Jump to content

TCP checksum errors


 Share

Recommended Posts

Okay getting a weird problem and hopefully someone can spot what I am not seeing. This is the beginning of a complete network scan type program. I'm working on TCP right now to detect what ports if any are open. When I put in a range of IP's however the checksums will come up messed up. For instance if I put in 192.168.1.1-192.168.1.10 then every other IP scanned the TCP and IP checksums will come up incorrect but the IP after that will come up correct and work just fine. If I put in just a single IP the checksum will always come up correct. What is it about my code that is making my checksums not work every other packet when it is run multiple times? Am I not setting something back to zero why are the numbers coming out the same?

You need winpcap installed for this to work.

Here is the code... for parameters put in -ip 192.168.1.1-192.168.1.10 (ip range) -ps -p 80 and have wireshark open to get an idea what I'm talking about.

#NoTrayIcon
#AutoIt3Wrapper_Change2CUI=y

#include <winpcap.au3>
#include <array.au3>

Global $STDOUT_CHILD = 0x2
Global $iScan = 0
Global $iAlive = 0
;declare array that will be filled with what ip's we will be scanning
Dim $aIPSendArray[2] = [1, 0]
Global $bAlive = False
Global $bPortScan = False
Global $bUDP = False

$bIPRange = False
$bPortOpt = False
$bPortOptFast = False
$bIP = False
$bHost = False
$sIP = ""
$iNum = 0

If $CmdLine[0] < 3 Then usage()
If $CmdLine[1] = "/?" Then usage()
For $i = 1 to $CmdLine[0]
    Select
        Case $CmdLine[$i] = "-ip"
            $i += 1 ;increment
            $bIP = True
            $sIPReso = String($CmdLine[$i])
        Case $CmdLine[$i] = "-h"
            $i += 1 ;increment
            $bHost = True
            $sIP = String($CmdLine[$i])
            TCPStartup()
            $sIP = TCPNameToIP($sIP)
            If @error Then
                ConsoleWrite("Could not resolve host name" & @CRLF)
                usage()
            EndIf
            TCPShutdown()
        Case $CmdLine[$i] = "-a"
            $bAlive = True
        Case $CmdLine[$i] = "-ps"
            $bPortScan = True
        Case $CmdLine[$i] = "-udp"
            $bUDP = True
        Case $CmdLine[$i] = "-p"
            $i += 1 ;increment
            $aPort = StringSplit($CmdLine[$i], ",")
            $bPortOpt = True
        Case $CmdLine[$i] = "-F"
            $bPortOptFast = True
        Case Else
            usage()
    EndSelect
Next

If $bIP <> True And $bHost <> True Then usage()             ;must have one
If $bIP = True And $bHost = True Then usage()               ;can't have both
If $bPortScan <> True And $bAlive <> True Then usage()
If $bPortOpt = True and $bPortOptFast = True Then usage()
If Not $bPortOpt and Not $bPortOptFast Then
    Dim $aPort[65536]
    For $i = 1 to 65535
        $aPort[$i] = $i
    Next
    $aPort[0] = 65535
EndIf
If $bPortOptFast Then
    Dim $aPort[1025]
    For $i = 1 to 1024
        $aPort[$i] = $i
    Next
    $aPort[0] = 1024
EndIf

If $bPortScan = True Then
    ; initialise the Library 
    $winpcap=_PcapSetup() 
    If ($winpcap=-1) Then  
        MsgBox(16,"Pcap error !","WinPcap not found !")  
        Exit 
    EndIf 

    ; Get the interfaces list for which a capture is possible 
    $pcap_devices = _PcapGetDeviceList() 
    If ($pcap_devices=-1) Then  
        MsgBox(16,"Pcap error !",_PcapGetLastError())  
        Exit 
    EndIf
    
    $iInput = 0
    If Not IsIPAddress($pcap_devices[$iInput][7]) Then 
        ConsoleWrite("This device has no IP")
        Exit
    EndIf

    If ($pcap_devices[$iInput][3]<>"EN10MB") Then  
        MsgBox(16,"Pcap error !","This example only accepts Ethernet devices...")
        Exit
    EndIf 

    $pcap=_PcapStartCapture($pcap_devices[$iInput][0], "", 1) 
    If ($pcap=-1) Then  
        MsgBox(16,"Pcap error !",_PcapGetLastError())
        Exit
    EndIf 

    $aIPAddr = StringSplit($pcap_devices[$iInput][7], ".")

