From 99272d15b7c2928d44d9fb077d7484093d2f5e01 Mon Sep 17 00:00:00 2001 From: Laode Muhammad Al Fatih Date: Mon, 19 May 2025 22:39:16 +0700 Subject: [PATCH 1/2] feat: add cidr support for ip spoof detection indicator on lan table --- package-lock.json | 62 +++++++++++++++++-- package.json | 2 + .../lan-table/lan-table.component.ts | 38 ++++++++---- 3 files changed, 85 insertions(+), 17 deletions(-) diff --git a/package-lock.json b/package-lock.json index a03ff1f..2f4732d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,6 +25,8 @@ "compare-versions": "^3.4.0", "core-js": "^2.5.4", "highlight.js": "^9.15.6", + "ip-range-check": "^0.2.0", + "ipaddr.js": "^2.2.0", "jquery": "^3.4.1", "ng": "0.0.0", "ngx-highlightjs": "^3.0.3", @@ -7526,6 +7528,16 @@ "node": ">=4" } }, + "node_modules/internal-ip/node_modules/ipaddr.js": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.10" + } + }, "node_modules/interpret": { "version": "1.2.0", "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.2.0.tgz", @@ -7559,6 +7571,24 @@ "integrity": "sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo=", "dev": true }, + "node_modules/ip-range-check": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/ip-range-check/-/ip-range-check-0.2.0.tgz", + "integrity": "sha512-oaM3l/3gHbLlt/tCWLvt0mj1qUaI+STuRFnUvARGCujK9vvU61+2JsDpmkMzR4VsJhuFXWWgeKKVnwwoFfzCqw==", + "license": "MIT", + "dependencies": { + "ipaddr.js": "^1.0.1" + } + }, + "node_modules/ip-range-check/node_modules/ipaddr.js": { + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", + "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==", + "license": "MIT", + "engines": { + "node": ">= 0.10" + } + }, "node_modules/ip-regex": { "version": "2.1.0", "resolved": "https://registry.npmjs.org/ip-regex/-/ip-regex-2.1.0.tgz", @@ -7569,12 +7599,12 @@ } }, "node_modules/ipaddr.js": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.0.tgz", - "integrity": "sha512-M4Sjn6N/+O6/IXSJseKqHoFc+5FdGJ22sXqnjTpdZweHK64MzEPAyQZyEU3R/KRv2GLoa7nNtg/C2Ev6m7z+eA==", - "dev": true, + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-2.2.0.tgz", + "integrity": "sha512-Ag3wB2o37wslZS19hZqorUnrnzSkpOVy+IiiDEiTqNubEYpYuHWIf6K4psgN2ZWKExS4xhVCrRVfb/wfW8fWJA==", + "license": "MIT", "engines": { - "node": ">= 0.10" + "node": ">= 10" } }, "node_modules/is-accessor-descriptor": { @@ -10544,6 +10574,18 @@ "node": ">=4" } }, + "node_modules/popper.js": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1.tgz", + "integrity": "sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==", + "deprecated": "You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1", + "license": "MIT", + "peer": true, + "funding": { + "type": "opencollective", + "url": "https://opencollective.com/popperjs" + } + }, "node_modules/portfinder": { "version": "1.0.20", "resolved": "https://registry.npmjs.org/portfinder/-/portfinder-1.0.20.tgz", @@ -10881,6 +10923,16 @@ "node": ">= 0.10" } }, + "node_modules/proxy-addr/node_modules/ipaddr.js": { + "version": "1.9.0", + "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.0.tgz", + "integrity": "sha512-M4Sjn6N/+O6/IXSJseKqHoFc+5FdGJ22sXqnjTpdZweHK64MzEPAyQZyEU3R/KRv2GLoa7nNtg/C2Ev6m7z+eA==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">= 0.10" + } + }, "node_modules/prr": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/prr/-/prr-1.0.1.tgz", diff --git a/package.json b/package.json index 4209b89..06eab80 100644 --- a/package.json +++ b/package.json @@ -29,6 +29,8 @@ "compare-versions": "^3.4.0", "core-js": "^2.5.4", "highlight.js": "^9.15.6", + "ip-range-check": "^0.2.0", + "ipaddr.js": "^2.2.0", "jquery": "^3.4.1", "ng": "0.0.0", "ngx-highlightjs": "^3.0.3", diff --git a/src/app/components/lan-table/lan-table.component.ts b/src/app/components/lan-table/lan-table.component.ts index fca2ed1..72cc112 100644 --- a/src/app/components/lan-table/lan-table.component.ts +++ b/src/app/components/lan-table/lan-table.component.ts @@ -1,4 +1,6 @@ -import {Component, OnInit, OnDestroy, ViewChild} from '@angular/core'; +import ipaddr from 'ipaddr.js'; +import isIpInRange from 'ip-range-check'; +import {Component, OnInit, OnDestroy} from '@angular/core'; import { SortService, ColumnSortedEvent } from '../../services/sort.service'; import { ApiService } from '../../services/api.service'; import { Host } from '../../models/host'; @@ -59,8 +61,21 @@ export class LanTableComponent implements OnInit, OnDestroy { this.sortSub.unsubscribe(); } - isSpoofed(host : any) : boolean { - return (host.ipv4 in this.spoofList); + isSpoofed(host: any): boolean { + const whitelistedTargets = this.spoofOpts.whitelist + .split(',') + .map((s) => s.trim()) + .filter((s) => s.length); + + if (isIpInRange(host.ipv4, whitelistedTargets)) { + return false; + } + + if (host.ipv4 in this.spoofList) { + return true; + } + + return isIpInRange(host.ipv4, Object.keys(this.spoofList)); } private updateSpoofOpts() { @@ -133,8 +148,6 @@ export class LanTableComponent implements OnInit, OnDestroy { } private update(session) { - const ipRe = /^(?=.*[^\.]$)((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.?){4}$/; - let spoofing = this.api.session.env.data['arp.spoof.targets'] // split by comma and trim spaces .split(',') @@ -153,13 +166,14 @@ export class LanTableComponent implements OnInit, OnDestroy { this.spoofList = {}; // if there are elements that are not IP addresses, it means the user // has set the variable manually, which overrides the UI spoof list. - for( let i = 0; i < spoofing.length; i++ ) { - if( ipRe.test(spoofing[i]) ) { - this.spoofList[spoofing[i]] = true; - } else { - this.spoofList = {}; - break; - } + for (let i = 0; i < spoofing.length; i++) { + let spoofedTarget = spoofing[i]; + if (ipaddr.isValid(spoofedTarget) || ipaddr.isValidCIDR(spoofedTarget)) { + this.spoofList[spoofedTarget] = true; + } else { + this.spoofList = {}; + break; + } } this.iface = session.interface; From 629af2b09328f291b73c2902012b3bf7583e00ab Mon Sep 17 00:00:00 2001 From: Laode Muhammad Al Fatih Date: Thu, 22 May 2025 20:46:17 +0700 Subject: [PATCH 2/2] chore: exclude gateway from arp spoofing checking status --- src/app/components/lan-table/lan-table.component.ts | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/app/components/lan-table/lan-table.component.ts b/src/app/components/lan-table/lan-table.component.ts index 72cc112..15fb2da 100644 --- a/src/app/components/lan-table/lan-table.component.ts +++ b/src/app/components/lan-table/lan-table.component.ts @@ -62,6 +62,10 @@ export class LanTableComponent implements OnInit, OnDestroy { } isSpoofed(host: any): boolean { + if (host.mac == this.gateway.mac) { + return false; + } + const whitelistedTargets = this.spoofOpts.whitelist .split(',') .map((s) => s.trim())