Secure multithreaded packet sniffer

Related tags

Security tools rust pcap network sniffer sandboxed
Overview

sniffglue Build Status Crates.io

sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as possible by default.

screenshot

Usage

# sniff with default filters (dhcp, dns, tls, http)
sniffglue enp0s25
# increase the filter sensitivity (arp)
sniffglue -v enp0s25
# increase the filter sensitivity (cjdns, ssdp, dropbox, packets with valid utf8)
sniffglue -vv enp0s25
# almost everything
sniffglue -vvv enp0s25
# everything
sniffglue -vvvv enp0s25

Installation

Arch Linux

pacman -S sniffglue

Mac OSX

brew install sniffglue

Debian/Ubuntu/Kali

There are prebuilt packages signed by a debian maintainer. We can import the key for this repository out of the debian keyring.

apt install debian-keyring
gpg -a --export --keyring /usr/share/keyrings/debian-maintainers.gpg [email protected] | apt-key add -
apt-key adv --keyserver keyserver.ubuntu.com --refresh-keys [email protected]
echo deb http://apt.vulns.sexy stable main > /etc/apt/sources.list.d/apt-vulns-sexy.list
apt update
apt install sniffglue

Alpine

apk add sniffglue

Gentoo

layman -a pentoo
emerge --ask net-analyzer/sniffglue

NixOS

nix-env -i sniffglue

From source

To build from source make sure you have libpcap and libseccomp installed. On debian based systems:

# install the dependencies
sudo apt install libpcap-dev libseccomp-dev
# install rust with rustup
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source $HOME/.cargo/env
# install sniffglue and test it
cargo install sniffglue
sniffglue --help

Or you can build a Debian package via cargo-deb:

cargo deb

Protocols

  • ethernet
  • ipv4
  • ipv6
  • arp
  • tcp
  • udp
  • icmp
  • http
  • tls
  • dns
  • dhcp
  • cjdns eth beacons
  • ssdp
  • dropbox beacons
  • 802.11

Docker

You can build sniffglue as a docker image to debug container setups. The image is currently about 11.1MB. It is recommended to push it to your own registry.

docker build -t sniffglue .
docker run -it --init --rm --net=host sniffglue eth0

Security

To report a security issue please contact kpcyrd on ircs://irc.hackint.org.

Seccomp

To ensure a compromised process doesn't compromise the system, sniffglue uses seccomp to restrict the syscalls that can be used after the process started. This is done in two stages, first at the very beginning (directly after env_logger initialized) and once after the sniffer has been setup, but before packets are read from the network.

Hardening

During the second stage, there's also some general hardening that is applied before all unneeded syscalls are finally disabled. Those are system specific, so a configuration file is read from /etc/sniffglue.conf. This config file specifies an empty directory for chroot and an unprivileged account in user that is used to drop root privileges.

boxxy-rs

This project includes a small boxxy-rs based shell that can be used to explore the sandbox at various stages during and after initialization. This is also used by travis to ensure the sandbox actually blocks syscalls.

cargo run --example boxxy

Reproducible builds

This project is tested using reprotest. Currently the following variations are excluded:

  • -time - needed because the crates.io cert expires in the future
  • -domain_host - requires root for unshare(2) and has been excluded

Don't forget to install the build dependencies.

ci/reprotest.sh

Fuzzing

The packet processing of sniffglue can be fuzzed using cargo-fuzz. Everything you should need is provided in the fuzz/ directory that is distributed along with its source code. Please note that this program links to libpcap which is not included in the current fuzzing configuration.

cargo fuzz run read_packet

License

GPLv3+

Comments
  • Not-quite-live output

    Not-quite-live output

    When using sniffglue to capture packages, output takes an extremly long time to show up.

    This is a cast recorded w/o cutting out breaks of the delay between making a request and seeing that request actually show up https://asciinema.org/a/l4MTLV8Qf49D1mUNVSf4oXXEj

    Is this "intended behavior"? Is this a bug? Is maybe my system misconfigured?(1)

    Versions:

    • sniffglue: sniffglue 0.9.0
    • os (arch): Linux sigma 5.3.12-arch1-1 #1 SMP PREEMPT Wed, 20 Nov 2019 19:45:16 +0000 x86_64 GNU/Linux
    • core/libpcap 1.9.1-2
    • core/libseccomp 2.4.1-3
    • rustc rustc 1.39.0 (4560ea788 2019-11-04)
    • cargo cargo 1.39.0 (1c6ec66d5 2019-09-30)

    (1): If this is the case then its my fault, but it would be nice to know

    opened by HeapUnderfl0w 5
  • Crash on Fedora 34 without `--insecure-disable-seccomp`

    Crash on Fedora 34 without `--insecure-disable-seccomp`

    Hello there!

