c651de6 Add comment about current brokenness from develop..
~jasper pushed to ~jasper/knockoff git
STATE: broken: looks like bit32
lua lib no longer there.
NOTE: fwknop is probably better in many ways.
Based on knock, instead uses lua for configuration and both plain and sha256-based port orders.
sha256-based port orders limit replay attacks to a short periods. Note that it's still just an extra layer of protection.
There is also an option to change the order whenever too much of the sequence is observed, at the cost of being more complicated to use. You could even start a server, where the port it uses is based on the sha256.
Just run make knockoff
, you need libpcap
, lua
and curl
installed.
(last one is .. less needed)
Just exists for archlinux at the moment, get the other/arch-git/PKGBUILD
and
do makepkg
and sudo pacman -U knockoff*.pkg.tar.xz
as you'd usually do
for archlinux.
make home_install
will put things in ~/.bin/
, ~/.local/share/knockoff/
,
~/.config/knockoff
, you must add ~/.bin
to $PATH
.
(or just move the binary somewhere where it is in $PATH
)
Suggestions below assume root level install. (replace /etc/knockoff
with
~/.config/knockoff/
for the local-install interpretation)
The server(receiver of the knocks) needs to be run as root.
On both the server and knocker side,
cp /etc/knockoff/examples/sha2.lua /etc/knockoff/$SERVERNAME.lua
Change local secret = ..
value to the secret you agreed on.
Change the element in the
interfaces
list to the interface you want to sniff of the current device.
ip links
lists some (it might be something like eth0
, enp4s0
(wired)
wlan0
, wlp3s0
,(wireless) wlp0s20f0u2
(wireless usb-dongle))
(values possibly differ for server and knocker)
(in $SERVERNAME.lua
)Change the local port
value to the port you need open,
or just change the success
function directly.
To run the knocking-sniffer, as root, knockoff watch $SERVERNAME -v 2
(-v
just increases verbosity somewhat)
To knock the server: knockoff knock $SERVERNAME $IP
, and then within ten
seconds connect.
A look at the src/etc/examples/
directory might help. There is also a
knockoff help
. doc/
contains more documentation.
There is support for different events after a knock. The above assumes the
end-event is simply success
. For instance example/simple_choose.lua
has
multiple outcomes, A
and B
, i.e.
./knockoff knock example/simple_choose $ip A # Trigger A
./knockoff ports example/simple_choose B # Show port sequence for B.
See doc/features.md
for more other options. (todo list of some which don't
exist yet)
Jasper den Ouden. (me)
Judd Vinet's knock, which i copied, it would have been pretty hard for me to get the sniffing part right.
Licensed under the GPLv2 (text in gplv2.txt
) Note that it has the option "or any later version".