Be the first to post a text review of The Gobbler. Rate and review a project by clicking thumbs up or thumbs down in the right column.

• File released: /gobbler (latest)/Gobbler-2.0.1-Alpha/Gobbler-2.0.1-Alpha1.tar.gz

  posted 2297 days ago

• gobbler (latest) Gobbler-2.0.1-Alpha file released: Gobbler-2.0.1-Alpha1.tar.gz

  Alpha 2.0.1 ----------- Added port 0 fingerprinting - 7 tests Fixed huge bug in nmap OS detection.... now checks each test reply instead of just first.... opps ;) Fixed bug when sending RST to incoming connection. Wrong ACK number being sent back Alpha 2.0.0 ----------- Allow scanning from port 0 Added start of MITM attack with fake dns server (-M d) Updated MITM attack when leaving subnet (-Ml) now dishes out IP address Fixed 1 bug which caused OpenBSD to crash on ctrl+c... a usleep within the signal handler was screwing things up added OS X native sniffer support (UNTESTED!!!) fixed numerous compares between unsigned and signed var's fixed another bug in random port list creation Added option for destination port for OS detection test 8 (udp to closed port) (-u) fixed typo in OS detection which was causing seg fault Added native linux sniffer support fixed bug in random port list creation Updated install text Updated Compile script so that libnet-config and dnet-config are no longer required Added 8 out of 9 nmap OS detection tests.... still need to do sequence number analysis fixed seg fault when exiting gobbler when no sniffer threads started added couple of libpcap functions removed libpcap..... had too much stress with 100% cpu usage so going for native interfacing instead (thanks anonpoet hogwash.sf.net) Added openbsd bpf support recoded sniffing routine (cpu usage now stays around 1 or 2% opposed to 100%) Changed way non spoofed mac address being looked up.... now use gethw instead of eth_get... thanks dug song + mike schiffman Added length option for icmp echo Added detection of bogus TCP flag (eg ECN echo bit, not real control tcp flag) Changed all sent TTL's to GOBTTL (64) Added small notice about NetBSD hosts displaying error with arp broadcast scan Added standard checksum routine to convert.c Added some misc funcs from nmap Increased speed of the inital adding large port ranges (the fun of pointers to ends of linked lists) Added scanning of port 0..... only allowed when specifying a port range or all ports.... damn fyodor included this before me :) Added randomisation of dest ports for portscanner (can take a while with a large port range) Added randomisation of src ip / macs when portscanning Recoded portscanning routine Added data to ICMP packet... packet was too small thus padding was being added to ethernet frame Fixed bug in arp scan... scan was missing the 1st IP (network addr) Added detection for scanning local broadcast or local network address Added ability to detect hosts hiding on broadcast and network addresses (wink wink nudge nudge) Fixed some warnings when compiling Added random multicast mac address when specifing source host Added number of icmp ping requests to send (use -a) Added traceroute option (use -T) Randomised src ip for traceroute and ping Added routine to detect inital TTL sent from target Print if Dont fragment Bit is set (in ping and traceroute) Updated printing of hex digits (instead of %x now use %.2x) Added MAC OSX support.... much thanks to Andre Ludwig Changed Install doc a bit.... thanks again Andre Ludwig Added dhcp release.... if using a gobbled scan the IP addresses will be released (eg the server is less likley to be DoSed by mistake) (one downside... the dhcp server may issue the same ip addresses on your next scan (use -g to not release IP addresses)) (works against win2k dhcp server) Added display closed if number of closed < CLOSEDDISPLAYLIMIT (20) Added inital decoding of DNS packets (commented out in public release as still very buggy) Added some memory cleaning up routines, accently commented out so the stats would be displayed Added new type of host creation - specified (use -Q to specify src host) Added ICMP ping only option to detect if host is alive (-H) Added automated ICMP echo request before portscan (use -h to skip) Added display services (parsed from /etc/services) (lame i know.... will sort out different services file asap) Removed some of the speed restrictions when gobbling (now super quick but still hangs) Fixed bug in portscanner that was not allowing filter ports to be scanned if range was specified Fixed bug target arp cache linked list was updating when a portscan wasn't taking place Fixed bug in sending RST packets.... the wrong sequence / ack numbers were sometimes being sent... depending on rst type Fixed bug in various linked lists... some entries were being added twice (open port especially) Fixed bug in checking length of dhcp options... the function now returns instead of exiting Fixed bug in gobbling routine (missed out a mutex_unlock when updateing the linked list thus lock up) Fixed bug in gobbling routine (missed end of dhcp option checking.... therefor when gobbling a win2k server the gobbler was sending invalid server idenitifiers) Updated misc dhcp decoding Arp replies now added to linked list, thus displayed only once A number of hosts can now be created when using -Cg and -n or -Cs and -Q Changed options.... should now be simpler to use the gobbler.... all scanning options are now upper case and other options are all lower case (apart from a couple O, V, H) Added initial stages of nmap OS detection.... send same packets as nmap Added decoding of OS detection replies Added send OS detect udp packet from port 53... may bypass some lame firewall rules Added -c flag to display closed ports at end of scan Added many more decode options for DHCP Fixed possible buffer overflow....Added length check to each dhcp option Added temp mitm message updated readme.1st - info on ping replies from Mulicast Mac addrs Try ./Gobbler -N 192.168.255.255 -Q 192.168.0.101-m -H or ./Gobbler -N 192.168.0.0 -Q 192.168.3.44-m -H for invalid multicast ping test.... see readme.1st for more info Alpha 1.8.2 21-02-2003 ---------------------- Added OpenBSD 3.2 support (use ./Compile BSD or ./Compile LINUX to build the gobbler) Slowed down BSD scan due to high amounts of incorrectly filtered ports being returned, (may be to do with the ssh traffic) Alpha 1.8.1 19-02-2003 ---------------------- Slowed down fast scan by adding a delay of 300 nanoseconds... helps out libnet ;) Alpha 1.8 16-02-2003 -------------------- Added multiple methods for arp scan (from broadcast address, from gobbled host, from specified host). Slowed down arp scan.... increased chance of getting replies. Added dont reply to icmp echo request switch (-r). Fixed arp scan again.... message on bsd boxes now doesn;t appear... changed broadcast src mac from ff:ff:ff:ff:ff:ff to 00:00:00:00:00:00 Moved startlibnet() to b4 parsing args as if random mac was selected the same MAC addressess were used (not seeding random until after so moved it) Changed results (fixed minor timing bugs and removed irrelevant info). added reply to udp scans with ICMP port unavailable (-O command line opens a specified UDP port). added reply to half open syn scans and tcp connects. Send RST or if port specified -o open send SYN ACK. added create single host option for testing gobblers broken TCP/IP stack. Changed portscan timings... now sleep 750 000 00 nanosecs every X ports scanned (increased portscan reliabilty 10 fold). Reduced default endwait time from 5 to 2 seconds... as the scan is slower we don;t have to wait aslong Fixed major bug in scanning routine..... OSSTM was scanning both OSSTM ports and NMAP ports Added filtered port detection and rescan..... if port doesn;t reply retry, if still no reply port = filtered added subnet mitm attack (gobble 4 ip's dhcp server, dns server, default gw and client addr, and send to client when requested) default portscans (osstm and nmap services) now take around 20 to 40 seconds depending on how filtered scanning filtered ports slower than initial scanning phase Added start portscan signal (after portscan threads initialized signal it to start) Added real nmap ports (-Pr) opposed to just nmap services (real = 1605, services = 1153, OSSTM = 1233) Alpha 1.5 03-02-2003 -------------------- Distributed port scanning using either DHCP to decide on the source or source specified on command line Display MAC address of DHCP servers to detect rogue dhcp servers (unless rogue server is spoofing its mac address) Added NMAP service ports (array) Added Non gobbled spoofed syn flood Added print ports at end of scan Added send reset packet if port open Open ports added to linked list Fixed arp scan from subnets other than 255.255.0.0 Added non spoofed mac address in non gobbled portscan Added specify mac address in non gobbled portscan 1a:2b:3c:4d:5e:6f format Moved targets arp address from kernel to userland (eg there will be no change to your kernel's cache) The gobbler now does a lookup from the kernel arp cache... if fail a arp request is issued and reply and put in linked list Cleaned up number of threads started (compare port range, subnet count and threadnumbermax start lowest) Added setrlimit on core dumps (might not help if you are planning on debugging) Fixed arp lookup so only done once from the 1st spoofed address (opposed to once by everythread) Increase stability (the scans are now slower than before but the gobbler is less likely to crash) Added check to dynamically assigned ip address to ensure that each address is in a fully assigned address e.g. not waiting for ACK from server Alpha 1 19-12-02 ---------------- Multithreaded dynamically assigned spoofed stateless SYN portscanner (what a mouthful... soon to have distributed added to it) Multithreaded pthread_mutex_locking around pcap_next sniffer (another mouthful... good job its the gobbler were talking about) Multithreaded ARP scanner portscanner - decide on route and issue arp request - 3 types of port lists *All (simple count increment) *OSSTM (array of ports) *libnet port list - had to be converted to a linked list for thread concurrency issues gobbled IP-reply to arp request -reply to ICMP echo requests if from local segment DoS DHCP server MAC tagging to identify gobbled IP addresses on subnet Various packet sleep gaps Count number of possible address from netmask Packet stats + various timers displayed on exit Sniffer decodes-Ethernet frame -ARP packet - request + reply -IP packet -UDP packet -TCP packet -DHCP packet -ICMP packet - echo request + reply