    I recently tried sniffglue, which looks quite great. As it's not packaged on Fedora yet, I installed it with a simple cargo install sniffglue.

    Unfortunately, without running it with the --insecure-disable-seccomp flag, it instantly crashes on my machine.
    Here is a backtrace from the core dump:

    (gdb) bt
#0  0x00007efdb5da4b8b in getpid () from /lib64/libc.so.6
#1  0x00007efdb5c15350 in generate_local_port () from /lib64/libnl-3.so.200
#2  0x00007efdb5c1ff86 in nl_connect () from /lib64/libnl-3.so.200
#3  0x00007efdb5ccb4fb in find_sysfs_devs_nl () from /lib64/libibverbs.so.1
#4  0x00007efdb5cc916d in ibv_get_device_list () from /lib64/libibverbs.so.1
#5  0x00007efdb6067580 in rdmasniff_findalldevs () from /lib64/libpcap.so.1
#6  0x00007efdb6067c39 in pcap_findalldevs () from /lib64/libpcap.so.1
#7  0x00007efdb6068267 in pcap_lookupdev () from /lib64/libpcap.so.1
#8  0x000055c01c3d19f2 in sniffglue::sniff::default_interface () at src/sniff.rs:62
#9  0x000055c01c35ad52 in sniffglue::main () at src/main.rs:34

    Indeed, once in seccomp mode, it seems legit not to be able to call getpid()... As to why libnl-3 ends up here, that will have to remain a mystery to me for tonight...

    Do you need anything more? I probably won't be able to dig that further, as I have basically no idea of what's going on, but I can help test some stuff.

    opened by Hyask 4
  • Fails to compile on Ubuntu 18.04

    Fails to compile on Ubuntu 18.04

    Hello,

    A git checkout v0.10.1 fails to build with cargo build --release. cargo build succeeds. libpcap-dev and libseccomp-dev are installed. Here is the error:

    sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff4open17hb8e84e2e0b7f71bfE+0xe8): undefined reference to pcap_create' sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff4open17hb8e84e2e0b7f71bfE+0x109): undefined reference topcap_set_promisc' sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff4open17hb8e84e2e0b7f71bfE+0x11e): undefined reference to pcap_set_immediate_mode' sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff4open17hb8e84e2e0b7f71bfE+0x127): undefined reference topcap_activate' sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff4open17hb8e84e2e0b7f71bfE+0x138): undefined reference to pcap_geterr' /home/josh/Projects/sniffglue/target/release/deps/libsniffglue-c5fa3a636927f4ab.rlib(sniffglue-c5fa3a636927f4ab.sniffglue.dnmhg9ku-cgu.10.rcgu.o): In functionsniffglue::sniff::open_file': sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff9open_file17h283fbc9cc6b717a9E+0xe2): undefined reference to pcap_open_offline' /home/josh/Projects/sniffglue/target/release/deps/libsniffglue-c5fa3a636927f4ab.rlib(sniffglue-c5fa3a636927f4ab.sniffglue.dnmhg9ku-cgu.10.rcgu.o): In functionsniffglue::sniff::default_interface': sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff17default_interface17h845f99d15545b423E+0x9c): undefined reference to pcap_lookupdev' /home/josh/Projects/sniffglue/target/release/deps/libsniffglue-c5fa3a636927f4ab.rlib(sniffglue-c5fa3a636927f4ab.sniffglue.dnmhg9ku-cgu.10.rcgu.o): In functionsniffglue::sniff::Cap::datalink': sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff3Cap8datalink17h5645d7000768c5a4E+0x5): undefined reference to pcap_datalink' /home/josh/Projects/sniffglue/target/release/deps/libsniffglue-c5fa3a636927f4ab.rlib(sniffglue-c5fa3a636927f4ab.sniffglue.dnmhg9ku-cgu.10.rcgu.o): In functionsniffglue::sniff::Cap::next': sniffglue.dnmhg9ku-cgu.10:(.text._ZN9sniffglue5sniff3Cap4next17hd3bdc1a1d5f3cdc7E+0x1b): undefined reference to pcap_next_ex' /home/josh/Projects/sniffglue/target/release/deps/libsniffglue-c5fa3a636927f4ab.rlib(sniffglue-c5fa3a636927f4ab.sniffglue.dnmhg9ku-cgu.10.rcgu.o): In function<sniffglue::sniff::Cap as core::ops::drop::Drop>::drop': sniffglue.dnmhg9ku-cgu.10:(.text.ZN63$LT$sniffglue..sniff..Cap$u20$as$u20$core..ops..drop..Drop$GT$4drop17hdb74488eeb23f80cE+0x5): undefined reference to `pcap_close' collect2: error: ld returned 1 exit status

    opened by jabedude 3
  • Installation on WSL fails to run

    Installation on WSL fails to run

    Hi, first of all a BIG THANK YOU for sharing your work! I'm trying to install sniffglue on WSL every thing goes well without any errors but when I want to run it have this error:

    rbeen@------:~$ sudo .cargo/bin/sniffglue [sudo] password for rbeen: thread 'main' panicked at 'init sandbox stage1: Seccomp(Error { inner: "seccomp_load returned error" })', src/libcore/result.rs:999:5 note: Run withRUST_BACKTRACE=1environment variable to display a backtrace. rbeen@------:~$

