Nemesis - A Command-Line Network Packet Crafting And Injection Utility


The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

Key Features
  • ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP, OSPF, RIP, TCP and UDP protocol support
  • Layer 2 or Layer 3 injection on UNIX-like systems
  • Layer 2 injection (only) on Windows systems
  • Packet payload from file
  • IP and TCP options from file
  • Tested on OpenBSD, Linux, Solaris, Mac OS X and Windows 2000
Each supported protocol uses its own protocol "injector" which is accompanied by a man page explaining its functionality.
Consult the ChangeLog for release details, and the documentation for each protocol injector for in-depth descriptions of the available functionality.

Examples
  • Inject malformed ICMP redirect
      sudo nemesis icmp -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -i 5
  • IGMP v2 join for group 239.186.39.5
      sudo nemesis igmp -v -p 22 -S 192.168.1.20 -i 239.186.39.5 -D 239.186.39.5
  • IGMP v2 query, max resp. time 10 sec, with Router Alert IP option
      echo -ne '\x94\x04\x00\x00' >RA
      sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O RA
    or
      echo -ne '\x94\x04\x00\x00' | sudo nemesis igmp -v -p 0x11 -c 100 -D 224.0.0.1 -O -
  • IGMP v3 query, with Router Alert IP option
      echo -ne '\x03\x64\x00\x00' > v3
      sudo ./src/nemesis igmp -p 0x11 -c 100 -i 0.0.0.0 -P v3 -D 224.0.0.1 -O RA
  • Random TCP packet
      sudo nemesis tcp
  • DoS and DDoS testing
      sudo nemesis tcp -v -S 192.168.1.1 -D 192.168.2.2 -fSA -y 22 -P foo
      sudo nemesis udp -v -S 10.11.12.13 -D 10.1.1.2 -x 11111 -y 53 -P bindpkt
      sudo nemesis icmp redirect -S 10.10.10.3 -D 10.10.10.1 -G 10.10.10.3 -qR
      sudo nemesis arp -v -d ne0 -H 0:1:2:3:4:5 -S 10.11.30.5 -D 10.10.15.1

Build & Install
Nemesis is built around libnet. Windows platform builds require libpcap as well. On Debian and Ubuntu derived GNU/Linux systems:
sudo apt install libnet1-dev
The GNU Configure & Build system use /usr/local as the default install prefix. Usually this is sufficient, the below example installs to /usr instead:
tar xf nemesis-1.5.tar.xz
cd nemesis-1.5/
./configure --prefix=/usr
make -j5
sudo make install-strip

Building from GIT
If you want to contribute, or simply want to try out the latest but still unreleased features, then you need to know a few things about the GNU Configure & Build system:
  • configure.ac and a per-directory Makefile.am are key files
  • configure and Makefile.in are generated from autogen.sh, they are not stored in GIT but automatically generated for the release tarballs
  • Makefile is generated by configure script
To build from GIT you first need to clone the repository and run the autogen.sh script. This requires automake and autoconf to be installed on your system.
git clone https://github.com/troglobit/inadyn.git
cd inadyn/
./autogen.sh
./configure && make
GIT sources are a moving target and are not recommended for production systems, unless you know what you are doing!

Origin & References
  • 1999: Nemesis was created by Mark Grimes
  • 2001: Jeff Nathan took over maintainership
  • 2018: Project resurrected by Joachim Nilsson
The project is currently maintained at GitHub with the intention to serve as a focal point for new development. If you have patches and/or ideas, please submit them using the issue tracker or as pull requests.


Nemesis - A Command-Line Network Packet Crafting And Injection Utility Nemesis - A Command-Line Network Packet Crafting And Injection Utility Reviewed by Lydecker Black on 6:23 PM Rating: 5