  posted 2298 days ago

• Gobbler 2.0 Alpha Released

  Changelog for The Gobbler 2.0 Allow scanning from port 0 Added start of MITM attack with fake dns server (-M d) Updated MITM attack when leaving subnet (-Ml) now dishes out IP address Fixed 1 bug which caused OpenBSD to crash on ctrl+c... a usleep within the signal handler was screwing things up added OS X native sniffer support fixed numerous compares between unsigned and signed var's fixed another bug in random port list creation Added option for destination port for OS detection test 8 (udp to closed port) (-u) fixed typo in OS detection which was causing sef fault Added native linux sniffer support fixed bug in random port list creation Updated install text Updated Compile script so that libnet-config and dnet-config are no longer required Added 8 out of 9 nmap OS detection tests.... still need to do sequence number analysis fixed seg fault when exiting gobbler when no sniffer threads started added couple of libpcap functions removed libpcap..... had too much stress with 100% cpu usage so going for native interfacing instead (thanks anonpoet hogwash.sf.net) Added openbsd bpf support recoded sniffing routine (cpu usage now stays around 1 or 2% opposed to 100%) Changed way non spoofed mac address being looked up.... now use gethw instead of eth_get... thanks dug song + mike schiffman Added length option for icmp echo Added detection of bogus TCP flag (eg ECN echo bit, not real control tcp flag) Changed all sent TTL's to GOBTTL (64) Added small notice about NetBSD hosts displaying error with arp broadcast scan Added standard checksum routine to convert.c Added some misc funcs from nmap Increased speed of the inital adding large port ranges (the fun of pointers to ends of linked lists) Added scanning of port 0..... only allowed when specifying a port range or all ports.... damn fyodor included this before me :) Added randomisation of dest ports for portscanner (can take a while with a large port range) Added randomisation of src ip / macs when portscanning Recoded portscanning routine Added data to ICMP packet... packet was too small thus padding was being added to ethernet frame Fixed bug in arp scan... scan was missing the 1st IP (network addr) Added detection for scanning local broadcast or local network address Added ability to detect hosts hiding on broadcast and network addresses (wink wink nudge nudge) Fixed some warnings when compiling Added random multicast mac address when specifing source host Added number of icmp ping requests to send (use -a) Added traceroute option (use -T) Randomised src ip for traceroute and ping Added routine to detect inital TTL sent from target Print if Dont fragment Bit is set (in ping and traceroute) Updated printing of hex digits (instead of %x now use %.2x) Added MAC OSX support.... much thanks to Andre Ludwig Changed Install doc a bit.... thanks again Andre Ludwig Added dhcp release.... if using a gobbled scan the IP addresses will be released (eg the server is less likley to be DoSed by mistake) (one downside... the dhcp server may issue the same ip addresses on your next scan (use -g to not release IP addresses)) (works against win2k dhcp server) Added display closed if number of closed &amp;lt; CLOSEDDISPLAYLIMIT (20) Added inital decoding of DNS packets (commented out in public release as still very buggy) Added some memory cleaning up routines, accently commented out so the stats would be displayed Added new type of host creation - specified (use -Q to specify src host) Added ICMP ping only option to detect if host is alive (-H) Added automated ICMP echo request before portscan (use -h to skip) Added display services (parsed from /etc/services) (lame i know.... will sort out different services file asap) Removed some of the speed restrictions when gobbling (now super quick but still hangs) Fixed bug in portscanner that was not allowing filter ports to be scanned if range was specified Fixed bug target arp cache linked list was updating when a portscan wasn't taking place Fixed bug in sending RST packets.... the wrong sequence / ack numbers were sometimes being sent... depending on rst type Fixed bug in various linked lists... some entries were being added twice (open port especially) Fixed bug in checking length of dhcp options... the function now returns instead of exiting Fixed bug in gobbling routine (missed out a mutex_unlock when updateing the linked list thus lock up) Fixed bug in gobbling routine (missed end of dhcp option checking.... therefor when gobbling a win2k server the gobbler was sending invalid server idenitifiers) Updated misc dhcp decoding Arp replies now added to linked list, thus displayed only once A number of hosts can now be created when using -Cg and -n or -Cs and -Q Changed options.... should now be simpler to use the gobbler.... all scanning options are now upper case and other options are all lower case (apart from a couple O, V, H) Added initial stages of nmap OS detection.... send same packets as nmap Added decoding of OS detection replies Added send OS detect udp packet from port 53... may bypass some lame firewall rules Added -c flag to display closed ports at end of scan Added many more decode options for DHCP Fixed possible buffer overflow....Added length check to each dhcp option Added temp mitm message updated readme.1st - info on ping replies from Mulicast Mac addrs Try ./Gobbler -N 192.168.255.255 -Q 192.168.0.101-m -H or ./Gobbler -N 192.168.0.0 -Q 192.168.3.44-m -H for invalid multicast ping test.... see readme.1st for more info