    Can it be fixed? Thanks in advance! Best regards,

    Rbeen

    opened by djrbeen 3
  • ppp support

    ppp support

    Seems like ppp interfaces are not supported now:

    $ sniffglue ppp0
Listening on device: "ppp0", verbosity 0/4
Error: Unknown link type: 113
    opened by felixonmars 2
  • Fails to compile on FreeBSD

    Fails to compile on FreeBSD

    Hi, i compiled last version from master but i have issues with pcap library with cargo build

    error: linking with `cc` failed: exit status: 1
|
 = note: "cc" "-m64" "-Wl,--eh-frame-hdr" "-Wl,-znoexecstack" "-Wl,--as-needed" "-L" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.0.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.1.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.10.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.11.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.12.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.13.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.14.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.15.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.2.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.3.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.4.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.5.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.6.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.7.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.8.rcgu.o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.sniffglue.199zzf55-cgu.9.rcgu.o" "-o" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/sniffglue-3b5ddd55e66c3ff9.2vu11454cf0imu7h.rcgu.o" "-Wl,--gc-sections" "-pie" "-Wl,-zrelro" "-Wl,-znow" "-nodefaultlibs" "-L" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps" "-L" "/usr/lib" "-L" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib" "-Wl,-Bstatic" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnum_cpus-639657f3193f6ea4.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libpcap_sys-21470a2bbf6780f1.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libbase64-f088c95b91f1fa96.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libusers-8e3f5640944461f1.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtoml-2bc04a3634e1ddf4.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libdirs_next-0457238c4bf4f499.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libdirs_sys_next-c3a3bf12a7d35504.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libserde_json-3ae60cb4dc81e2dd.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libitoa-a2d0520580a7e55e.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libdns_parser-f6119bce0da170e6.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libquick_error-48a3b455b21f259b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libbyteorder-6af6ff36306c647b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnix-3f0c67acff9f50d4.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libmemoffset-9a6fa1a51e0f4d9e.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libanyhow-fb7838929ab67b5b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtls_parser-14780e84989bd7dc.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libphf-15e890e202e822cc.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libphf_shared-da38f24dcb395d81.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsiphasher-4109af6f86bf27d9.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libenum_primitive-ffd6025359d71ba8.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnum_traits-6682e42ef240bf12.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/librusticata_macros-22fe164abc9b5b0b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libdhcp4r-91e266b0ad5e4bdd.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnom-6a596f739df36458.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/liblexical_core-d8989d57e03d1712.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libryu-64dce06faff9177b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libstatic_assertions-1cf41601918d89dc.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libarrayvec-88a110529c9083fc.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libbitvec-f2401cec1d306498.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libfunty-55f994380efe41c5.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libwyz-149bb82812acce89.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtap-dd207f7ce21663a9.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libradium-953be313d1a9dc2b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnum_traits-f09ed6493013efb2.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libenv_logger-81f824e4c9058204.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtermcolor-3537322170adc5a5.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libhumantime-6e983d77d498d5ea.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/liblog-d2dab3a6ca052573.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libregex-776e11026c6184d6.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libaho_corasick-76f2cdd78a01d9c2.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libregex_syntax-cc34ad437ed2329b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libpktparse-b305ab18af25786d.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libserde-40b54b7fb125bf41.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libnom-d8c565038a4d718d.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libminimal_lexical-c278fbf4782ca2f6.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsha2-f49ea05dd23f6c63.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libcpufeatures-cab6d3d94bb598d4.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libcfg_if-23cb98e16ba5841d.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libopaque_debug-224dfe0b90175c44.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libdigest-85b9bcd5f986e3e1.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libblock_buffer-3573700c45fc367f.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libgeneric_array-76e370859aadfbab.