def handle_ul(self, ipbuf):
# check if we have a TCP SYN
ip_proto, ip_pay = ord(ipbuf[9]), ipbuf[20:]
if ip_proto != 6:
# not TCP
return
if ip_pay[13] != '\x02':
# not TCP SYN
return
# build the TCP SYN-ACK: invert src / dst ports, seq num (random), ack num (SYN seq num + 1)
tcpsrc, tcpdst, seq = unpack('!HHI', ip_pay[:8])
tcp_synack = TCP(src=tcpdst, dst=tcpsrc, flags=['SYN', 'ACK'])
tcp_synack[2] = randint(1, 4294967295) # seq num
tcp_synack[3] = (seq + 1) % 4294967296 # ack num
tcp_synack[15] = 0x1000 # window
# build the IPv4 header: invert src / dst addr
ipsrc, ipdst = map(inet_ntoa, (ipbuf[12:16], ipbuf[16:20]))
iphdr = IPv4(src=ipdst, dst=ipsrc)
p = Block()
p.append(iphdr)
p.append(tcp_synack)
p[1].hierarchy = 1 # TCP, payload of IP
# send back the TCP SYN-ACK
self.GTPUd.transfer_to_int(bytes(p))
def handle_ul(self, ipbuf):
# check if we have a TCP SYN
ip_proto, ip_pay = ord(ipbuf[9]), ipbuf[20:]
if ip_proto != 6:
# not TCP
return
if ip_pay[13] != '\x02':
# not TCP SYN
return
# build the TCP SYN-ACK: invert src / dst ports, seq num (random), ack num (SYN seq num + 1)
tcpsrc, tcpdst, seq = unpack('!HHI', ip_pay[:8])
tcp_synack = TCP(src=tcpdst, dst=tcpsrc, flags=['SYN', 'ACK'])
tcp_synack[2] = randint(1, 4294967295) # seq num
tcp_synack[3] = (seq + 1) % 4294967296 # ack num
tcp_synack[15] = 0x1000 # window
# build the IPv4 header: invert src / dst addr
ipsrc, ipdst = map(inet_ntoa, (ipbuf[12:16], ipbuf[16:20]))
iphdr = IPv4(src=ipdst, dst=ipsrc)
p = Block()
p.append(iphdr)
p.append(tcp_synack)
p[1].hierarchy = 1 # TCP, payload of IP
# send back the TCP SYN-ACK
self.GTPUd.transfer_to_int(bytes(p))
def get_section(self, ind=-1):
if self._sh and self._stream:
b = Block('section')
# get all sections
if ind == -1:
for sh in self._sh:
# section header
b.append(sh)
b[-1].set_hierarchy(0)
# section content
b.append(section())
b[-1].set_hierarchy(1)
b[-1].map(
self._stream[b[-2].sh_offset():b[-2].sh_offset() +
b[-2].sh_size()])
# get a given section
elif ind in range(len(self._sh)):
b.append(self._sh[ind])
b[-1].set_hierarchy(0)
# section content
b.append(section())
b[-1].set_hierarchy(1)
b[-1].map(self._stream[b[-2].sh_offset():b[-2].sh_offset() +
b[-2].sh_size()])
#
return b
#
else:
print('No ELF stream has been mapped yet...')
def get_program(self, ind=-1):
if self._ph and self._stream:
b = Block('program')
# get all program segments
if ind == -1:
for ph in self._ph:
# program header
b.append(ph)
b[-1].set_hierarchy(0)
# program segment
b.append(program())
b[-1].set_hierarchy(1)
b[-1].map(self._stream[b[-2].p_offset():b[-2].p_offset() +
b[-2].p_filesz()])
# get a given program segment
elif ind in range(len(self._ph)):
b.append(self._ph[ind])
b[-1].set_hierarchy(0)
# program segment
b.append(program())
b[-1].set_hierarchy(1)
b[-1].map(self._stream[b[-2].p_offset():b[-2].p_offset() +
b[-2].p_filesz()])
#
return b
#
else:
print('No ELF stream has been mapped yet...')
