├── ARP.png
├── HTTP.png
├── ICMP.png
├── README.md
├── UDP.png
├── bytes_v1.sh
└── bytes_v2.sh


/ARP.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lohcus/bytes_tcp_udp/70be35a7b54882ef283a13cd2c0b844016170952/ARP.png


--------------------------------------------------------------------------------
/HTTP.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lohcus/bytes_tcp_udp/70be35a7b54882ef283a13cd2c0b844016170952/HTTP.png


--------------------------------------------------------------------------------
/ICMP.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lohcus/bytes_tcp_udp/70be35a7b54882ef283a13cd2c0b844016170952/ICMP.png


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | 
 2 | Script simples para análise de bytes para cabeçalhos IP e TCP/UDP, ICMP e também pacotes ARP.
 3 | 
 4 | <b>V1:</b>
 5 | Sintaxe de uso:
 6 | 
 7 | ./bytes.sh <"seq_bytes">
 8 | 
 9 | ./bytes.sh <arquivo_com_bytes>
10 | 
11 | 
12 | 
13 | Exemplos:
14 | 
15 | ./bytes_v1.sh "1c 4b d6 66 e1 c0 46 a7 cf c3 8c 0a 08 00 45 00 00 3c 00 00 40 00 2e 06 2c e2 42 93 f0 aa c0 a8 2b f4 08 2f cb 10 49 2f fb 42 8a 2e b2 c7 a0 12 16 a0 a3 fd 00 00 02 04 05 78 04 02 08 0a 55 fe 99 06 00 25 29 e2 01 03 03 07"
16 | 
17 | ./bytes_v1.sh "ff ff ff ff ff ff 0a 00 27 00 00 00 08 06 00 01 08 00 06 04 00 03 0a 00 27 00 00 00 c0 a8 38 01 00 00 00 00 00 00 c0 a8 38 66"
18 | 
19 | ./bytes_v1.sh sequencia.txt
20 | 
21 | 
22 | 
23 | <b>V2:</b>
24 | Sintaxe de uso:
25 | 
26 | ./bytes_v2.sh -b seq_bytes_ou_arquivo [opcões]
27 | Opcões:
28 | 	-h		        Ajuda e modo de uso
29 | 	-p protocolo	Protocolo mais baixo a ser analizado (Ethernet por padrão) [opcional]
30 | 	   ip
31 | 	   arp
32 | 	   tcp
33 | 	   udp
34 | 	   icmp
35 | 
36 | 
37 | Exemplos:
38 | 
39 | ./bytes_v2.sh -b "1c 4b d6 66 e1 c0 46 a7 cf c3 8c 0a 08 00 45 00 00 3c 00 00 40 00 2e 06 2c e2 42 93 f0 aa c0 a8 2b f4 08 2f cb 10 49 2f fb 42 8a 2e b2 c7 a0 12 16 a0 a3 fd 00 00 02 04 05 78 04 02 08 0a 55 fe 99 06 00 25 29 e2 01 03 03 07"
40 | 
41 | ./bytes_v2.sh -b "ff ff ff ff ff ff 0a 00 27 00 00 00 08 06 00 01 08 00 06 04 00 03 0a 00 27 00 00 00 c0 a8 38 01 00 00 00 00 00 00 c0 a8 38 66"
42 | 
43 | /bytes_v2.sh -b "45 00 00 4c d1 b4 00 00 40 01 4e a3 ac 10 01 37 ac 10 01 02 08 00 dc 3a 83 08 00 00 64 73 74 20 68 74 74 70 20 70 6f 72 74 20 38 30 20 2f 6d 61 6c 77 61 72 65 2e 74 78 74 20 2d 20 4b 45 59 3a 20 30 30 32 39 38 34 31 37 31 37 32" -p ip
44 | 
45 | ./bytes_v2.sh -b sequencia.txt
46 | 


--------------------------------------------------------------------------------
/UDP.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/lohcus/bytes_tcp_udp/70be35a7b54882ef283a13cd2c0b844016170952/UDP.png


--------------------------------------------------------------------------------
/bytes_v1.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | #Criado por Daniel Domingues
  3 | #https://github.com/lohcus
  4 | 
  5 | clear
  6 | 
  7 | if [ -a "$1" ]
  8 | then
  9 | 	bytes=$(cat $1)
 10 | else
 11 | 	bytes=$1
 12 | fi
 13 | 
 14 | if [ ${#bytes} -lt 20 ]
 15 | then
 16 | 	echo "Sequencia de bytes ou arquivo informado inválidos"
 17 | 	exit 0
 18 | fi
 19 | 
 20 | #SEQUENCIA PARA COLORIR OS BYTES E FACILITAR A VISUALIZAÇÃO
 21 | #CAMADA 2
 22 | aux=$(echo $bytes | cut -d " " -f 1-6)
 23 | printf "\033[44;31;1m$aux \033[m"
 24 | aux=$(echo $bytes | cut -d " " -f 7-12)
 25 | printf "\033[44;37;1m$aux \033[m"
 26 | aux=$(echo $bytes | cut -d " " -f 13-14)
 27 | printf "\033[44;31;1m$aux \033[m"
 28 | 
 29 | #TESTA O TIPO DE PROTOCOLO UTILIZADO NA CAMADA 3
 30 | proto=$(echo $bytes | cut -d " " -f 13,14 | sed 's/ //g')
 31 | if [ $proto = "0800" ]
 32 | then
 33 | 	#CAMADA 3
 34 | 	#VERSION
 35 | 	aux=$(echo $bytes | cut -d " " -f 15 | cut -c1)
 36 | 	printf "\033[41;37;1m$aux\033[m"
 37 | 	#IHL
 38 | 	aux=$(echo $bytes | cut -d " " -f 15 | cut -c2)
 39 | 	printf "\033[41;36;1m$aux \033[m"
 40 | 	#ToS