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtypenum-4db9a3482fc44427.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libreduce-e7a79a63611e94f5.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libbstr-8204b148110efbba.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libregex_automata-94540d315e7aec16.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libmemchr-2837751a30202fcb.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libansi_term-0b75e44c061c2ef1.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libstructopt-29596c91e2827dc2.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/liblazy_static-b8135df487646045.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libclap-3c319a3f938bf655.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libvec_map-07ba8c61b75c000d.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libtextwrap-93c08dd71e827c49.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libunicode_width-4b893a81a089af3b.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libstrsim-e355c483d783f5b9.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libbitflags-2a3c73b01af5e903.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libatty-8349e9daad0087a0.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/liblibc-d66410fb2703b7e5.rlib" "/usr/home/maxfx/Documents/sniffglue/target/debug/deps/libansi_term-67062a840ec62e67.rlib" "-Wl,--start-group" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libstd-60484778edbab02a.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libpanic_unwind-dc2ae4d0a466e49f.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libminiz_oxide-4ffdbfe2ec17bf17.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libadler-c0c35bf5c8faaa12.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libobject-2f585d565898c512.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libaddr2line-c4981ba22728774a.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libgimli-53f3ea5ca1698b2e.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libstd_detect-ca404df982551ee0.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/librustc_demangle-6cc518f71c9c2316.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libhashbrown-df5cfc7c9e693ffe.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/librustc_std_workspace_alloc-05242e744576510b.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libunwind-9845119b8b6a2916.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libcfg_if-6c8ff242046b1c52.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/liblibc-85760c759f190965.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/liballoc-3a190eca975ddd7e.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/librustc_std_workspace_core-7525106f2a6b24a2.rlib" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libcore-4ee7510cd643b335.rlib" "-Wl,--end-group" "/usr/local/lib/rustlib/x86_64-unknown-freebsd/lib/libcompiler_builtins-46641b4a03e19e40.rlib" "-Wl,-Bdynamic" "-lrt" "-lutil" "-lexecinfo" "-lutil" "-lprocstat" "-lexecinfo" "-lpthread" "-lgcc_s" "-lc" "-lm" "-lrt" "-lpthread" "-lrt" "-lutil" "-lutil"
 = note: ld: error: undefined symbol: pcap_create
         >>> referenced by sniff.rs:17 (src/sniff.rs:17)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open::h282e1377d6a42fc2) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_set_promisc
         >>> referenced by sniff.rs:25 (src/sniff.rs:25)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open::h282e1377d6a42fc2) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_set_immediate_mode
         >>> referenced by sniff.rs:29 (src/sniff.rs:29)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open::h282e1377d6a42fc2) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_activate
         >>> referenced by sniff.rs:32 (src/sniff.rs:32)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open::h282e1377d6a42fc2) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_geterr
         >>> referenced by sniff.rs:34 (src/sniff.rs:34)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open::h282e1377d6a42fc2) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_open_offline
         >>> referenced by sniff.rs:47 (src/sniff.rs:47)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::open_file::h6b536c1658bb4bce) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_lookupdev
         >>> referenced by sniff.rs:62 (src/sniff.rs:62)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::default_interface::h5f81dc2051d01a41) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_datalink
         >>> referenced by sniff.rs:74 (src/sniff.rs:74)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::Cap::datalink::h56ac48274576ae37) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_next_ex
         >>> referenced by sniff.rs:83 (src/sniff.rs:83)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(sniffglue::sniff::Cap::next_pkt::h791983a6c409863f) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         
         ld: error: undefined symbol: pcap_close
         >>> referenced by sniff.rs:106 (src/sniff.rs:106)
         >>>               sniffglue-bf1eb365f3317f48.sniffglue.9mn4iqw5-cgu.13.rcgu.o:(_$LT$sniffglue..sniff..Cap$u20$as$u20$core..ops..drop..Drop$GT$::drop::h99b326b0cef8db1a) in archive /usr/home/maxfx/Documents/sniffglue/target/debug/deps/libsniffglue-bf1eb365f3317f48.rlib
         cc: error: linker command failed with exit code 1 (use -v to see invocation)
         

error: aborting due to previous error

error: could not compile `sniffglue`
    opened by Martinfx 2
  • Update dhcp4r dependency to 0.2.0

    Update dhcp4r dependency to 0.2.0

    Among other things, this should remove the need for the workaround for krolaw/dhcp4r#6. Also, sniffglue can rely on more types from dhcp4r without having to hand-parse certain DHCP options.

    opened by lkolbly 2
  • Fails to compile via cargo install sniffglue

    Fails to compile via cargo install sniffglue

    On MacOS and Ubuntu, the same error preventing installation while running "cargo install sniffglue"