def get_section(self, ind=-1):
if self._sh and self._stream:
b = Block('section')
# get all sections
if ind == -1:
for sh in self._sh:
# section header
b.append( sh )
b[-1].set_hierarchy(0)
# section content
b.append( section() )
b[-1].set_hierarchy(1)
b[-1].map( self._stream[b[-2].sh_offset():b[-2].sh_offset()+b[-2].sh_size()] )
# get a given section
elif ind in range(len(self._sh)):
b.append(self._sh[ind])
b[-1].set_hierarchy(0)
# section content
b.append( section() )
b[-1].set_hierarchy(1)
b[-1].map( self._stream[b[-2].sh_offset():b[-2].sh_offset()+b[-2].sh_size()] )
#
return b
#
else:
print('No ELF stream has been mapped yet...')
def get_program(self, ind=-1):
if self._ph and self._stream:
b = Block('program')
# get all program segments
if ind == -1:
for ph in self._ph:
# program header
b.append( ph )
b[-1].set_hierarchy(0)
# program segment
b.append( program() )
b[-1].set_hierarchy(1)
b[-1].map( self._stream[b[-2].p_offset():b[-2].p_offset()+b[-2].p_filesz()] )
# get a given program segment
elif ind in range(len(self._ph)):
b.append(self._ph[ind])
b[-1].set_hierarchy(0)
# program segment
b.append( program() )
b[-1].set_hierarchy(1)
b[-1].map( self._stream[b[-2].p_offset():b[-2].p_offset()+b[-2].p_filesz()] )
#
return b
#
else:
print('No ELF stream has been mapped yet...')
def get_all(self):
if self._sh and self._ph and self._stream:
p = self.get_program()
p.inc_hierarchy()
s = self.get_section()
s.inc_hierarchy()
elf = Block('all')
elf.append(self[0])
elf.extend(p)
elf.extend(s)
return elf
else:
print('Some ELF sub-streams seem missing...')
print('check ._ph for program header, ._sh for section header')
return None
def get_all(self):
if self._sh and self._ph and self._stream:
p = self.get_program()
p.inc_hierarchy()
s = self.get_section()
s.inc_hierarchy()
elf = Block('all')
elf.append(self[0])
elf.extend( p )
elf.extend( s )
return elf
else:
print('Some ELF sub-streams seem missing...')
print('check ._ph for program header, ._sh for section header')
return None
def parseProp(self, s):
# create a Proposal Block where Prop() is the "header":
Proposal = Block("Proposal")
Proposal.append( Prop() ) #hierarchy = 0
Proposal[0].map( s )
# get the string with the Proposal content:
s = s[ len(Proposal[0]) : int(Proposal[0].len) ]
Tnum = int(Proposal[0].Tnum)
# loop for the "num" Transforms referenced in the Proposal
while Tnum > 0:
Proposal.append( Trans() )
Proposal[-1].hierarchy = 1
Proposal[-1].map( s )
s = s[ 8 : ]
Tnum -= 1
# check for errors in the Transform parsing process:
if Tnum > 0 and Proposal[-1].last == 0:
print '[WNG] error in parsing the SA proposal'
elif Tnum == 0 and Proposal[-1].last == 3:
print '[WNG] error in parsing the SA proposal'
if int(Proposal[-1].last) not in (0, 3):
print '[WNG] strange Transorm format...'