 41 | 	aux=$(echo $bytes | cut -d " " -f 16)
 42 | 	printf "\033[41;37;1m$aux\n\033[m"
 43 | 	#TOTAL LENGTH
 44 | 	aux=$(echo $bytes | cut -d " " -f 17-18)
 45 | 	printf "\033[41;36;1m$aux \033[m"
 46 | 	#ID
 47 | 	aux=$(echo $bytes | cut -d " " -f 19-20)
 48 | 	printf "\033[41;37;1m$aux \033[m"
 49 | 	#FLAGS
 50 | 	aux=$(echo $bytes | cut -d " " -f 21 | cut -c1)
 51 | 	printf "\033[41;36;1m$aux\033[m"
 52 | 	#FRAGMENT OFFSET
 53 | 	aux=$(echo $bytes | cut -d " " -f 21 | cut -c2)
 54 | 	printf "\033[41;37;1m$aux \033[m"
 55 | 	#TTL
 56 | 	aux=$(echo $bytes | cut -d " " -f 22)
 57 | 	printf "\033[41;36;1m$aux \033[m"
 58 | 	#PROTOCOL
 59 | 	aux=$(echo $bytes | cut -d " " -f 23)
 60 | 	printf "\033[41;37;1m$aux \033[m"
 61 | 	#HEADER CHECKSUM
 62 | 	aux=$(echo $bytes | cut -d " " -f 24-25)
 63 | 	printf "\033[41;36;1m$aux \033[m"
 64 | 	#SRC ADDR
 65 | 	aux=$(echo $bytes | cut -d " " -f 26-30)
 66 | 	printf "\033[41;37;1m$aux \033[m"
 67 | 	#DST ADDR
 68 | 	aux=$(echo $bytes | cut -d " " -f 31-32)
 69 | 	printf "\033[41;36;1m$aux\n\033[m"
 70 | 	aux=$(echo $bytes | cut -d " " -f 33-34)
 71 | 	printf "\033[41;36;1m$aux \033[m"
 72 | 
 73 | 	#CAMADA 4
 74 | 	#SRC PORT
 75 | 	aux=$(echo $bytes | cut -d " " -f 35-36)
 76 | 	printf "\033[42;37;1m$aux \033[m"
 77 | 	#SRC PORT
 78 | 	aux=$(echo $bytes | cut -d " " -f 37-38)
 79 | 	printf "\033[42;31;1m$aux \033[m"
 80 | 	#RESTANTE DO CABEÇALHO DA CAMADA DE TRANSPORTE
 81 | 	aux=$(echo $bytes | cut -d " " -f 39-48)
 82 | 	printf "\033[42;37;1m$aux\n\033[m"
 83 | 	aux=$(echo $bytes | cut -d " " -f 49-64)
 84 | 	printf "\033[42;37;1m$aux\n\033[m"
 85 | elif [ $proto = "0806" ]
 86 | then
 87 | 	#CAMADA 3
 88 | 	#HARDWARE TYPE
 89 | 	aux=$(echo $bytes | cut -d " " -f 15-16)
 90 | 	printf "\033[41;37;1m$aux\n\033[m"
 91 | 	#PROTOCOL TYPE
 92 | 	aux=$(echo $bytes | cut -d " " -f 17-18)
 93 | 	printf "\033[41;36;1m$aux \033[m"
 94 | 	#HARDWARE SIZE
 95 | 	aux=$(echo $bytes | cut -d " " -f 19)
 96 | 	printf "\033[41;37;1m$aux \033[m"
 97 | 	#PROTOCOL SIZE
 98 | 	aux=$(echo $bytes | cut -d " " -f 20)
 99 | 	printf "\033[41;36;1m$aux \033[m"
100 | 	#OP CODE
101 | 	aux=$(echo $bytes | cut -d " " -f 21-22)
102 | 	printf "\033[41;37;1m$aux \033[m"
103 | 	#SENDER HARDWARE ADDRESS
104 | 	aux=$(echo $bytes | cut -d " " -f 23-28)
105 | 	printf "\033[41;36;1m$aux \033[m"
106 | 	#SENDER PROTOCOL ADDRESS
107 | 	aux=$(echo $bytes | cut -d " " -f 29-32)
108 | 	printf "\033[41;37;1m$aux\n\033[m"
109 | 	#TARGET HARDWARE ADDRESS
110 | 	aux=$(echo $bytes | cut -d " " -f 33-38)
111 | 	printf "\033[41;36;1m$aux \033[m"
112 | 	#TARGET PROTOCOL ADDRESS
113 | 	aux=$(echo $bytes | cut -d " " -f 39-42)
114 | 	printf "\033[41;37;1m$aux \033[m"
115 | fi
116 | 
117 | echo
118 | printf "\033[32;1m==========ETHERNET==========\n\033[m"
119 | 
120 | echo -n "Dst MAC: "
121 | aux=$(echo $bytes | cut -d " " -f 1,2,3,4,5,6)
122 | printf "\033[33;1m$aux\n\033[m"
123 | 
124 | echo -n "Src MAC: "
125 | aux=$(echo $bytes | cut -d " " -f 7,8,9,10,11,12)
126 | printf "\033[33;1m$aux\n\033[m"
127 | 
128 | echo -n "EhterType: "
129 | proto=$(echo $bytes | cut -d " " -f 13,14 | sed 's/ //g')
130 | if [ $proto = "0800" ]
131 | then
132 | 	printf "\033[33;1mIPv4\n\033[m"
133 | 
134 | 	echo
135 | 	printf "\033[32;1m=============IP=============\n\033[m"
136 | 
137 | 	echo -n "Versão: "
138 | 	aux=$(echo $bytes | cut -d " " -f 15 | cut -c1)
139 | 	printf "\033[33;1m$aux\n\033[m"
140 | 
141 | 	echo -n "Tamanho do cabeçalho IP: "
142 | 	aux=$(echo $bytes | cut -d " " -f 15 | cut -c2)
143 | 	let aux=$aux*4
144 | 	ipheader=$aux
145 | 	printf "\033[33;1m$aux bytes\n\033[m"
146 | 
147 | 	echo -n "Tamanho total do pacote: "
148 | 	aux=$(printf %d 0x$(echo $bytes | cut -d " " -f 17,18 | sed 's/ //g'))
149 | 	printf "\033[33;1m$aux bytes\n\033[m"
150 | 
151 | 	echo -n "ID: "
152 | 	id=$(echo $bytes | cut -d " " -f 19,20 | sed 's/ //g')