    Dell-3:~$ cargo install sniffglue Updating crates.io index Installing sniffglue v0.9.0 Compiling libc v0.2.58 Compiling autocfg v0.1.4 Compiling rand_core v0.4.0 Compiling siphasher v0.2.3 Compiling proc-macro2 v0.4.30 Compiling memchr v2.2.0 Compiling unicode-xid v0.1.0 Compiling typenum v1.10.0 Compiling version_check v0.1.5 Compiling byteorder v1.3.2 Compiling bitflags v1.1.0 Compiling syn v0.15.38 Compiling regex v1.1.7 Compiling unicode-width v0.1.5 Compiling ryu v0.2.8 Compiling ucd-util v0.1.3 Compiling unicode-segmentation v1.3.0 Compiling serde v1.0.93 Compiling lazy_static v1.3.0 Compiling byte-tools v0.3.1 Compiling pcap v0.7.0 Compiling strsim v0.8.0 Compiling vec_map v0.8.1 Compiling quick-error v1.2.2 Compiling nix v0.14.1 Compiling cfg-if v0.1.9 Compiling utf8-ranges v1.0.3 Compiling ansi_term v0.11.0 Compiling termcolor v1.0.5 Compiling void v1.0.2 Compiling itoa v0.4.4 Compiling opaque-debug v0.2.2 Compiling fake-simd v0.1.2 Compiling cookie-factory v0.2.4 Compiling reduce v0.1.2 Compiling phf_shared v0.7.24 Compiling rand_core v0.3.1 Compiling rand_chacha v0.1.1 Compiling rand_pcg v0.1.2 Compiling rand v0.6.5 Compiling num-traits v0.2.8 Compiling nom v4.2.3 Compiling textwrap v0.11.0 Compiling regex-syntax v0.6.7 Compiling block-padding v0.1.4 Compiling thread_local v0.3.6 Compiling humantime v1.2.0 Compiling log v0.4.6 Compiling heck v0.3.1 Compiling rand_hc v0.1.0 Compiling rand_isaac v0.1.1 Compiling rand_xorshift v0.1.1 Compiling phf v0.7.24 Compiling rand_os v0.1.3 Compiling rand_jitter v0.1.4 Compiling atty v0.2.11 Compiling time v0.1.42 Compiling dirs-sys v0.3.3 Compiling num_cpus v1.10.1 Compiling users v0.9.1 Compiling aho-corasick v0.7.3 Compiling dns-parser v0.8.0 Compiling base64 v0.10.1 Compiling clap v2.33.0 Compiling generic-array v0.12.0 Compiling threadpool v1.7.1 Compiling dirs v2.0.1 Compiling quote v0.6.12 Compiling dhcp4r v0.1.0 Compiling rusticata-macros v1.1.0 Compiling num-traits v0.1.43 Compiling digest v0.8.0 Compiling block-buffer v0.7.3 Compiling enum_primitive v0.1.1 Compiling sha2 v0.8.0 Compiling toml v0.5.1 Compiling serde_json v1.0.39 Compiling phf_generator v0.7.24 Compiling phf_codegen v0.7.24 Compiling tls-parser v0.7.1 Compiling env_logger v0.6.1 Compiling structopt-derive v0.2.16 Compiling serde_derive v1.0.93 Compiling structopt v0.2.16 Compiling pktparse v0.4.0 Compiling sniffglue v0.9.0 error[E0432]: unresolved imports nix::unistd::getgroups, nix::unistd::setgroups --> /Users/skickar/.cargo/registry/src/github.com-1ecc6299db9ec823/sniffglue-0.9.0/src/sandbox/mod.rs:7:45 | 7 | use nix::unistd::{Uid, Gid, setuid, setgid, getgroups, setgroups}; | ^^^^^^^^^ ^^^^^^^^^ no setgroups in unistd | | | no getgroups in unistd

    error[E0432]: unresolved import syscallz --> /Users/skickar/.cargo/registry/src/github.com-1ecc6299db9ec823/sniffglue-0.9.0/src/sandbox/error.rs:3:5 | 3 | use syscallz; | ^^^^^^^^ no syscallz in the root

    error[E0119]: conflicting implementations of trait std::convert::From<[type error]> for type sandbox::error::Error: --> /Users/skickar/.cargo/registry/src/github.com-1ecc6299db9ec823/sniffglue-0.9.0/src/sandbox/error.rs:23:1 | 17 | impl Fromsyscallz::Error for Error { | ------------------------------------ first implementation here ... 23 | impl Fromconfig::Error for Error { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ conflicting implementation for sandbox::error::Error

    error[E0119]: conflicting implementations of trait std::convert::From<[type error]> for type sandbox::error::Error: --> /Users/skickar/.cargo/registry/src/github.com-1ecc6299db9ec823/sniffglue-0.9.0/src/sandbox/error.rs:29:1 | 17 | impl Fromsyscallz::Error for Error { | ------------------------------------ first implementation here ... 29 | impl Fromnix::Error for Error { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ conflicting implementation for sandbox::error::Error

