#include <pcap.h>
#include <stdio.h>
#include <string.h>
#include <arpa/inet.h>
#include <unistd.h>

struct ipheader {
  unsigned char      iph_ihl:4, iph_ver:4;
  unsigned char      iph_tos;
  unsigned short int iph_len;
  unsigned short int iph_ident;
  unsigned short int iph_flag:3, iph_offset:13;
  unsigned char      iph_ttl;
  unsigned char      iph_protocol;
  unsigned short int iph_chksum;
  struct  in_addr    iph_sourceip;
  struct  in_addr    iph_destip;
};

struct icmpheader {
  unsigned char icmp_type;
  unsigned char icmp_code;
  unsigned short int icmp_chksum;
  unsigned short int icmp_id;
  unsigned short int icmp_seq;
};

unsigned short in_cksum (unsigned short *buf, int length)
{
   unsigned short *w = buf;
   int nleft = length;
   int sum = 0;
   unsigned short temp=0;

   while (nleft > 1)  {
       sum += *w++;
       nleft -= 2;
   }

   if (nleft == 1) {
        *(u_char *)(&temp) = *(u_char *)w ;
        sum += temp;
   }

   sum = (sum >> 16) + (sum & 0xffff);
   sum += (sum >> 16);
   return (unsigned short)(~sum);
}

void send_raw_ip_packet(struct ipheader* ip)
{
    struct sockaddr_in dest_info;
    int enable = 1;

    int sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
    setsockopt(sock, IPPROTO_IP, IP_HDRINCL, &enable, sizeof(enable));

    dest_info.sin_family = AF_INET;
    dest_info.sin_addr = ip->iph_destip;

    sendto(sock, ip, ntohs(ip->iph_len), 0, (struct sockaddr *)&dest_info, sizeof(dest_info));
    close(sock);
}

void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
{
  struct ipheader *ip = (struct ipheader *)(packet + 14);
  struct icmpheader *icmp = (struct icmpheader *)(packet + 14 + (ip->iph_ihl * 4));

  if (icmp->icmp_type == 8) { // Echo Request
      printf("Detected Echo Request from %s to %s\n", inet_ntoa(ip->iph_sourceip), inet_ntoa(ip->iph_destip));
      
      char buffer[1500];
      int ip_len = ntohs(ip->iph_len);
      memcpy(buffer, ip, ip_len);
      
      struct ipheader *new_ip = (struct ipheader *) buffer;
      struct icmpheader *new_icmp = (struct icmpheader *) (buffer + (new_ip->iph_ihl * 4));
      
      new_ip->iph_sourceip = ip->iph_destip;
      new_ip->iph_destip = ip->iph_sourceip;
      new_ip->iph_ttl = 64;
      
      new_icmp->icmp_type = 0; // Echo Reply
      new_icmp->icmp_chksum = 0;
      new_icmp->icmp_chksum = in_cksum((unsigned short *)new_icmp, ip_len - (new_ip->iph_ihl * 4));
      
      send_raw_ip_packet(new_ip);
      printf("Sent spoofed Echo Reply back to %s\n", inet_ntoa(new_ip->iph_destip));
  }
}

int main()
{
  pcap_t *handle;
  char errbuf[PCAP_ERRBUF_SIZE];
  struct bpf_program fp;
  char filter_exp[] = "icmp";
  bpf_u_int32 net;

  handle = pcap_open_live("br-603d3788c443", BUFSIZ, 1, 1000, errbuf);
  pcap_compile(handle, &fp, filter_exp, 0, net);
  pcap_setfilter(handle, &fp);
  pcap_loop(handle, -1, got_packet, NULL);
  pcap_close(handle);
  return 0;
}