153 | 	aux=$(printf "%d\n" 0x$id)
154 | 	printf "\033[33;1m$aux\n\033[m"
155 | 
156 | 	echo -n "Flag: "
157 | 	flag=$(echo $bytes | cut -d " " -f 21 | cut -c1)
158 | 	if [ $flag = "2" ]
159 | 	then
160 | 		printf "\033[33;1mMore fragments\n\033[m"
161 | 	elif [ $flag = "4" ]
162 | 	then
163 | 		printf "\033[33;1mDon't fragment\n\033[m"
164 | 	else
165 | 		printf "\033[33;1mNo flag set\n\033[m"
166 | 	fi
167 | 	echo -n "Offset: "
168 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f 21,22 | sed 's/ //g' | cut -c2,3,4))
169 | 	printf "\033[33;1m$aux\n\033[m"
170 | 
171 | 
172 | 	echo -n "TTL: "
173 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f 23))
174 | 	printf "\033[33;1m$aux\n\033[m"
175 | 
176 | 
177 | 	echo -n "Protocolo: "
178 | 	proto=$(echo $bytes | cut -d " " -f 24)
179 | 	if [ $proto = "01" ]
180 | 	then
181 | 		printf "\033[33;1mICMP\n\033[m"
182 | 		proto="ICMP"
183 | 	elif [ $proto = "06" ]
184 | 	then
185 | 		printf "\033[33;1mTCP\n\033[m"
186 | 		proto="TCP"
187 | 	elif [ $proto = "11" ]
188 | 	then
189 | 		printf "\033[33;1mUDP\n\033[m"
190 | 		proto="UDP"
191 | 	else
192 | 		echo "Procure o protocolo $proto em /etc/protocols"
193 | 	fi
194 | 
195 | 	echo -n "Src IP: "
196 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f 27) 0x$(echo $bytes | cut -d " " -f 28) 0x$(echo $bytes | cut -d " " -f 29)  0x$(echo $bytes | cut -d " " -f 30))
197 | 	printf "\033[33;1m$aux\n\033[m"
198 | 
199 | 	echo -n "Dst IP: "
200 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f 31) 0x$(echo $bytes | cut -d " " -f 32) 0x$(echo $bytes | cut -d " " -f 33)  0x$(echo $bytes | cut -d " " -f 34))
201 | 	printf "\033[33;1m$aux\n\033[m"
202 | 
203 | 	echo
204 | #=======================================TCP=======================================
205 | 	if [ $proto = "TCP" ]
206 | 	then
207 | 		printf "\033[32;1m===========T C P=============\n\033[m"
208 | 
209 | 		echo -n "Src port: "
210 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15)),$(($ipheader+15+1)) | sed 's/ //g'))
211 | 		printf "\033[33;1m$aux\n\033[m"
212 | 
213 | 		echo -n "Dst port: "
214 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15+2)),$(($ipheader+15+3)) | sed 's/ //g'))
215 | 		printf "\033[33;1m$aux\n\033[m"
216 | 
217 | 		echo -n "Seq number: "
218 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15+4))-$(($ipheader+15+7)) | sed 's/ //g'))
219 | 		printf "\033[33;1m$aux\n\033[m"
220 | 
221 | 		echo -n "Ack number: "
222 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15+8))-$(($ipheader+15+11)) | sed 's/ //g'))
223 | 		printf "\033[33;1m$aux\n\033[m"
224 | 
225 | 		echo -n "Tamanho do cabeçalho TCP: "
226 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+12)) | cut -c1)
227 | 		aux=$(printf %d 0x$aux)
228 | 		let aux=$aux*4
229 | 		tcpheader=$aux
230 | 		printf "\033[33;1m$aux bytes\n\033[m"
231 | 
232 | 		echo "Flags: U A P R S F"
233 | 		echo "       R C S S Y I"
234 | 		echo "       G K H T N N"
235 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+12)),$(($ipheader+15+13)) | cut -c2-5 | sed 's/ //g')
236 | 		flag=$(echo "obase=2; ibase=16; $aux" | bc)
237 | 		aux=0" $(echo -n "$flag" | cut -c1)"
238 | 		aux=$aux" $(echo -n " $flag" | cut -c3)"
239 | 		aux=$aux" $(echo -n " $flag" | cut -c4)"
240 | 		aux=$aux" $(echo -n " $flag" | cut -c5)"
241 | 		aux=$aux" $(echo -n " $flag" | cut -c6)"
242 | 		printf "\033[33;1m       $aux\n\033[m"
243 | 
244 | 		#LEITURA DO PAYLOAD
245 | 		echo
246 | 		printf "\033[32;1m==========PAYLOAD============\n\033[m"
247 | 		bytes=$(echo $bytes | cut -d " " -f $((15+$ipheader+$tcpheader))-)
248 | 		for b in $bytes
249 | 		do
250 | 		        printf "\033[33;1m\x$b\033[m"
251 | 		        sleep 0.005
252 | 		done
253 | #=======================================UDP=======================================
254 | 	elif [ $proto = "UDP" ]
255 | 	then
256 | 		printf "\033[32;1m===========U D P=============\n\033[m"