    error[E0119]: conflicting implementations of trait std::convert::From<[type error]> for type sandbox::error::Error: --> /Users/skickar/.cargo/registry/src/github.com-1ecc6299db9ec823/sniffglue-0.9.0/src/sandbox/error.rs:35:1 | 17 | impl Fromsyscallz::Error for Error { | ------------------------------------ first implementation here ... 35 | impl Fromstd::io::Error for Error { | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ conflicting implementation for sandbox::error::Error

    error: aborting due to 5 previous errors

    Some errors occurred: E0119, E0432. For more information about an error, try rustc --explain E0119. error: failed to compile sniffglue v0.9.0, intermediate artifacts can be found at /var/folders/n1/l_2ynlx91lv57t122lq8lkyh0000gn/T/cargo-installe89ORx

    Caused by: Could not compile sniffglue.

    opened by skickar 2
  • libpcap error: socket: Operation not permitted

    libpcap error: socket: Operation not permitted

    Hello, when I run sniffglue like in README.md

    sniffglue `ip addr | awk '/state UP/ {print $2}' | sed 's/.$//'`

    I got an error:

    Failed to open interface "xxxx": libpcap error: socket: Operation not permitted

    I have to use :

    sudo `which sniffglue`  `ip addr | awk '/state UP/ {print $2}' | sed 's/.$//'`

    Do I need to run as root every time?

    opened by GopherJ 2
  • Bump regex from 1.3.8 to 1.5.6 in /fuzz

    Bump regex from 1.3.8 to 1.5.6 in /fuzz

    Bumps regex from 1.3.8 to 1.5.6.

    Changelog

    Sourced from regex's changelog.

    1.5.6 (2022-05-20)

    This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy ? operator was used.

    1.5.5 (2022-03-08)

    This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

    1.5.4 (2021-05-06)

    This release fixes another compilation failure when building regex. This time, the fix is for when the pattern feature is enabled, which only works on nightly Rust. CI has been updated to test this case.

    1.5.3 (2021-05-01)

    This releases fixes a bug when building regex with only the unicode-perl feature. It turns out that while CI was building this configuration, it wasn't actually failing the overall build on a failed compilation.

    1.5.2 (2021-05-01)

    This release fixes a performance bug when Unicode word boundaries are used.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump regex from 1.5.4 to 1.5.6

    Bump regex from 1.5.4 to 1.5.6

    Bumps regex from 1.5.4 to 1.5.6.

    Changelog

    Sourced from regex's changelog.

    1.5.6 (2022-05-20)

    This release includes a few bug fixes, including a bug that produced incorrect matches when a non-greedy ? operator was used.

    1.5.5 (2022-03-08)

    This releases fixes a security bug in the regex compiler. This bug permits a vector for a denial-of-service attack in cases where the regex being compiled is untrusted. There are no known problems where the regex is itself trusted, including in cases of untrusted haystacks.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • [MacOS] Failed to activate interface

    [MacOS] Failed to activate interface

    Description

    Out of the box, running sniffglue with or without arguments on MacOS Monterey 12.6 returns the following error:

    Error: Failed to activate interface: (cannot open BPF device) /dev/bpf0: Permission denied

    Info

    • Failure appears to be originating here: https://github.com/kpcyrd/sniffglue/blob/main/src/sniff.rs#L36
    • sniffglue was installed via Homebrew
    • Docs for pcap_sys::pcap_activate() can be found here (they're blank)
    • It works if you run with sudo
    opened by yatzbim 1
  • Failed to activate interface: BIOCSETIF failed: Device not configured

    Failed to activate interface: BIOCSETIF failed: Device not configured

    Hi @kpcyrd I just came across the project and wanted to try it out on my local network. Invocation of sniffglue ... enp0s25 with all verbose levels results in the same outcome.

    % sudo sniffglue -vvvv enp0s25
Error: Failed to activate interface: BIOCSETIF failed: Device not configured

    I am not sure how to configure the BIOCSETIF ioctl.

    macOS Catalina
Version 10.15.7

    Do you have any ideas? Thank you

    opened by lewismc 2
  • Support for writing out to a pcap file

    Support for writing out to a pcap file

    Before, there was not the ability to output to a pcap formatted file that can be opened by tools like wireshark. This PR adds that support through a new -o or --output flag that allows specifying a pcap output file. It follows with the existing structure (conforming to the verbosity levels) and has no extra parsing overhead if the user does not use the flag.

    opened by ghost-pep 1
Releases(v0.15.0)

  • v0.15.0(Mar 4, 2022)

  • v0.14.0(Oct 27, 2021)

  • v0.13.1(Sep 11, 2021)

  • v0.13.0(Sep 8, 2021)

  • v0.12.1(Apr 27, 2021)

