tcpjunk

Langue: en

Version: September 2010 (fedora - 01/12/10)

Section: 1 (Commandes utilisateur)

NAME

Tcpjunk - TCP protocols testing tool.

SYNOPSIS

tcpjunk -s [hostname] -p [port] -c [session file] [options] tcpjunk -r -p [port] -c [session file] [options] tcpjunk -x

DESCRIPTION

Tcpjunk is a TCP protocols testing and hacking utility.
Tcpjunk can be used as an IPv4 or IPv6 client or server and uses a predefined session file containing the data to send. Tcpjunk can be used as a general testing tool, a traffic generator or a fuzzer, for protocols such as HTTP, SMTP, etc.

Tcpjunk has 3 modes of operation: concurrent client, concurrent server and in GUI mode - iterative client and server.

OPTIONS

General options:


-d

--debug

Force display of raw traffic when using multiple instances or in server mode.

-X

--hexdump

Display raw traffic as hexdump.

-v

--verbose

Display warnings and other information.

-h

--help

Show help and exit.

-x

--gui

Run Tcpjunk in GUI mode, allowing a single client or server testing environment (all other flags are ignored).

-a

--daemon

Run Tcpjunk as a daemon.
     

Session options:

-c

--file=FILENAME

specifies a session file name, containing the data to send.
A session file can contain any text or binary data. Tcpjunk tags can be inserted to session files to create dynamic content and to control send and receive operations. See Tags section for more information.

-e

--seq-file=DIRECTORY

With each connection, use a session file from the specified directory sequentially.

-f

--rand-file=DIRECTORY

With each connection, use a random session file from the specified directory.

-W

--wait-data

After connection is established, wait for remote host to send data first, before sending any replies (default: send data immediately).
     

-C

--close

When no data is left to send, do not wait for remote host to send a reply (default: wait for reply).

-T

--sess-time=MSECONDS

Session timeout (default: 100 milliseconds).
Tcpjunk uses this value to determine when to finish waiting for remote host to send data. This timeout is triggered when no data arrives from the remote host and when it expires, Tcpjust will continue with its next task. This option greatly affects session speed and should be set according to connection latency and tested protocol.
     

Client options:

-s

--host=HOST/IP

Hostname or IP address of remote host.

-i

--instances=NUMBER

Number of Tcpjunk client instances to run in parallel continuously.

-l

--limit-sess=NUMBER

Limit the number of sessions for each client instance (default: unlimited).
If specified, each Tcpjunk client instance will terminate after performing this many sessions.

-P

--src-ip=IP

Use a specific or random source IP address for client connections.
Tcpjunk adds these IP addresses automatically on aliases of a network interface specified with -I. Use the format 192.x.4.x for IPv4 and 2001:x:x:x:0:0:0:1 for IPv6, Tcpjunk replaces every 'x' with a random octet/quad.

-I

--interface=INTERFACE

Interface to use when using the -P option.
IP forwarding must be enabled on a host running Tcpjunk, if this interface does not lead directly to the destination address. This option needs root privileges.

-N

--ip-sessions=NUMBER

Number of connections to use each source IP address before changing to a different one (default: 10)
  

-O

--offset=NUMBER

Starting alias offset when using the -I option with IPv4 (default: 0).
When using multiple instances (-i) with different source IPv4 addresses, each Tcpjunk child process uses its own alias. Another main Tcpjunk processes, must use this option to have their own aliases.

-o

--src-port=PORT

Bind client connections to a specific source port.

Server options:

-r

--server

Run TCPJunk in server mode.
Tcpjunk will listen to connections on the port specified with -p. A Tcpjunk server can handle multiple connections simultaneously, but is not efficient as servers dedicated to specific protocols. Use -v and/or -d options, to view warnings or incoming connections data.
  

-E

--cert=FILENAME

SSL server certificate filename
     

-K

--key=FILENAME

SSL server key filename

Connection options:

-p

--port=PORT

TCP port or service name to connect / listen to.