257 | 		echo -n "Src port: "
258 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15)),$(($ipheader+15+1)) | sed 's/ //g'))
259 | 		printf "\033[33;1m$aux\n\033[m"
260 | 
261 | 		echo -n "Dst port: "
262 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15+2)),$(($ipheader+15+3)) | sed 's/ //g'))
263 | 		printf "\033[33;1m$aux\n\033[m"
264 | 
265 | 		echo -n "Tamanho do cabeçalho UDP: "
266 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+4)),$(($ipheader+15+5)) | sed 's/ //g')
267 | 		aux=$(printf %d 0x$aux)
268 | 		udpheader=$aux
269 | 		printf "\033[33;1m$aux bytes\n\033[m"
270 | 
271 | 		#LEITURA DO PAYLOAD
272 | 		echo
273 | 		printf "\033[32;1m==========PAYLOAD============\n\033[m"
274 | 		bytes=$(echo $bytes | cut -d " " -f $((15+$ipheader+8))-)
275 | 		for b in $bytes
276 | 		do
277 | 		        printf "\033[33;1m\x$b\033[m"
278 | 		        sleep 0.005
279 | 		done
280 | #=======================================ICMP=======================================
281 | 	elif [ $proto = "ICMP" ]
282 | 	then
283 | 		printf "\033[32;1m===========ICMP=============\n\033[m"
284 | 		echo -n "Type: "
285 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15)))
286 | 		if [ $aux = "01" ]
287 | 		then
288 | 			printf "\033[33;1mEcho Reply (1)\n\033[m"
289 | 		elif [ $aux = "03" ]
290 | 		then
291 | 			printf "\033[33;1mDestination Unreachable (3)\n\033[m"
292 | 		elif [ $aux = "08" ]
293 | 		then
294 | 			printf "\033[33;1mEcho Request (8)\n\033[m"
295 | 		elif [ $aux = "11" ]
296 | 		then
297 | 			printf "\033[33;1mTime Exceeded (11)\n\033[m"
298 | 		else
299 | 			printf "\033[33;1mOp Code não reconhecido ($aux)\n\033[m"
300 | 		fi
301 | 
302 | 		echo -n "Code: "
303 | 		aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(($ipheader+15+1))))
304 | 		printf "\033[33;1m$aux - Verifique em https://pt.wikipedia.org/wiki/Internet_Control_Message_Protocol\n\033[m"
305 | 
306 | 		echo -n "ID BE: "
307 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+4)),$(($ipheader+15+5)) | sed 's/ //g')
308 | 		aux=$(printf %d 0x$aux)
309 | 		printf "\033[33;1m$aux\n\033[m"
310 | 
311 | 		echo -n "ID LE: "
312 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+5)))
313 | 		aux=$aux$(echo $bytes | cut -d " " -f $(($ipheader+15+4)))
314 | 		aux=$(printf %d 0x$aux)
315 | 		printf "\033[33;1m$aux\n\033[m"
316 | 
317 | 		echo -n "Seq number BE: "
318 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+6)),$(($ipheader+15+7)) | sed 's/ //g')
319 | 		aux=$(printf %d 0x$aux)
320 | 		printf "\033[33;1m$aux\n\033[m"
321 | 
322 | 		echo -n "Seq number LE: "
323 | 		aux=$(echo $bytes | cut -d " " -f $(($ipheader+15+7)))
324 | 		aux=$aux$(echo $bytes | cut -d " " -f $(($ipheader+15+6)))
325 | 		aux=$(printf %d 0x$aux)
326 | 		printf "\033[33;1m$aux\n\033[m"
327 | 	fi
328 | #=======================================ARP=======================================
329 | elif [ $proto = "0806" ]
330 | then
331 | 	printf "\033[33;1mARP\n\033[m"
332 | 
333 | 	echo
334 | 	printf "\033[32;1m=============ARP=============\n\033[m"
335 | 
336 | 	echo -n "Hardware Type: "
337 | 	aux=$(echo $bytes | cut -d " " -f 15-16 | sed 's/ //g')
338 | 	if [ $aux = "0001" ]
339 | 	then
340 | 		printf "\033[33;1mEthernet\n\033[m"
341 | 	else
342 | 		printf "\033[33;1mVerifique em https://www.iana.org/assignments/arp-parameters/arp-parameters.xhtml o tipo de hardware número $aux\n\033[m"
343 | 	fi
344 | 
345 | 	echo -n "Protocol Type: "
346 | 	aux=$(echo $bytes | cut -d " " -f 17-18 | sed 's/ //g')
347 | 	if [ $aux = "0800" ]
348 | 	then
349 | 		printf "\033[33;1mIPv4\n\033[m"
350 | 	else
351 | 		printf "\033[33;1mVerifique em https://www.wikiwand.com/en/EtherType o tipo de protocolo número $aux\n\033[m"
352 | 	fi
353 | 
354 | 	echo -n "Hardware Address Length: "
355 | 	aux=$(echo $bytes | cut -d " " -f 19)
356 | 	printf "\033[33;1m$aux\n\033[m"
357 | 