    $sMAC = getMac($sIP) ;check ARP table to see if host is on local network
    If $sMAC == 0 Then 
        $sDefGatewayIP = get_default_gateway() ;get dfg IP
        $sMAC = getMac($sDefGatewayIP) ;get mac of the default gateway and send there
    EndIf
    If $sMAC == 0 Then $sMAC = ARPCheck(StringSplit($sDefGatewayIP, "."), $aIPAddr) ;if def gw not in arp table send out arp packet to get MAC
    If $sMAC == 0 Then
        ConsoleWrite("Host unreachable")
        Exit
    EndIf

    $sMAC = StringReplace($sMAC, ":", "")
    $sMAC = StringUpper($sMAC)

    ;make the packet
    Dim $aPacket[62] = [ _
        Number(Dec(StringMid($sMAC, 1, 2))), _ ;dest mac
        Number(Dec(StringMid($sMAC, 3, 2))), _ 
        Number(Dec(StringMid($sMAC, 5, 2))), _
        Number(Dec(StringMid($sMAC, 7, 2))), _
        Number(Dec(StringMid($sMAC, 9, 2))), _
        Number(Dec(StringMid($sMAC, 11, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _;source mac
        Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
        Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _
        0x08, 0x00, _ ;IP HEADER type
        0x45, _;version and length
        0x00, _;diff services
        0x00, 0x30, _ ;total length
        0x16, 0x79, _;id
        0x40, _;flags
        0x00, _;fragment offset
        0x80, _;time to live
        0x06, _;protocol
        0, 0, _;checksum
        Number($aIPAddr[1]), _  ;source ip
        Number($aIPAddr[2]), _
        Number($aIPAddr[3]), _
        Number($aIPAddr[4]), _
        0, _ ;dest ip
        0, _
        0, _
        0, _
        0x39, 0xb5, _ ;source port
        0, 0, _ ;dest port
        0x00, 0x00, 0x00, 0x00, _ ;seq number
        0x00, 0x00, 0x00, 0x00, _ ;not sure what this is
        0x70, _ ;header length
        0x02, _ ;flags
        0x20, 0x00, _ ;window size
        0, 0, _ ;checksum
        0x00, 0x00, _ ;not sure what this is
        0x02, 0x04, 0x05, 0xB4, _ ;max segment size
        0x01, _ ;nop
        0x01, _ ;nop
        0x04, 0x02] ;sack permitted
EndIf

$time = TimerInit()
If $bHost = True Then
    selection($sIP)
ElseIf $bIP = True Then
    If StringInStr($sIPReso, "-") Then
        $bIPRange = True
        $aIP = StringSplit($sIPReso, "-")
        If UBound($aIP) > 3 Then usage()
        If Not IsIPAddress($aIP[1]) Then usage()
        If Not IsIPAddress($aIP[2]) Then usage()
        If StringCompare($aIP[1], $aIP[2]) = 0 Then usage()
        $aIP1 = StringSplit($aIP[1], ".")
        $aIP2 = StringSplit($aIP[2], ".")
            
        For $i = 1 to 4
            If Number($aIP1[$i]) <> Number($aIP2[$i]) Then ExitLoop
        Next
            
        If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage()   
            
        Select
            Case $i = 1
                $aIPSendArray[1] = 1
                For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                    For $i1 = Number($aIP1[$i + 1]) to 255
                        For $i2 = Number($aIP1[$i + 2]) to 255
                            For $i3 = Number($aIP1[$i + 3]) to 255
                                $sIPReso = (String($iIP & "." & $i1 & "." & $i2 & "." & $i3))
                                selection($sIPReso)
                                If $i3 = Number($aIP2[4]) AND $i2 = Number($aIP2[3]) Then ExitLoop
                            Next
                            $aIP1[$i + 3] = 1
                            If $i2 = Number($aIP2[3]) AND $i1 = Number($aIP2[2]) Then ExitLoop
                        Next
                        $aIP1[$i + 2] = 1
                        If $i1 = Number($aIP2[2]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                    Next
                    $aIP1[$i + 1] = 1
                Next
            Case $i = 2
                $aIPSendArray[1] = 2
                For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                    For $i1 = Number($aIP1[$i + 1]) to 255
                        For $i2 = Number($aIP1[$i + 2]) to 255
                            $sIPReso = (String($aIP2[1] & "." & $iIP & "." & $i1 & "." & $i2))
                            selection($sIPReso)
                            If $i2 = Number($aIP2[4]) AND $i1 = Number($aIP2[3]) Then ExitLoop
                        Next
                        $aIP1[$i + 2] = 1
                        If $i1 = Number($aIP2[3]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                    Next
                    $aIP1[$i + 1] = 1
                Next
            Case $i = 3
                $aIPSendArray[1] = 3
                For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                    For $i1 = Number($aIP1[$i + 1]) to 255
                        $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $iIP & "." & $i1))
                        selection($sIPReso)
                        If $i1 = Number($aIP2[4]) AND $iIP = Number($aIP2[$i]) Then ExitLoop
                    Next
                    $aIP1[$i + 1] = 1
                Next
            Case $i = 4
                $aIPSendArray[1] = 4
                For $iIP = Number($aIP1[$i]) to Number($aIP2[$i])
                    $sIPReso = (String($aIP2[1] & "." & $aIP2[2] & "." & $aIP2[3] & "." & $iIP))
                    selection($sIPReso)
                Next
        EndSelect
    Else
        If Not IsIPAddress($sIPReso) Then usage()
        selection($sIPReso)
    EndIf
EndIf

