def decode(self, aBuffer):
arp = ImpactPacket.ARP(aBuffer)
self.set_decoded_protocol(arp)
off = arp.get_header_size()
self.data_decoder = DataDecoder()
packet = self.data_decoder.decode(aBuffer[off:])
arp.contains(packet)
return arp
def get_arp(self, sha, spa, tha, tpa, arp_type):
ethernet_layer = ImpactPacket.Ethernet()
arp_layer = ImpactPacket.ARP()
ethernet_layer.contains(arp_layer)
arp_layer.set_ar_hrd(1) # Hardware type Ethernet
arp_layer.set_ar_pro(0x800) # IP
arp_layer.set_ar_op(arp_type)
arp_layer.set_ar_hln(6)
arp_layer.set_ar_pln(4)
arp_layer.set_ar_sha(
self.addresses_helper.get_mac_in_list_format2(sha))
arp_layer.set_ar_spa(self.addresses_helper.get_ip_in_list_format(spa))
arp_layer.set_ar_tha(
self.addresses_helper.get_mac_in_list_format2(tha))
arp_layer.set_ar_tpa(self.addresses_helper.get_ip_in_list_format(tpa))
ethernet_layer.set_ether_shost(arp_layer.get_ar_sha())
ethernet_layer.set_ether_dhost(arp_layer.get_ar_tha())
return ethernet_layer
def buildAnswer(self, in_onion):
eth = ImpactPacket.Ethernet()
arp = ImpactPacket.ARP()
eth.contains(arp)
arp.set_ar_hrd(1) # Hardward type Ethernet
arp.set_ar_pro(0x800) # IP
arp.set_ar_op(2) # REPLY
arp.set_ar_hln(6)
arp.set_ar_pln(4)
arp.set_ar_sha(string2tuple(self.machine.macAddress))
arp.set_ar_spa(string2tuple(self.machine.ipAddress))
arp.set_ar_tha(in_onion[O_ARP].get_ar_sha())
arp.set_ar_tpa(in_onion[O_ARP].get_ar_spa())
eth.set_ether_shost(arp.get_ar_sha())
eth.set_ether_dhost(arp.get_ar_tha())
return [eth, arp]
def handle_arp(pcap, wire_packet):
arp = wire_packet.child()
if arp.get_op_name(arp.get_ar_op()) == 'REQUEST' and arp.as_pro(
arp.get_ar_tpa()) == OUR_IP:
reply = build_ethernet_reply(wire_packet, ImpactPacket.ARP.ethertype)
reply_arp = ImpactPacket.ARP()
reply_arp.set_ar_op(2) # reply
reply_arp.set_ar_hrd(1) # ethernet
reply_arp.set_ar_pro(ImpactPacket.IP.ethertype)
reply_arp.set_ar_hln(6)
reply_arp.set_ar_pln(4)
reply_arp.set_ar_tpa(arp.get_ar_spa())
reply_arp.set_ar_spa(arp.get_ar_tpa())
reply_arp.set_ar_tha(arp.get_ar_sha())
reply_arp.set_ar_sha(OUR_MAC_ARRAY)
reply.contains(reply_arp)
reply_str = reply.get_packet()
pcap_sendpacket(pcap, cast(reply_str, POINTER(u_char)), len(reply_str))
def arp_reply(self, arp_pkt):
"""Function creates and sends back an ARP reply
Args:
arp_pkt : received arp packet
"""
# arp packet
reply_arp = ImpactPacket.ARP()
reply_arp.set_ar_hln(6) # Ethernet size 6
reply_arp.set_ar_pln(4) # IPv4 size 4
reply_arp.set_ar_hrd(
1) # 1:'ARPHRD ETHER', 6:'ARPHRD IEEE802', 15:'ARPHRD FRELAY'
reply_arp.set_ar_op(
2
) # 1:'REQUEST', 2:'REPLY', 3:'REVREQUEST', 4:'REVREPLY', 8:'INVREQUEST', 9:'INVREPLY'
reply_arp.set_ar_pro(0x800) # IPv4 0x800
mac = [int(i, 16) for i in self.mac.split(':')]
target_ip = unicode('.'.join(map(str, arp_pkt.get_ar_tpa())))
for d in self.devices:
if target_ip in d.bind_list:
mac = [int(i, 16) for i in d.mac.split(':')]
break
reply_arp.set_ar_sha(mac)
reply_arp.set_ar_tha(arp_pkt.get_ar_sha())
reply_arp.set_ar_spa(arp_pkt.get_ar_tpa())
reply_arp.set_ar_tpa(arp_pkt.get_ar_spa())
# ethernet frame
reply_eth = ImpactPacket.Ethernet()
reply_eth.set_ether_type(0x800)
reply_eth.set_ether_shost(mac)
reply_eth.set_ether_dhost(arp_pkt.get_ar_sha())
reply_eth.contains(reply_arp)
logger.debug('Sending reply: %s', reply_eth)
# send raw frame
try:
self.pcapy_object.sendpacket(reply_eth.get_packet())
except pcapy.PcapError as ex:
logger.exception('Exception: Cannot send reply packet: %s', ex)
#Generate arp packets with randomly
#s = socket(AF_INET, SOCK_RAW)
s = socket(AF_PACKET, SOCK_RAW)
s.bind(("h4-eth0", 0x0806))
pktid = 0
while (pktid <= 100000000):
eth = ImpactPacket.Ethernet()
forged_mac = randomMAC()
eth.set_ether_shost(randomMAC())
eth.set_ether_dhost(randomMAC())
eth.set_ether_type(0x0806)
print "send packet #", pktid, "with src_mac:", ':'.join(
map(lambda x: "%02x" % x, forged_mac))
arp = ImpactPacket.ARP(
) # create the arp packet that will be inside of layer 1
arp.set_ar_hrd(0x0001) # set hardware type to ARPHRD ETHER (ethernet)
arp.set_ar_op(
0x01
) # Set tyoe to Arp Reply (0x02 = Reply, 0x04 = RevReply, 0x03 = RevRequest)
arp.set_ar_pro(0x800) # 2048 (Set to standard IP protocol)
arp.set_ar_hln(6) # Length should be 6 (octaves of mac address)
arp.set_ar_pln(4) # should be 4 (octaves of i.p. address)
#arp.set_ar_spa(string2tuple("10.0.0.253")) # Set source I.P. in arp reply.
#arp.set_ar_tpa(string2tuple("10.0.0.254")) # Set target I.P. in arp reply.
#arp.set_ar_tha([0xFF,0xFF,0xFF,0xFF,0xFF,0xFF]) # Target of the packet, could be broadcast
#arp.set_ar_sha(forged_mac) # Source of the packet (this is our own MAC, so they can reply to us)
eth.contains(
arp
) # Encapsulate the arp packet, wrap the ethernet layer 1 packet around it.