358 | 	echo -n "Protocol Address Length: "
359 | 	aux=$(echo $bytes | cut -d " " -f 20)
360 | 	printf "\033[33;1m$aux\n\033[m"
361 | 
362 | 	echo -n "Op Code: "
363 | 	aux=$(echo $bytes | cut -d " " -f 21-22 | sed 's/ //g')
364 | 	if [ $aux = "0001" ]
365 | 	then
366 | 		printf "\033[33;1mRequest (1)\n\033[m"
367 | 	elif [ $aux = "0002" ]
368 | 	then
369 | 		printf "\033[33;1mReply (2)\n\033[m"
370 | 	else
371 | 		printf "\033[33;1mOp Code não reconhecido ($aux)\n\033[m"
372 | 	fi
373 | 
374 | 	echo -n "Sender MAC Address: "
375 | 	aux=$(echo $bytes | cut -d " " -f 23-28)
376 | 	printf "\033[33;1m$aux\n\033[m"
377 | 
378 | 	echo -n "Sender Protocol Adress: "
379 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f 29) 0x$(echo $bytes | cut -d " " -f 30) 0x$(echo $bytes | cut -d " " -f 31)  0x$(echo $bytes | cut -d " " -f 32))
380 | 	printf "\033[33;1m$aux\n\033[m"
381 | 
382 | 	echo -n "Target MAC Address: "
383 | 	aux=$(echo $bytes | cut -d " " -f 33-38)
384 | 	printf "\033[33;1m$aux\n\033[m"
385 | 
386 | 	echo -n "Target Protocol Adress: "
387 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f 39) 0x$(echo $bytes | cut -d " " -f 40) 0x$(echo $bytes | cut -d " " -f 41)  0x$(echo $bytes | cut -d " " -f 42))
388 | 	printf "\033[33;1m$aux\n\033[m"
389 | 
390 | 	#LEITURA DO PAYLOAD
391 | 	echo
392 | 	printf "\033[32;1m==========PAYLOAD============\n\033[m"
393 | 	bytes=$(echo $bytes | cut -d " " -f 43-)
394 | 	for b in $bytes
395 | 	do
396 | 	        printf "\033[33;1m\x$b\033[m"
397 | 	        sleep 0.005
398 | 	done
399 | elif [ $proto = "86DD" ]
400 | then
401 | 	printf "\033[33;1mIPv6\n\033[m"
402 | 	printf "\033[32;1mESTE SCRIPT SUPORTA APENAS IPv4 e ARP!\n\033[m"
403 | 	echo
404 | 	exit 0
405 | else
406 | 	printf "\033[33;1m$proto\n\033[m"
407 | 	printf "\033[32;1mESTE SCRIPT SUPORTA APENAS IPv4 e ARP!\n\033[m"
408 | 	echo
409 | 	exit 0
410 | fi
411 | echo
412 | 


--------------------------------------------------------------------------------
/bytes_v2.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | #Criado por Daniel Domingues
  3 | #https://github.com/lohcus
  4 | 
  5 | colunas=$(tput cols) # VERIFICA O TAMANHO DA JANELA PARA PODER DESENHAR O LAYOUT
  6 | 
  7 | #FUNCAO DE AJUDA
  8 | uso() {
  9 | 	divisao
 10 | 	printf "\033[37;1mUso: $0 -b \033[32;1mseq_bytes_ou_arquivo\033[37;1m [opcões]\n\033[m"
 11 | 	printf "\033[37;1mOpcões:\n\033[m"
 12 | 	printf "\033[37;1m	-h		Ajuda e modo de uso\n\033[m"
 13 | 	printf "\033[37;1m	-p \033[32;1mprotocolo\033[37;1m	Protocolo mais baixo a ser analizado (Ethernet por padrão) [opcional]\n\033[m"
 14 | 	printf "\033[32;1m	   ip\n\033[m"
 15 | 	printf "\033[32;1m	   arp\n\033[m"
 16 | 	printf "\033[32;1m	   tcp\n\033[m"
 17 | 	printf "\033[32;1m	   udp\n\033[m"
 18 | 	printf "\033[32;1m	   icmp\n\033[m"
 19 | 	divisao
 20 | 	exit 1
 21 | }
 22 | #=================================================================================================================
 23 | 
 24 | #FUNCAO DE DIVISORIA
 25 | divisao () {
 26 | 	printf "\r\033[35;1m=\033[m"
 27 | 
 28 | 	# LACO PARA PREENCHER UMA LINHA COM "="
 29 | 	for i in $(seq 0 1 $(($colunas-2)))
 30 | 	do
 31 | 		printf "\033[35;1m=\033[m"
 32 | 	done
 33 | 	echo
 34 | }
 35 | #=================================================================================================================
 36 | 
 37 | clear
 38 | 
 39 | #CHAMA A FUNCAO PARA DESENHAR UMA DIVISORIA
 40 | divisao
 41 | echo
 42 | 
 43 | #VALORES PADROES
 44 | proto="ethernet"
 45 | byte=1
 46 | ipheader=1
 47 | 
 48 | texto="ANALIZADOR DE BYTES"
 49 | centro_coluna=$(( $(( $(( $colunas-$(echo -n $texto | wc -c) ))/2 )))) #CALCULO PARA CENTRALLIZAR O TITULO
 50 | tput cup 0 $centro_coluna #POSICIONAR O CURSOR
 51 | printf "\033[37;1m$texto\n\033[m"
 52 | divisao
 53 | texto="ESTE SCRIPT NÃO VALIDA OS DADOS DE ENTRADA! VERIFIQUE SEMPRE O RESULTADO PARA CONFIRMAR O PROTOCOLO!"