scan()
If $bAlive = True Then
    If $iAlive = 1 Then 
        ConsoleWrite("There is " & $iAlive & " alive host." & @CRLF)
    Else
        ConsoleWrite("There are " & $iAlive & " alive hosts." & @CRLF)
    EndIf
EndIf

;how many hosts we scanned and how long
If $iScan = 1 Then
    ConsoleWrite("Scanned " & $iScan & " address in " & round(TimerDiff($time) / 1000, 2) & " seconds") 
Else
    ConsoleWrite("Scanned " & $iScan & " addresses in " & round(TimerDiff($time) / 1000, 2) & " seconds")
EndIf

Func scan()
    For $i = 2 to $aIPSendArray[0]
        Select
            Case $bAlive = True And $bPortScan = True
                alive($aIPSendArray[$i])
                If Not @error Then
                    If $bUDP = True Then
                        udp($aIPSendArray[$i], $aPort)
                    Else
                        tcp($aIPSendArray[$i], $aPort)
                    EndIf
                EndIf
            Case $bAlive = True And $bPortScan = False
                alive($aIPSendArray[$i])
            Case $bAlive = False And $bPortScan = True
                If $bUDP = True Then
                    udp($aIPSendArray[$i], $aPort)
                Else
                    tcp($aIPSendArray[$i], $aPort)
                EndIf
        EndSelect
    Next
    $iScan += $aIPSendArray[0] - 1
EndFunc

;fill in array of ips that we are going to scan
Func selection($sIPReso)
    $aIPSendArray[0] += 1
    ReDim $aIPSendArray[$aIPSendArray[0] + 1]
    $aIPSendArray[$aIPSendArray[0]] = $sIPReso
    If $aIPSendArray[0] = 10000 Then
        scan()
        Local $iTemp = $aIPSendArray[1]
        Dim $aIPSendArray[2] = [1, $iTemp]
    EndIf
EndFunc   ;==>selection

Func alive($sIP)
    $itime = Ping($sIP, 200)
    If $iTime <> 0 Then 
        ConsoleWrite($sIP & " is alive " & $itime & "ms" & @CRLF)
        $iAlive += 1
    Else
        Switch @error
            Case 1 
                ConsoleWrite($sIP & " is offline" & @CRLF)
            Case 2
                ConsoleWrite($sIP & " is unreachable" & @CRLF)
            Case 3
                ConsoleWrite($sIP & " is a bad destination" & @CRLF)
            Case 4
                ConsoleWrite($sIP & " had other error" & @CRLF)
        EndSwitch
        SetError(1)
    EndIf
EndFunc     

Func tcp($sIP, $aPort)
    ConsoleWrite("Scanning " & $sIP & @CRLF)
    $timeport = TimerInit()
    For $i = 1 To $aPort[0]
        $aIPReso = StringSplit($sIP, ".")
        $aPacket[30] = Number($aIPReso[1])
        $aPacket[31] = Number($aIPReso[2])
        $aPacket[32] = Number($aIPReso[3])
        $aPacket[33] = Number($aIPReso[4])
    
        $hPort = Hex($aPort[$i], 4)
        $aPacket[36] = Dec(StringMid($hPort, 1, 2))
        $aPacket[37] = Dec(StringMid($hPort, 3, 2))

        #Region checksum for ip headers
        $sCheckSum = ""
        For $i1 = 14 to 33
            $sCheckSum &= Hex($aPacket[$i1], 2)
        Next
        