  • v0.12.0(Mar 23, 2021)

  • v0.11.1(May 30, 2020)

  • v0.11.0(May 29, 2020)

  • v0.10.1(Dec 23, 2019)

  • v0.10.0(Dec 21, 2019)

    • The pcap crate has been replaced with direct bindings with pcap-sys to fix a regression due to a recent libpcap update that makes calling pcap_set_immediate_mode mandatory
    • The documentation and flags have been updated to be more obvious, -v has been documented more prominently and --detailed has been renamed to --debugging since it's mostly used for development
    • Fix a sandbox regression with rust 1.40 on arm
    • Updated dhcp4r dependency that resolves an issue that was found by fuzzing sniffglue
    • The noise filter is now more aggressive towards short packets
    Source code(tar.gz)
    Source code(zip)
    sniffglue-0.10.0.tar.gz.asc(850 bytes)

  • v0.9.0(Jun 21, 2019)

  • v0.8.0(Aug 8, 2018)

    Decoders

    • [X] cjdns eth beacons (no other sniffer supports this yet!)

    Sandboxing

    • The seccomp code that was originally written for sniffglue has been extracted into the syscallz crate

    Minor

    • Bump dependencies
    • Fix typo in man page
    Source code(tar.gz)
    Source code(zip)

  • v0.7.0(Jun 1, 2018)

    General

    • The old -x flag was removed and replaced with -v that can be supplied multiple times to allow better filtering control
      • None - Only show the most interesting packets
      • -v - Show somewhat interesting packets as well (this is what I use most of the time)
      • -vv - If you're looking really hard
      • -vvv - Show binary packets as well
      • -vvvv - literally everything
    • Some packets that we couldn't parse used to be discarded, those are now logged as well with a very high noise level

    Decoders

    • [X] ssdp
    • [X] dropbox beacons

    Sandboxing

    • Raspberry Pi 1 support - seccomp has been ported to armv6
    • Raspberry Pi 2 support - seccomp has been ported to armv7
    Source code(tar.gz)
    Source code(zip)

  • v0.6.0(May 22, 2018)

  • v0.5.0(Mar 7, 2018)

    General

    • Json output has been added. You can pipe the output of sniffglue to an arbitrary script that processes the sniffed packets. Like, glueing a script to a sniffer.

    Bugfixes

    • Some seccomp edgecases have been fixed.
    Source code(tar.gz)
    Source code(zip)

  • v0.4.0(Nov 18, 2017)

    General

    • The sniffglue internal syscall table has been dropped and was replaced by the table in rust-lang/libc.

    Security

    • cargo-fuzz found a DoS bug in a dependency that would panic the sniffer. This has been addressed and a regression test has been added.
    • After some curiosity of how the sandbox looks like for an exploited sniffglue process, boxxy-rs has been developed and introduced so you can have a look yourself. This is also used to implement CI tests for the sandbox.
    • The docker image now includes a config file so sniffglue drops privileges inside the container

    Fancy

    • To support the effort of reproducible-builds.org, reprotest has been added to the CI system and every release and PR is tested for reproducibility. This also documents how to build sniffglue binaries in a reproducible way.
    • A musl docker container has been built and seccomp has been adjusted to support musl libc.

    Contributors

    • @mrmaxmeier submitted a patch that added missing syscalls to the seccomp filter. Thanks!
    Source code(tar.gz)
    Source code(zip)

  • v0.3.0(Oct 18, 2017)

    General

    • If you ever get stuck, we now have a man page!
    • Upgrade to nom3

    Decoders

    • [X] arp

    Security

    • sandboxing! (x86_64 only) syscalls are disabled in two stages, before and after initialization completed
    • chroot! shortly before the 2nd seccomp stage is activated, we chroot into an empty folder
    • setuid! after we opened the device for sniffing (and chrooted), we aren't doing anything that needs special privileges, so we setuid to an unprivileged user.

    Keep in mind that seccomp is currently only enabled on x86_64 and chroot/setuid is disabled unless the config at /etc/sniffglue.conf exists.