 54 | centro_coluna=$(( $(( $(( $colunas-$(echo -n $texto | wc -c) ))/2 )))) #CALCULO PARA CENTRALLIZAR O TITULO
 55 | tput cup 1 $centro_coluna #POSICIONAR O CURSOR
 56 | printf "\033[31;6m$texto\n\033[m"
 57 | 
 58 | # VERIFICA AS OPCOES DIGITADAS
 59 | while getopts "hb:p:" OPTION
 60 | do
 61 | 	case $OPTION in
 62 |     	"h") uso
 63 |         	;;
 64 |       	"p") proto=$OPTARG
 65 |          	;;
 66 |       	"b") if [ -a "$OPTARG" ]
 67 | 			 then
 68 | 				bytes=$(cat $OPTARG)
 69 | 			 else
 70 | 				bytes=$OPTARG
 71 | 			 fi
 72 |         	;;
 73 |       	"?") uso
 74 |         	;;
 75 |    esac
 76 | done
 77 | shift $((OPTIND-1))
 78 | 
 79 | # VERIFICA SE FORAM DIGITADOS OS PARAMETROS OBRIGATORIOS -u E -w
 80 | [ -z "$bytes" ] && uso
 81 | 
 82 | # UPPERCASE NO PROTOCOLO
 83 | proto=$(echo ${proto^^})
 84 | 
 85 | #====================================CAMADA 2====================================
 86 | if [ "$proto" = "ETHERNET" ]
 87 | then
 88 | 	byte=1
 89 | 	echo
 90 | 	printf "\033[32;1m==========ETHERNET==========\n\033[m"
 91 | 
 92 | 	echo -n "Dst MAC: "
 93 | 	aux=$(echo $bytes | cut -d " " -f $byte-$(( $byte+5 )) | sed 's/ /:/g')
 94 | 	printf "\033[33;1m$aux\n\033[m"
 95 | 	
 96 | 	echo -n "Src MAC: "
 97 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+6 ))-$(( $byte+11 )) | sed 's/ /:/g')
 98 | 	printf "\033[33;1m$aux\n\033[m"
 99 | 
100 | 	proto=$(echo $bytes | cut -d " " -f $(( $byte+12 ))-$(( $byte+13 )) | sed 's/ //g')
101 | 	
102 | 	#DESLOCA O PONTEIRO DE BYTES PARA A POSICAO 15
103 | 	byte=15
104 | fi
105 | 
106 | #====================================CAMADA 3====================================
107 | #=======================================IP=======================================
108 | if [ "$proto" = "0800" ] || [ "$proto" = "IP" ]
109 | then
110 |     echo -n "EhterType: "
111 | 	printf "\033[33;1mIPv4\n\033[m"
112 | 
113 | 	echo
114 | 	printf "\033[32;1m=============IP=============\n\033[m"
115 | 
116 | 	echo -n "Versão: "
117 | 	aux=$(echo $bytes | cut -d " " -f $byte | cut -c1)
118 | 	printf "\033[33;1m$aux\n\033[m"
119 | 
120 | 	echo -n "Tamanho do cabeçalho IP: "
121 | 	aux=$(echo $bytes | cut -d " " -f $byte | cut -c2)
122 | 	let aux=$aux*4
123 | 	ipheader=$aux
124 | 	printf "\033[33;1m$aux bytes\n\033[m"
125 | 
126 | 	echo -n "Tamanho total do pacote: "
127 | 	aux=$(printf %d 0x$(echo $bytes | cut -d " " -f $(( $byte+2 )),$(( $byte+3 )) | sed 's/ //g'))
128 | 	printf "\033[33;1m$aux bytes\n\033[m"
129 | 
130 | 	echo -n "ID: "
131 | 	id=$(echo $bytes | cut -d " " -f $(( $byte+4 )),$(( $byte+5 )) | sed 's/ //g')
132 | 	aux=$(printf "%d\n" 0x$id)
133 | 	printf "\033[33;1m$aux\n\033[m"
134 | 
135 | 	echo -n "Flag: "
136 | 	flag=$(echo $bytes | cut -d " " -f $(( $byte+6 )) | cut -c1)
137 | 	if [ $flag = "2" ]
138 | 	then
139 | 		printf "\033[33;1mMore fragments\n\033[m"
140 | 	elif [ $flag = "4" ]
141 | 	then
142 | 		printf "\033[33;1mDon't fragment\n\033[m"
143 | 	else
144 | 		printf "\033[33;1mNo flag set\n\033[m"
145 | 	fi
146 | 	echo -n "Offset: "
147 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+6 )),$(( $byte+7 )) | sed 's/ //g' | cut -c2,3,4))
148 | 	printf "\033[33;1m$aux\n\033[m"
149 | 
150 | 
151 | 	echo -n "TTL: "
152 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+8 ))))
153 | 	printf "\033[33;1m$aux\n\033[m"
154 | 
155 | 	#DEFINE O PROTOCOLO PARA SER UTILIZADO NA DESCRICAO DA CAMADA 4
156 | 	echo -n "Protocolo: "
157 | 	proto=$(echo $bytes | cut -d " " -f $(( $byte+9 )))
158 | 	if [ $proto = "01" ]
159 | 	then
160 | 		printf "\033[33;1mICMP\n\033[m"
161 | 		proto="ICMP"
162 | 	elif [ $proto = "06" ]
163 | 	then
164 | 		printf "\033[33;1mTCP\n\033[m"
165 | 		proto="TCP"
166 | 	elif [ $proto = "11" ]
167 | 	then
168 | 		printf "\033[33;1mUDP\n\033[m"
169 | 		proto="UDP"
170 | 	else
171 | 		printf "\033[33;1mProcure o protocolo $proto em /etc/protocols\n\033[m"
172 | 	fi
173 | 
174 | 	echo -n "Src IP: "
175 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+12 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+13 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+14 )))  0x$(echo $bytes | cut -d " " -f 30))
176 | 	printf "\033[33;1m$aux\n\033[m"
177 |     
178 | 	echo -n "Dst IP: "
179 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+16 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+17 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+18 )))  0x$(echo $bytes | cut -d " " -f $(( $byte+19 ))))