-6

--ipv6

Connect and Accept using IPv6.

-S

--ssl

Use SSL (v3.0) to send data in all TCP connections.


Example for generating a private key and self signed SSL certificate:
$ openssl genrsa -des3 -out server.key 1024
$ openssl req -new -key server.key -out server.csr
$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

-t

--timeout=SECONDS

Connection establishment timeout (default: 2 seconds)

-w

--wait=MSESONDS

Create a delay between connections when using multiple instances (default: none).
     

-k

--repeat-sess=NUMBER

Repeat session on the same connection without reconnecting (default: 1)
     

-m

--send-size=BYTES

Set buffer size for send calls (when setting this option, TCP_NODELAY socket option is enabled).
  

-D

--send-delay=MSECONDS

If -m is used, wait this much between send calls.

-z

--optimize

Enables tw_recycle and tw_reuse TCP settings and sets file descriptor limits to 10240. This option needs root privileges.

SESSION FILE TAGS

<sect>[data]</sect>

Section tag, delimiters for multiple sections in the session flow.
When this tag is not used, Tcpjunk sends all data in the session file in one send operation.
If data is entered between <sect> tags, Tcpjunk sends each section by itself, and expect a reply from the remote host before sending the next section, for example:
    <sect>user root
    </sect>
    <sect>pass toor
    </sect>
 

<rep [min] [max]>[data]</rep>

Repeat tag, repeat [data], for times specified by the [min] setting.
If [max] is specified, repeats a random number of times, in the range of [min]-[max]. Repeat tags can be nested inside other repeat tags, for example:
    <rep 10>Outer1 <rep 1 5>Nested</rep>Outer2 </rep>
 

<sys>[command]<sys>

System tag, inserts the output of a system command into the session.
 

<fuzz [type|last] [min] [max]>

Fuzz tag, inserts a buffer of data of the specified type, in the size of [min] bytes.
If [max] is specified, insert a randomly sized buffer, in the range of [min]-[max]. Use <fuzz last> to repeat last tag output later in a session.

Fuzzing types:
 digit    [0-9]
 alnum    [0-9][a-z][A-Z]
 alpha    [a-z][A-Z]
 cntrl    control characters
 print    any printable character
 special  above ASCII 127
 punct    punctuation characters
 space    space characters
 any      any character
 random   random fuzzing type for each instance

<tamp [type] [min] [max]>[data]</tamp>

Tamper tag, tampers with enclosed data by replacing random characters with ones of the specified type (types are the same as in the fuzz tag).
Percentage of tampering is determined by the [min] value (1-100).
If [max] is specified, in each connection a random tampering percentage is chosen.

<char [hex code] [max]>

Char tag, inserts a specific character, specified by [hex code]. Only a single byte is inserted, unless [max] is specified.

<enc [prefix] [type] [postfix] [padding]>[data]</enc>

Encode tag, encode characters using the following encoding types: dec, hex, HEX or oct. prefix and postfix must be specified, or 'none'. Padding adds leading zeroes to each encoded character.

HTML encoding example: <enc &# dec none 4>test</enc> Produces: &#0116&#0101&#0115&#0116
 

<count [dec|hex|last] [min] [max]>

Count tag, counts from min to max, in decimal or hexadecimal.
The [min] and [max] values must be specified in decimal. Use <count last> to repeat last count output.

<charr>[oct, oct,...]</carr>

Character Array tag, inserts an array of characters, useful in cases when large amount of binary data is used.

<inst>

Instance tag, inserts the number of the current Tcpjunk instance.
In client mode, this tag inserts the same number for all connections a specific instance creates. In server mode, this tag inserts the number of the current server instance (always increments).
 

AUTHOR

Written by Ofer Kashayov <oferkv@gmail.com>. Copyright (c) 2008 - 2010 Ofer Kashayov