    Fancy

    • Build a docker image and sniff in container setups
    Source code(tar.gz)
    Source code(zip)

  • v0.2.0(Oct 2, 2017)

    General

    • Improved pretty printing
    • Output defaults to compact
    • You can now read pcaps you've saved for later with sniffglue -r sniff.pcap
    • If stdout is no tty, colors are disabled

    Fancy stuff

    • Benchmarking support (are we fast yet?)
    • Fuzzing support (are we vuln yet?)
    Source code(tar.gz)
    Source code(zip)

  • v0.1.0(Sep 13, 2017)

Owner
Independent security research. Works on backdoor-resistant software distribution. Maintains packages in Arch Linux and Debian. Steals food at conferences.
null
GitHub https://crates.io/crates/sniffglue
Secure drive wipe

Lethe A secure, free, cross-platform and open-source drive wiping utility. Should work with any HDD, SSD (read limitations) and flash drives. The usua

Konstantin Alexandroff 70 Dec 19, 2022
Secure transport for running MPC protocols backed by Signal

MPC over Signal Overview This library provides a high-level interface for connecting to Signal Server and using it to exchange messages with other con

[ZenGo X] 42 Jan 4, 2023
Secure sandboxing system for untrusted code execution

Godbox Secure sandboxing system for untrusted code execution. It uses isolate which uses specific functionnalities of the Linux kernel, thus godbox no

Nathanael Demacon 19 Dec 14, 2022
Cross-platform Secure TUI Secret Locker

SafeCloset keeps your secrets in password protected files. SafeCloset is designed to be convenient and avoid common weaknesses like external editing or temporary files written on disk.

Canop 63 Dec 26, 2022
Secure and fast microVMs for serverless computing.

Our mission is to enable secure, multi-tenant, minimal-overhead execution of container and function workloads. Read more about the Firecracker Charter

firecracker-microvm 20.3k Jan 1, 2023
Secure storage for cryptographic secrets in Rust

secrets secrets is a library to help Rust programmers safely held cryptographic secrets in memory. It is mostly an ergonomic wrapper around the memory

Stephen Touset 165 Dec 22, 2022
Use Touch ID / Secure Enclave for SSH Authentication!

SeKey About SeKey is a SSH Agent that allow users to authenticate to UNIX/Linux SSH servers using the Secure Enclave How it Works? The Secure Enclave

SeKey 2.3k Dec 26, 2022
Cyg will help you to secure files in your repository directly using PGP encryption

cyg: Secure files in your repository Cyg will help you to secure files in your repository directly using PGP encryption. The name "cyg" was inspired b

Hisam Fahri 2 Aug 31, 2022
A simple port sniffer(scanner) implementation with 🦀

A simple port sniffer(scanner) implementation with ?? Install from crates.io crago install ports-sniffer From aur: yay -S ports-sniffer Arguments Argu

Anas Elgarhy 8 Oct 10, 2022
port sniffer, multithreading

SniffSniff I am trying to learn Rust programming language. Here is a small project that sniffs the ports of a given host. I want to give some info wha

Furkan Demir 5 Mar 5, 2023
Sniffer - a tool to quickly inspect csv and flat-file files for basic information

sniffer sniffer is a tool to quickly inspect csv and flat-file files for basic information. Need to see how many rows are in a csv file? Want to see t

Daniel B 10 Apr 4, 2023
Rust DLT (Diagnostic Log and Trace) packet parser

dlt_parse A zero allocation rust library for basic parsing & writing DLT (Diagnostic Log and Trace) packets. Currently only the parsing and writing of

Julian Schmid 23 Dec 16, 2022
Rust crate for interacting with the Windows Packet Filter driver.

NDISAPI-RS NDISAPI-RS is a Rust crate for interacting with the Windows Packet Filter driver. It provides an easy-to-use, safe, and efficient interface

Vadim Smirnov 6 Jun 15, 2023
A decentralized, censorship-resistant, and incentive-compatible packet-routing overlay network

About Earendil is a decentralized, censorship-resistant packet-routing overlay network designed for performance and censorship resistance. It enables

Eric Tung (Yuhao Dong) 8 Jun 24, 2023
Implements the packet parser for Gran Turismo 7 telemetry data, allowing a developer to retrieve data from a running game.

gran-turismo-query Implements the packet parser for Gran Turismo 7 telemetry data, allowing a developer to retrieve data from a running game. Features

Carlos Menezes 3 Dec 11, 2023
A high performance http proxy server & extensions platform & net packet capture tool

CthulhuRs A high performance http proxy server A browser extensions platform A net packet capture tool Demonstration Main features of CthulhuRs Inject

null 5 Apr 30, 2024
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Dec 30, 2022
ARM TrustZone-M example application in Rust, both secure world side and non-secure world side

ARM TrustZone-M example application in Rust, both secure world side and non-secure world side; projects are modified from generated result of cortex-m-quickstart.

null 44 Dec 4, 2022
User-friendly secure computation engine based on secure multi-party computation

CipherCore If you have any questions, or, more generally, would like to discuss CipherCore, please join the Slack community. See a vastly extended ver

CipherMode Labs 356 Jan 5, 2023
A multithreaded programming language!

hydracane A multithreaded programming language! Getting started Coming Soon! Features: Multithreaded Platform independent Folders: src/vm: The Virtual

Krishna Ramasimha 0 Dec 10, 2021