180 | 	printf "\033[33;1m$aux\n\033[m"
181 | 
182 | 	#DESLOCA O PONTEIRO DE BYTES PARA A POSICAO IMEDIATAMENTE POSTERIOR AO CABECALHO IP
183 | 	byte=$(( $byte + $ipheader ))
184 | 	echo
185 | #=======================================ARP=======================================
186 | elif [ "$proto" = "0806" ] || [ "$proto" =  "ARP" ]
187 | then
188 | 	echo -n "EhterType: "
189 |     printf "\033[33;1mARP\n\033[m"
190 | 
191 | 	echo
192 | 	printf "\033[32;1m=============ARP=============\n\033[m"
193 | 
194 | 	echo -n "Hardware Type: "
195 | 	aux=$(echo $bytes | cut -d " " -f $byte,$(( $byte+1 )) | sed 's/ //g')
196 | 	if [ $aux = "0001" ]
197 | 	then
198 | 		printf "\033[33;1mEthernet\n\033[m"
199 | 	else
200 | 		printf "\033[33;1mVerifique em https://www.iana.org/assignments/arp-parameters/arp-parameters.xhtml o tipo de hardware número $aux\n\033[m"
201 | 	fi
202 | 
203 | 	echo -n "Protocol Type: "
204 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+2 )),$(( $byte+3 )) | sed 's/ //g')
205 | 	if [ $aux = "0800" ]
206 | 	then
207 | 		printf "\033[33;1mIPv4\n\033[m"
208 | 	else
209 | 		printf "\033[33;1mVerifique em https://www.wikiwand.com/en/EtherType o tipo de protocolo número $aux\n\033[m"
210 | 	fi
211 | 
212 | 	echo -n "Hardware Address Length: "
213 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+4 )))
214 | 	printf "\033[33;1m$aux\n\033[m"
215 | 
216 | 	echo -n "Protocol Address Length: "
217 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+5 )))
218 | 	printf "\033[33;1m$aux\n\033[m"
219 | 
220 | 	echo -n "Op Code: "
221 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+6 )),$(( $byte+7 )) | sed 's/ //g')
222 | 	if [ $aux = "0001" ]
223 | 	then
224 | 		printf "\033[33;1mRequest (1)\n\033[m"
225 | 	elif [ $aux = "0002" ]
226 | 	then
227 | 		printf "\033[33;1mReply (2)\n\033[m"
228 | 	else
229 | 		printf "\033[33;1mOp Code não reconhecido ($aux)\n\033[m"
230 | 	fi
231 | 
232 | 	echo -n "Sender MAC Address: "
233 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+8 ))-$(( $byte+13 )))
234 | 	printf "\033[33;1m$aux\n\033[m"
235 | 
236 | 	echo -n "Sender Protocol Adress: "
237 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+14 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+15 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+16 )))  0x$(echo $bytes | cut -d " " -f $(( $byte+17 ))))
238 | 	printf "\033[33;1m$aux\n\033[m"
239 | 
240 | 	echo -n "Target MAC Address: "
241 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+18 ))-$(( $byte+23 )))
242 | 	printf "\033[33;1m$aux\n\033[m"
243 | 
244 | 	echo -n "Target Protocol Adress: "
245 | 	aux=$(printf "%d.%d.%d.%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+24 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+25 ))) 0x$(echo $bytes | cut -d " " -f $(( $byte+26 )))  0x$(echo $bytes | cut -d " " -f $(( $byte+27 ))))
246 | 	printf "\033[33;1m$aux\n\033[m"
247 | 
248 | 	#LEITURA DO PAYLOAD
249 | 	echo
250 | 	printf "\033[32;1m==========PAYLOAD============\n\033[m"
251 | 	bytes=$(echo $bytes | cut -d " " -f $(( $byte+28 ))-)
252 | 	for b in $bytes
253 | 	do
254 | 	        printf "\033[33;1m\x$b\033[m"
255 | 	        sleep 0.005
256 | 	done
257 | fi
258 | 
259 | #====================================CAMADA 4====================================
260 | #======================================TCP=======================================
261 | if [ $proto = "TCP" ]
262 | then
263 | 	printf "\033[32;1m===========T C P=============\n\033[m"
264 | 
265 | 	echo -n "Src port: "
266 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $byte,$(( $byte+1 )) | sed 's/ //g'))
267 | 	printf "\033[33;1m$aux\n\033[m"
268 | 
269 | 	echo -n "Dst port: "
270 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+2 )),$(( $byte+3 )) | sed 's/ //g'))
271 | 	printf "\033[33;1m$aux\n\033[m"
272 | 
273 | 	echo -n "Seq number: "
274 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+4 ))-$(( $byte+7 )) | sed 's/ //g'))
275 | 	printf "\033[33;1m$aux\n\033[m"
276 | 
277 | 	echo -n "Ack number: "
278 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+8 ))-$(( $byte+11 )) | sed 's/ //g'))
279 | 	printf "\033[33;1m$aux\n\033[m"
280 | 
281 | 	echo -n "Tamanho do cabeçalho TCP: "
282 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+12 )) | cut -c1)
