-f
OPT- Specify the original IP fragmentation options within an ICMP unreachable,
redirect or time exceeded packet. For more information, see the
-F command line switch.
-j
TOS- Specify the original IP type of service (TOS) within an ICMP unreachable,
redirect or time exceeded packet.
-J
TTL- Specify the original IP time to live (TTL) within an ICMP unreachable,
redirect or time exceeded packet.
-l
FILE- This will cause
nemesis-icmp to use the
specified IP options file as the options when building the original IP
header for the injected ICMP unreachable, redirect or time exceeded
packet. IP options can be up to 40 bytes in length. The IP options file
must be created manually based upon the desired options. IP options can
also be read from stdin by specifying
-O- instead.
-p
PROTO- Specify the IP protocol within an ICMP unrechable, redirect or time
exceeded packet.
-D
ADDR- Specify the destination IP address within the IP header.
-F
OPT- Specify the fragmentation options in the IP header:
-FD- don't fragment
-FM- more fragments
-FR- reserved flag
-F
offset-
IP fragmentation options can be specified individually or combined into a
single argument to the -F command line
switch by separating the options with commas (eg.
-FD,M) or spaces (eg.
-FM
223). The IP fragmentation offset is a
13-bit field with valid values from 0 to 8189. Don't fragment (DF), more
fragments (MF) and the reserved flag (RESERVED or RB) are 1-bit fields.
NOTE: Under normal conditions, the reserved
flag is unset.
-I
ID- Specify the IP ID within the IP header.
-O
FILE- This will cause
nemesis-icmp to use the
specified IP options file as the options when building the IP header for
the injected packet. IP options can be up to 40 bytes in length. The IP
options file must be created manually based upon the desired options. IP
options can also be read from stdin by specifying
-O- instead.
-S
ADDR- Specify the source IP address within the IP header.
-t
TOS- Specify the IP type of service (TOS) within the IP header. Valid type of
service values:
- 2
- Minimize monetary cost
- 4
- Maximize reliability
- 8
- Maximize throughput
- 24
- Minimize delay
NOTE: Under normal conditions, only one type of
service is set within a packet. To specify multiple types, specify the sum
of the desired values as the type of service.
-T
TTL- Specify the IP time-to-live (TTL) in the IP header.
-d
IFNAME- Specify the name (for UNIX-like systems) or the number (for Windows
systems) of the IFNAME to use (eg. fxp0,
eth0, hme0, 1).
-H
MAC- Specify the source MAC address,
(XX:XX:XX:XX:XX:XX).
-M
MAC- Specify the destination MAC address,
(XX:XX:XX:XX:XX:XX).
-Z- Lists the available network interfaces by number for use in link-layer
injection.
NOTE: This feature is only relevant to Windows
systems.
nemesis-icmp returns 0 on a successful exit,
1 if it exits on an error.
nemesis-arp(1),
nemesis-dhcp(1),
nemesis-dns(1),
nemesis-ethernet(1),
nemesis-igmp(1),
nemesis-ip(1),
nemesis-ospf(1),
nemesis-rip(1),
nemesis-tcp(1),
nemesis-udp(1).
Mark Grimes
<
mark@stateful.net>
and
Jeff Nathan
<
jeff@snort.org>
Please report at
https://github.com/libnet/nemesis/issues