        $sCheckSum = checksum($sCheckSum)
        $aPacket[24] = Dec(StringMid($sCheckSum, 1, 2))
        $aPacket[25] = Dec(StringMid($sCheckSum, 3, 2))
        #EndRegion

        #Region checksum for TCP
        $sCheckSum = ""
        #Region PSEUDO HEADER
        For $i1 = 26 to 33 ;source and dest ip
            $sCheckSum &= Hex($aPacket[$i1], 2)
        Next
         
        $sCheckSum &= Hex(0x00, 2) ;reserved field?!?!?!
        $sCheckSum &= Hex($aPacket[23], 2) ;IP protocol... always 06 since that is TCP
        $sCheckSum &= Hex($aPacket[46] - 84, 4) ;seems like this may work... have to test in other trials
        ;$sCheckSum &= Hex(0x00, 2) & Hex($aPacket[46], 2) ;tcp length
        #EndRegion

        For $i1 = 34 to 61 ;take in rest of the packet
            $sCheckSum &= Hex($aPacket[$i1], 2)
        Next

        ;MsgBox(0, "", $sCheckSum)
        $sCheckSum = checksum($sCheckSum)
        $aPacket[50] = Dec(StringMid($sCheckSum, 1, 2))
        $aPacket[51] = Dec(StringMid($sCheckSum, 3, 2))
        #EndRegion

        $sPacket = makePacket($aPacket)
        If $sPacket == 0 Then 
            ConsoleWrite("Error")
            Exit
        EndIf
        
        _PcapSendPacket($pcap,$sPacket)
    Next
    ConsoleWrite("Scanned " & $aPort[0] & " ports in " & round(TimerDiff($timeport) / 1000, 2) & " seconds" & @CRLF & @CRLF)
EndFunc

Func udp($sIP, $aPort)
    TCPStartup()
    ConsoleWrite($sIP & @CRLF)
    $timeport = TimerInit()
    For $i = 1 To $aPort[0]
        $socket = UDPOpen($sIP, $aPort[$i])
        If $socket <> -1 Then
            ConsoleWrite("Port " & $aPort[$i] & " is open" & @CRLF)
            UDPCloseSocket($socket)   
        EndIf
    Next 
    ConsoleWrite("Scanned " & $aPort[0] & " ports in " & round(TimerDiff($timeport) / 1000, 2) & " seconds" & @CRLF)
    TCPShutdown()
EndFunc

Func checksum($data)
    $bin = Binary("0x" & $data)
    $Number = 0
    For $index = 1 To BinaryLen($bin) Step 2
        $chunk = Hex(BinaryMid($bin,$index,2),2)
        $Number += Dec($chunk)
    Next
    $Number = Hex($Number,8)
    $Number = Dec(StringLeft($Number,4)) + Dec(StringRight($Number,4))
    Return Hex(0xFFFF - $Number, 4)
EndFunc

Func usage()
    ConsoleWrite("Usage: -ip 192.168.1.1[-192.168.1.255] or [-h hostname] [-ps] [-a] optional: [-udp] [-p 80[,81[,..]] or [-F]" & @CRLF & @CRLF _ 
        & "   -ip " & @TAB & @TAB & "... allows you to enter a single ip or ip range" & @CRLF _
        & "   -h  " & @TAB & @TAB & "... lets you enter a hostname instead of an ip" & @CRLF _
        & "   -a  " & @TAB & @TAB & "... checks to see if hosts are alive" & @CRLF _
        & "   -ps " & @TAB & @TAB & "... does a port scan of all ports" & @CRLF _
        & "   -udp" & @TAB & @TAB & "... will scan target hosts udp ports" & @CRLF _
        & "   -p  " & @TAB & @TAB & "... specifies single port or multiple... -p 21,22,23" & @CRLF _
        & "   -F  " & @TAB & @TAB & "... Specifies a fast scan of well known ports between 1 and 1024." & @CRLF _ 
        & "       " & @TAB & @TAB & "    Otherwise all 65535 ports are scanned" & @CRLF & @CRLF)
    Exit
EndFunc

Func IsIPAddress($text)
    Return StringRegExp($text, "(((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))\.){3}((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|([1-9]?[0-9]))")
EndFunc

Func getMac($ip)
    $foo = Run(@ComSpec & " /c arp -g " & $ip, @SystemDir, @SW_HIDE, $STDOUT_CHILD)
    While 1
        Sleep(50)
        If Not ProcessExists($foo) Then ExitLoop
    WEnd
    $line = StdoutRead($foo)