283 | 	aux=$(printf %d 0x$aux)
284 | 	let aux=$aux*4
285 | 	tcpheader=$aux
286 | 	printf "\033[33;1m$aux bytes\n\033[m"
287 | 
288 | 	echo "Flags: U A P R S F"
289 | 	echo "       R C S S Y I"
290 | 	echo "       G K H T N N"
291 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+12 )),$(( $byte+13 )) | cut -c2-5 | sed 's/ //g')
292 | 	flag=$(echo "obase=2; ibase=16; $aux" | bc)
293 | 	aux=0" $(echo -n "$flag" | cut -c1)"
294 | 	aux=$aux" $(echo -n " $flag" | cut -c3)"
295 | 	aux=$aux" $(echo -n " $flag" | cut -c4)"
296 | 	aux=$aux" $(echo -n " $flag" | cut -c5)"
297 | 	aux=$aux" $(echo -n " $flag" | cut -c6)"
298 | 	printf "\033[33;1m       $aux\n\033[m"
299 | 
300 | 	#LEITURA DO PAYLOAD
301 | 	echo
302 | 	printf "\033[32;1m==========PAYLOAD============\n\033[m"
303 | 	bytes=$(echo $bytes | cut -d " " -f $(( $byte+$tcpheader ))-)
304 | 	for b in $bytes
305 | 	do
306 | 			printf "\033[33;1m\x$b\033[m"
307 | 			sleep 0.005
308 | 	done
309 | #=======================================UDP=======================================
310 | elif [ $proto = "UDP" ]
311 | then
312 | 	printf "\033[32;1m===========U D P=============\n\033[m"
313 | 	echo -n "Src port: "
314 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $byte,$(( $byte+1 )) | sed 's/ //g'))
315 | 	printf "\033[33;1m$aux\n\033[m"
316 | 
317 | 	echo -n "Dst port: "
318 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+2 )),$(( $byte+3 )) | sed 's/ //g'))
319 | 	printf "\033[33;1m$aux\n\033[m"
320 | 
321 | 	echo -n "Tamanho do cabeçalho UDP: "
322 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+4 )),$(( $byte+5 )) | sed 's/ //g')
323 | 	aux=$(printf %d 0x$aux)
324 | 	udpheader=$aux
325 | 	printf "\033[33;1m$aux bytes\n\033[m"
326 | 
327 | 	#LEITURA DO PAYLOAD
328 | 	echo
329 | 	printf "\033[32;1m==========PAYLOAD============\n\033[m"
330 | 	bytes=$(echo $bytes | cut -d " " -f $(( $byte+8 ))-)
331 | 	for b in $bytes
332 | 	do
333 | 			printf "\033[33;1m\x$b\033[m"
334 | 			sleep 0.005
335 | 	done
336 | #=======================================ICMP=======================================
337 | elif [ $proto = "ICMP" ]
338 | then
339 | 	printf "\033[32;1m===========ICMP=============\n\033[m"
340 | 	echo -n "Type: "
341 | 	aux=$(echo $bytes | cut -d " " -f $byte)
342 | 	if [ $aux = "01" ]
343 | 	then
344 | 		printf "\033[33;1mEcho Reply (1)\n\033[m"
345 | 	elif [ $aux = "03" ]
346 | 	then
347 | 		printf "\033[33;1mDestination Unreachable (3)\n\033[m"
348 | 	elif [ $aux = "08" ]
349 | 	then
350 | 		printf "\033[33;1mEcho Request (8)\n\033[m"
351 | 	elif [ $aux = "11" ]
352 | 	then
353 | 		printf "\033[33;1mTime Exceeded (11)\n\033[m"
354 | 	else
355 | 		printf "\033[33;1mOp Code não reconhecido ($aux)\n\033[m"
356 | 	fi
357 | 
358 | 	echo -n "Code: "
359 | 	aux=$(printf "%d\n" 0x$(echo $bytes | cut -d " " -f $(( $byte+1 ))))
360 | 	printf "\033[33;1m$aux - Verifique em https://pt.wikipedia.org/wiki/Internet_Control_Message_Protocol\n\033[m"
361 | 
362 | 	echo -n "ID BE: "
363 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+4 )),$(( $byte+5 )) | sed 's/ //g')
364 | 	aux=$(printf %d 0x$aux)
365 | 	printf "\033[33;1m$aux\n\033[m"
366 | 
367 | 	echo -n "ID LE: "
368 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+5 )))
369 | 	aux=$aux$(echo $bytes | cut -d " " -f $(( $byte+4 )))
370 | 	aux=$(printf %d 0x$aux)
371 | 	printf "\033[33;1m$aux\n\033[m"
372 | 
373 | 	echo -n "Seq number BE: "
374 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+6 )),$(( $byte+7 )) | sed 's/ //g')
375 | 	aux=$(printf %d 0x$aux)
376 | 	printf "\033[33;1m$aux\n\033[m"
377 | 
378 | 	echo -n "Seq number LE: "
379 | 	aux=$(echo $bytes | cut -d " " -f $(( $byte+7 )))
380 | 	aux=$aux$(echo $bytes | cut -d " " -f $(( $byte+6 )))
381 | 	aux=$(printf %d 0x$aux)
382 | 	printf "\033[33;1m$aux\n\033[m"
383 | 	
384 | 	#LEITURA DO PAYLOAD
385 | 	echo
386 | 	printf "\033[32;1m==========PAYLOAD============\n\033[m"
387 | 	bytes=$(echo $bytes | cut -d " " -f $(( $byte+7 ))-)
388 | 	for b in $bytes
389 | 	do
390 | 			printf "\033[33;1m\x$b\033[m"
391 | 			sleep 0.005
392 | 	done
393 | else
394 | 	printf "\033[31;1m\nESTE SCRIPT SUPORTA APENAS IPv4 e ARP!\n\033[m"
395 |     printf "\033[33;1mVERIFIQUE OS PARÂMETROS!\n\033[m"
396 |     divisao
397 | 	exit 1
398 | fi
399 | echo
400 | divisao
401 | exit 0
402 | 


--------------------------------------------------------------------------------