  posted by ste0000 2346 days ago

• File released: /gobbler (latest)/Gobbler 2.0 Alpha/Gobbler-2.0-Alpha.tar.gz

  posted 2347 days ago

• gobbler (latest) Gobbler 2.0 Alpha file released: Gobbler-2.0-Alpha.tar.gz

  8 June 2003 Alpha 2.0.0 ----------- Allow scanning from port 0 Added start of MITM attack with fake dns server (-M d) Updated MITM attack when leaving subnet (-Ml) now dishes out IP address Fixed 1 bug which caused OpenBSD to crash on ctrl+c... a usleep within the signal handler was screwing things up added OS X native sniffer support fixed numerous compares between unsigned and signed var's fixed another bug in random port list creation Added option for destination port for OS detection test 8 (udp to closed port) (-u) fixed typo in OS detection which was causing sef fault Added native linux sniffer support fixed bug in random port list creation Updated install text Updated Compile script so that libnet-config and dnet-config are no longer required Added 8 out of 9 nmap OS detection tests.... still need to do sequence number analysis fixed seg fault when exiting gobbler when no sniffer threads started added couple of libpcap functions removed libpcap..... had too much stress with 100% cpu usage so going for native interfacing instead (thanks anonpoet hogwash.sf.net) Added openbsd bpf support recoded sniffing routine (cpu usage now stays around 1 or 2% opposed to 100%) Changed way non spoofed mac address being looked up.... now use gethw instead of eth_get... thanks dug song + mike schiffman Added length option for icmp echo Added detection of bogus TCP flag (eg ECN echo bit, not real control tcp flag) Changed all sent TTL's to GOBTTL (64) Added small notice about NetBSD hosts displaying error with arp broadcast scan Added standard checksum routine to convert.c Added some misc funcs from nmap Increased speed of the inital adding large port ranges (the fun of pointers to ends of linked lists) Added scanning of port 0..... only allowed when specifying a port range or all ports.... damn fyodor included this before me :) Added randomisation of dest ports for portscanner (can take a while with a large port range) Added randomisation of src ip / macs when portscanning Recoded portscanning routine Added data to ICMP packet... packet was too small thus padding was being added to ethernet frame Fixed bug in arp scan... scan was missing the 1st IP (network addr) Added detection for scanning local broadcast or local network address Added ability to detect hosts hiding on broadcast and network addresses (wink wink nudge nudge) Fixed some warnings when compiling Added random multicast mac address when specifing source host Added number of icmp ping requests to send (use -a) Added traceroute option (use -T) Randomised src ip for traceroute and ping Added routine to detect inital TTL sent from target Print if Dont fragment Bit is set (in ping and traceroute) Updated printing of hex digits (instead of %x now use %.2x) Added MAC OSX support.... much thanks to Andre Ludwig Changed Install doc a bit.... thanks again Andre Ludwig Added dhcp release.... if using a gobbled scan the IP addresses will be released (eg the server is less likley to be DoSed by mistake) (one downside... the dhcp server may issue the same ip addresses on your next scan (use -g to not release IP addresses)) (works against win2k dhcp server) Added display closed if number of closed < CLOSEDDISPLAYLIMIT (20) Added inital decoding of DNS packets (commented out in public release as still very buggy) Added some memory cleaning up routines, accently commented out so the stats would be displayed Added new type of host creation - specified (use -Q to specify src host) Added ICMP ping only option to detect if host is alive (-H) Added automated ICMP echo request before portscan (use -h to skip) Added display services (parsed from /etc/services) (lame i know.... will sort out different services file asap) Removed some of the speed restrictions when gobbling (now super quick but still hangs) Fixed bug in portscanner that was not allowing filter ports to be scanned if range was specified Fixed bug target arp cache linked list was updating when a portscan wasn't taking place Fixed bug in sending RST packets.... the wrong sequence / ack numbers were sometimes being sent... depending on rst type Fixed bug in various linked lists... some entries were being added twice (open port especially) Fixed bug in checking length of dhcp options... the function now returns instead of exiting Fixed bug in gobbling routine (missed out a mutex_unlock when updateing the linked list thus lock up) Fixed bug in gobbling routine (missed end of dhcp option checking.... therefor when gobbling a win2k server the gobbler was sending invalid server idenitifiers) Updated misc dhcp decoding Arp replies now added to linked list, thus displayed only once A number of hosts can now be created when using -Cg and -n or -Cs and -Q Changed options.... should now be simpler to use the gobbler.... all scanning options are now upper case and other options are all lower case (apart from a couple