    If StringCompare(StringReplace($line, @CRLF, ""), "No ARP Entries Found") == 0 Then Return 0
    $line = StringStripWS($line, 8)
    If StringCompare($line, "") <> 0 Then
        $position = StringInStr($line, $ip, 0, -1) + StringLen($ip)
        $sMAC = StringReplace(StringMid($line, $position, 17), "-", ":")
        Return $sMAC
    Else
        Return 0
    EndIf
EndFunc

Func ARPCheck($aIPReso, $aIPAddr)   
    Dim $aARPacket[60] = [0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _
          0x08, 0x06, 0x00, 0x01, _
          0x08, 0x00, 0x06, 0x04, 0x00, 0x01, _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 1, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 4, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 7, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 10, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 13, 2))), _
          Number(Dec(StringMid($pcap_devices[$iInput][6], 16, 2))), _   
          Number($aIPAddr[1]), _
          Number($aIPAddr[2]), _
          Number($aIPAddr[3]), _
          Number($aIPAddr[4]), _
          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
          Number($aIPReso[1]), _
          Number($aIPReso[2]), _ 
          Number($aIPReso[3]), _
          Number($aIPReso[4]), _
          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
          0x00, 0x00, 0x00, 0x00, 0x00, 0x00, _
          0x00, 0x00, 0x00, 0x00, 0x00, 0x00]
    
    AdlibEnable("getARPPacket", 1)
    
    $sPacket = makePacket($aARPacket)
    If $sPacket == 0 Then 
        ConsoleWrite("Error")
        Exit
    EndIf
    
    _PcapSendPacket($pcap,$sPacket)
    
    Sleep(200)
    
    AdlibDisable()
    
EndFunc

Func getARPPacket()
    $packet=_PcapGetPacket($pcap)
    If IsArray($packet) Then
        
        Local $aData[$packet[2]]
                
        ;get info into array of the packet
        $packet[3] = StringTrimLeft($packet[3], 2)
        For $i = 0 to $packet[2] - 1
            $aData[$i] = Dec(StringLeft($packet[3], 2))
            $packet[3] = StringTrimLeft($packet[3], 2)
        Next
    
        ;start checking if it is that packet we want
        $iHWType = $aData[14] & $aData[15]
        $iProtocolType = $aData[16] & $aData[17]
        $iOPCode = $aData[20] & $aData[21]
        $sSenderIP = $aData[28] & "." & $aData[29] & "." & $aData[30] & "." & $aData[31]
        $iSenderIP = Number($aData[28] & $aData[29] & $aData[30] & $aData[31])
        $sDestMac = ""
        For $i = 32 to 37
            $sDestMac &= Hex($aData[$i], 2) & ":"
        Next
        $sDestMac = StringTrimRight($sDestMac, 1)
        $sDestIP = $aData[38] & "." & $aData[39] & "." & $aData[40] & "." & $aData[41]
        
        ;make sure it was the type of packet we wanted
        If $iHWType = 01 And $iProtocolType = 80 And $iOPCode = 02 And _
                StringCompare($sDestMac, $pcap_devices[$iInput][6]) = 0 And _
                StringCompare($sDestIP, $pcap_devices[$iInput][7]) = 0 Then 
            ;do nothing
        Else
            Return 0
        EndIf
        
        ;if this was the right packet output the data
        For $i = 22 to 27
            $sMAC &= Hex($aData[$i], 2) & ":"
        Next
        $sMAC = StringTrimRight($sMAC, 1)
        Return $sMAC
    EndIf
EndFunc   ;==>PacketX_OnPacket

Func makePacket($aArray)
    If IsArray($aArray) Then 
        $sPacket = "0x"
        For $i = 0 to UBound($aArray) - 1
            $sPacket &= Hex($aArray[$i], 2)
        Next
        Return $sPacket
    Else
        Return 0
    EndIf
EndFunc

Func get_default_gateway()
    $foo = Run(@ComSpec & " /c netstat -rn", @SystemDir, @SW_HIDE, $STDOUT_CHILD)
    While 1
        Sleep(50)
        If Not ProcessExists($foo) Then ExitLoop
    WEnd
    $line = StringStripCR(StdoutRead($foo))
    If StringCompare($line, "") <> 0 Then
        $arr = StringSplit($line, "0.0.0.0", 1)
        $arr2 = StringStripWS($arr[3], 1)
        $arr2 = StringSplit($arr2, " ")
    Return $arr2[1]
    EndIf
EndFunc
Edited by SoulA
Link to comment
Share on other sites

Oh.. sorry man.. I didn't even look at the "selection" function because I saw many logical errors in the code ;]

- The IsIPAddress function is not correct in my opinion because you're not checking if the string is starting and ending with the match in cases like: "123.123.123.123.123-123.123.123.123.123" but you're looping from 1 to 4 so it's not a fatal error but it's still not correct. It's also not allowing things like: "192.168.001.001" or "192.168.000.1" for that matter.