O, V, H) Added initial stages of nmap OS detection.... send same packets as nmap Added decoding of OS detection replies Added send OS detect udp packet from port 53... may bypass some lame firewall rules Added -c flag to display closed ports at end of scan Added many more decode options for DHCP Fixed possible buffer overflow....Added length check to each dhcp option Added temp mitm message updated readme.1st - info on ping replies from Mulicast Mac addrs Try ./Gobbler -N 192.168.255.255 -Q 192.168.0.101-m -H or ./Gobbler -N 192.168.0.0 -Q 192.168.3.44-m -H for invalid multicast ping test.... see readme.1st for more info Alpha 1.8.2 21-02-2003 ---------------------- Added OpenBSD 3.2 support (use ./Compile BSD or ./Compile LINUX to build the gobbler) Slowed down BSD scan due to high amounts of incorrectly filtered ports being returned, (may be to do with the ssh traffic) Alpha 1.8.1 19-02-2003 ---------------------- Slowed down fast scan by adding a delay of 300 nanoseconds... helps out libnet ;) Alpha 1.8 16-02-2003 -------------------- Added multiple methods for arp scan (from broadcast address, from gobbled host, from specified host). Slowed down arp scan.... increased chance of getting replies. Added dont reply to icmp echo request switch (-r). Fixed arp scan again.... message on bsd boxes now doesn;t appear... changed broadcast src mac from ff:ff:ff:ff:ff:ff to 00:00:00:00:00:00 Moved startlibnet() to b4 parsing args as if random mac was selected the same MAC addressess were used (not seeding random until after so moved it) Changed results (fixed minor timing bugs and removed irrelevant info). added reply to udp scans with ICMP port unavailable (-O command line opens a specified UDP port). added reply to half open syn scans and tcp connects. Send RST or if port specified -o open send SYN ACK. added create single host option for testing gobblers broken TCP/IP stack. Changed portscan timings... now sleep 750 000 00 nanosecs every X ports scanned (increased portscan reliabilty 10 fold). Reduced default endwait time from 5 to 2 seconds... as the scan is slower we don;t have to wait aslong Fixed major bug in scanning routine..... OSSTM was scanning both OSSTM ports and NMAP ports Added filtered port detection and rescan..... if port doesn;t reply retry, if still no reply port = filtered added subnet mitm attack (gobble 4 ip's dhcp server, dns server, default gw and client addr, and send to client when requested) default portscans (osstm and nmap services) now take around 20 to 40 seconds depending on how filtered scanning filtered ports slower than initial scanning phase Added start portscan signal (after portscan threads initialized signal it to start) Added real nmap ports (-Pr) opposed to just nmap services (real = 1605, services = 1153, OSSTM = 1233) Alpha 1.5 03-02-2003 -------------------- Distributed port scanning using either DHCP to decide on the source or source specified on command line Display MAC address of DHCP servers to detect rogue dhcp servers (unless rogue server is spoofing its mac address) Added NMAP service ports (array) Added Non gobbled spoofed syn flood Added print ports at end of scan Added send reset packet if port open Open ports added to linked list Fixed arp scan from subnets other than 255.255.0.0 Added non spoofed mac address in non gobbled portscan Added specify mac address in non gobbled portscan 1a:2b:3c:4d:5e:6f format Moved targets arp address from kernel to userland (eg there will be no change to your kernel's cache) The gobbler now does a lookup from the kernel arp cache... if fail a arp request is issued and reply and put in linked list Cleaned up number of threads started (compare port range, subnet count and threadnumbermax start lowest) Added setrlimit on core dumps (might not help if you are planning on debugging) Fixed arp lookup so only done once from the 1st spoofed address (opposed to once by everythread) Increase stability (the scans are now slower than before but the gobbler is less likely to crash) Added check to dynamically assigned ip address to ensure that each address is in a fully assigned address e.g. not waiting for ACK from server Alpha 1 19-12-02 ---------------- Multithreaded dynamically assigned spoofed stateless SYN portscanner (what a mouthful... soon to have distributed added to it) Multithreaded pthread_mutex_locking around pcap_next sniffer (another mouthful... good job its the gobbler were talking about) Multithreaded ARP scanner portscanner - decide on route and issue arp request - 3 types of port lists *All (simple count increment) *OSSTM (array of ports) *libnet port list - had to be converted to a linked list for thread concurrency issues gobbled IP-reply to arp request -reply to ICMP echo requests if from local segment DoS DHCP server MAC tagging to identify gobbled IP addresses on subnet Various packet sleep gaps Count number of possible address from netmask Packet stats + various timers displayed on exit Sniffer decodes-Ethernet frame -ARP packet - request + reply -IP packet -UDP packet -TCP packet -DHCP packet -ICMP packet - echo request + reply

  posted 2347 days ago

• whats going on

  just a quick update on whats going on with the gobbler..... while working on version 2 i have found some huge bugs that need to be fixed..... mainly concerning the gobbler using 100% of the cpu. The next version promises some shiney options such as OS detection from multiple spoofed sources, traceroute from spoofed source many many others btw it is going to be at least another couple of months before version 2 is released... just thought i would let you all know laterz

  posted by ste0000 2370 days ago

• Gobbler ported to OpenBSD 3.2

  woo hoo finaly got the gobbler ported to openBSD 3.2.... see the change log or readme.1st to see how to compile enjoy :)

  posted by ste0000 2452 days ago

• File released: /gobbler (latest)/Gobbler_Alpha1.8.2/Gobbler_Alpha1.8.2.tar.gz

  posted 2452 days ago

• gobbler (latest) Gobbler_Alpha1.8.2 file released: Gobbler_Alpha1.8.2.tar.gz

  Alpha 1.8.2 Added OpenBSD 3.2 support (use ./Compile BSD or ./Compile LINUX to build the gobbler) Slowed down BSD scan due to high amounts of filtered ports being returned, (may be something to do with all the ssh traffic) Alpha 1.8.1 Slowed down fast scan by adding a delay of 300 nanoseconds... helps out libnet ;) Added -C flag to display closed ports at end of scan Added many more decodes for DHCP options FIXED possible buffer overflow....Added length check to each dhcp option Added temp mitm message Alpha 1.8 Added multiple methods for arp scan (from broadcast address, from gobbled host, from specified host). Slowed down arp scan.... increased chance of getting replies. Added dont reply to icmp echo request switch (-r). Fixed arp scan again.... message on bsd boxes now doesn;t appear... changed broadcast src mac from ff:ff:ff:ff:ff:ff to 00:00:00:00:00:00 Moved startlibnet() to b4 parsing args as if random mac was selected the same MAC addressess were used (not seeding random until after so moved it) Changed results (fixed minor timing bugs and removed irrelevant info). added reply to udp scans with ICMP port unavailable (-O command line opens a specified UDP port). added reply to half open syn scans and tcp connects. Send RST or if port specified -o open send SYN ACK. added create single host option for testing gobblers broken TCP/IP stack. Changed portscan timings... now sleep 750 000 00 nanosecs every X ports scanned (increased portscan reliabilty 10 fold). Reduced default endwait time from 5 to 2 seconds... as the scan is slower we don;t have to wait aslong Fixed major bug in scanning routine..... OSSTM was scanning both OSSTM ports and NMAP ports Added filtered port detection and rescan..... if port doesn;t reply retry, if still no reply port = filtered added subnet mitm attack (gobble 4 ip's dhcp server, dns server, default gw and client addr, and send to client when requested) default portscans (osstm and nmap services) now take around 20 to 40 seconds depending on how filtered scanning filtered ports slower than initial scanning