- The second thing is that checking if there is no range using StringCompare is also not correct. It'll be more correct to do it the sum way like splitting the IP addresess and summing like: $iSum1 = $aIP1[1]*16^3+$aIP[2]*16^2+$aIP[3]*16+$aIP[4] and doing the same for the second IP and then checking if $aIP2 is less than or equal to $aIP1 sum before showing usage output. If for example you'll get -ip 192.168.0.001-192.168.0.01 you're going to enter to the switch case for nothing ;].

- The last thing I've noted is the wrong nested loops. Looping from some number up to 255 and then on the second outer loop the inner loop is looping again from the same number up to 255.. you're missing then numbers before this number. Example: -ip 192.168.9.209-192.169.0.0, you're going to loop something like this which is wrong:

For $i1 = 168 To 169
   For $i2 = 9 To 255
      For $i3 = 209 To 255
         ;....
      Next
   Next
Next

It's certainly not relating to the checksum issue but it has an impact of the logical correctness of your script.

Link to comment
Share on other sites

Okay going to try and retort your last post but first I'd like to say thanks for even looking at my script.

First of all an IP address range 123.123.123.123-123.123.123.123 is one IP and therefore you should only be entering 123.123.123.123 to scan that IP. Second 192.168.001.001 is not an IP address. This means that your second statement doesn't really mean anything either to me since you can't enter in those kinds of addresses.

Finally for the third thing you mentioned is if you enter and address range of 192.168.9.209-192.169.0.0 then the program should give you an error because you can't enter in an IP that is larger in the first slot. If Number($aIP1[$i]) > Number($aIP2[$i]) Then usage() makes sure that you put in the smaller address first and the end of the range second.

Hopefully I have responded well enough to the potential problems you saw. Maybe I am not completely understanding you so please if I'm saying things that aren't making sense make sure you respond!

As for the first issue I posted about...

Please I recommend you try to run the script (make sure you have winpcap installed) and have wireshark running. Enter in the parameters I mentioned in my first post and see what I'm saying about the checksums failing. I have looked for another hour and still can't find my logic error or what it is.

Link to comment
Share on other sites

Hmm... it seems like I didn't explain myself correctly and it all sounds like mumbling to you lol. ;]

192.168.000.000 is as well valid as 192.168.0.0.

About the loop issue. If you'll look again at the example loop I've posted before you'll see that it's correct. What you do is to loop from 1 to 4 checking if the numbers are not equal, so 192.168.9.209-192.169.0.0 will stop at $i = 2, check if 168 > 169 and if not true you're going to enter the $i=2 case while preforming an incorrect nested loop.

Preforming this loop correct is by summing the ip's lower and upper limits as:

Dim $sIPRange = '192.168.1.100-192.169.0.0'
Dim $aIPs = StringSplit($sIPRange, '-')
Dim $iIP1 = _IPToNumber($aIPs[1]), $iIP2 = _IPToNumber($aIPs[2])

For $i = $iIP1 To $iIP2
    ConsoleWrite(_NumberToIP($i) & @LF)
Next


Func _NumberToIP($iNum)
    Local $sStr = ''
    
    For $i = 4 To 1 Step -1
        $sStr &= Int(BinaryMid($iNum, $i, 1)) & '.'
    Next
    
    Return StringTrimRight($sStr, 1)
EndFunc

Func _IPToNumber($sString)
    Local $aIP = StringSplit($sString, '.')
    If @error Or $aIP[0] < 4 Then Return -1
    Return (Number($aIP[1])*16777216+Number($aIP[2])*65536+Number($aIP[3])*256+Number($aIP[4]))
EndFunc

Edit: By the way, a correct IP pattern is like this:

^(?>(?:[01]?\d\d|25[0-5]|2[0-4]\d|\d)\.){3}(?:[01]?\d\d|25[0-5]|2[0-4]\d|\d)$
Edited by Authenticity
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...