phase Added start portscan signal (after portscan threads initialized signal it to start) Added real nmap ports (-Pr) opposed to just nmap services (real = 1605, services = 1153, OSSTM = 1233) Alpha 1.5 Distributed port scanning using either DHCP to decide on the source or source specified on command line Display MAC address of DHCP servers to detect rogue dhcp servers (unless rogue server is spoofing its mac address) Added NMAP service ports (array) Added Non gobbled spoofed syn flood Added print ports at end of scan Added send reset packet if port open Open ports added to linked list Fixed arp scan from subnets other than 255.255.0.0 Added non spoofed mac address in non gobbled portscan Added specify mac address in non gobbled portscan 1a:2b:3c:4d:5e:6f format Moved targets arp address from kernel to userland (eg there will be no change to your kernel's cache) The gobbler now does a lookup from the kernel arp cache... if fail a arp request is issued and reply and put in linked list Cleaned up number of threads started (compare port range, subnet count and threadnumbermax start lowest) Added setrlimit on core dumps (might not help if you are planning on debugging) Fixed arp lookup so only done once from the 1st spoofed address (opposed to once by everythread) Increase stability (the scans are now slower than before but the gobbler is less likely to crash) Added check to dynamically assigned ip address to ensure that each address is in a fully assigned address e.g. not waiting for ACK from server Alpha 1 Multithreaded dynamically assigned spoofed stateless SYN portscanner (what a mouthful... soon to have distributed added to it) Multithreaded pthread_mutex_locking around pcap_next sniffer (another mouthful... good job its the gobbler were talking about) Multithreaded ARP scanner portscanner - decide on route and issue arp request - 3 types of port lists *All (simple count increment) *OSSTM (array of ports) *libnet port list - had to be converted to a linked list for thread concurrency issues gobbled IP-reply to arp request -reply to ICMP echo requests if from local segment DoS DHCP server MAC tagging to identify gobbled IP addresses on subnet Various packet sleep gaps Count number of possible address from netmask Packet stats + various timers displayed on exit Sniffer decodes-Ethernet frame -ARP packet - request + reply -IP packet -UDP packet -TCP packet -DHCP packet -ICMP packet - echo request + reply

  posted 2453 days ago

• OpenBSD port

  I thought i would let you know work is under way to port the gobbler to openbsd...... The good news i have managed to get it to compile.... the bad news there are some serious problems such as not being able to gobble IP addresses or portscan.... the arp scan is working and so is detecting a dhcp service so it just a matter of ironing out a couple of bugs :) The problems seem down to my lame thread logic oops :).... no doubt it will get it sorted as soon as possible laterz ste

  posted by ste0000 2453 days ago