# parse possible attributes
# (multiple attributes possible for 1 transform):
attlen = int(Proposal[-1].len) - 8
atts = s[:attlen] # string for Transform's attributes
s = s[attlen:] # string for next Transform
while len(atts) > 0:
#determine type of attribute: TV or TLV:
if int(atts[0].encode('hex'), 16) >= 0x80:
# TV format:
Proposal.append( TransTV() )
Proposal[-1].hierarchy = 2
Proposal[-1].map( atts )
atts = atts[ 4 : ]
else:
# TLV format:
Proposal.append( TransTLV() )
Proposal[-1].hierarchy = 2
Proposal[-1].map( atts )
atts = atts[ len(Proposal[-1]) : ]
# finally returns the Proposal Block for extending the IKEv2 Block with
return Proposal
def parseProp(self, s):
# create a Proposal Block where Prop() is the "header":
Proposal = Block("Proposal")
Proposal.append(Prop()) #hierarchy = 0
Proposal[0].map(s)
# get the string with the Proposal content:
s = s[len(Proposal[0]):int(Proposal[0].len)]
Tnum = int(Proposal[0].Tnum)
# loop for the "num" Transforms referenced in the Proposal
while Tnum > 0:
Proposal.append(Trans())
Proposal[-1].hierarchy = 1
Proposal[-1].map(s)
s = s[8:]
Tnum -= 1
# check for errors in the Transform parsing process:
if Tnum > 0 and Proposal[-1].last == 0:
print '[WNG] error in parsing the SA proposal'
elif Tnum == 0 and Proposal[-1].last == 3:
print '[WNG] error in parsing the SA proposal'
if int(Proposal[-1].last) not in (0, 3):
print '[WNG] strange Transorm format...'
# parse possible attributes
# (multiple attributes possible for 1 transform):
attlen = int(Proposal[-1].len) - 8
atts = s[:attlen] # string for Transform's attributes
s = s[attlen:] # string for next Transform
while len(atts) > 0:
#determine type of attribute: TV or TLV:
if int(atts[0].encode('hex'), 16) >= 0x80:
# TV format:
Proposal.append(TransTV())
Proposal[-1].hierarchy = 2
Proposal[-1].map(atts)
atts = atts[4:]
else:
# TLV format:
Proposal.append(TransTLV())
Proposal[-1].hierarchy = 2
Proposal[-1].map(atts)
atts = atts[len(Proposal[-1]):]
# finally returns the Proposal Block for extending the IKEv2 Block with
return Proposal
def handle_ul(self, ipbuf):
# check if we have an UDP/53 request
ip_proto, (udpsrc, udpdst) = ord(ipbuf[9]), unpack('!HH', ipbuf[20:24])
if ip_proto != 17:
# not UDP
return
if udpdst != 53:
# not DNS
return
# build the UDP / DNS response: invert src / dst UDP ports
udp = UDP(src=udpdst, dst=udpsrc, with_cs=self.UDP_CS)
# DNS request: transaction id, flags, questions, queries
dnsreq = ipbuf[28:]
transac_id, questions, queries = dnsreq[0:2], \
unpack('!H', dnsreq[4:6])[0], \
dnsreq[12:]
if questions > 1:
# not supported
return
# DNS response: transaction id, flags, questions, answer RRs,
# author RRs, add RRs, queries, answers, autor nameservers, add records
if self.RAND:
ip_resp = _urandom(4)
else:
ip_resp = inet_aton(self.IP_RESP)
dnsresp = '{0}\x81\x80\0\x01\0\x01\0\0\0\0{1}\xc0\x0c'\
'\0\x01\0\x01\0\0\0\x20\0\x04{2}'.format(
transac_id, queries, ip_resp)
# build the IPv4 header: invert src / dst addr
ipsrc, ipdst = map(inet_ntoa, (ipbuf[12:16], ipbuf[16:20]))
iphdr = IPv4(src=ipdst, dst=ipsrc)
p = Block()
p.append(iphdr)
p.append(udp)
p[-1].hierarchy = 1
p.append(dnsresp)
p[-1].hierarchy = 2
# send back the DNS response
self.GTPUd.transfer_to_int(bytes(p))
def handle_ul(self, ipbuf):
# check if we have an UDP/53 request
ip_proto, (udpsrc, udpdst) = ord(ipbuf[9]), unpack('!HH', ipbuf[20:24])
if ip_proto != 17:
# not UDP
return
if udpdst != 53:
# not DNS
return
# build the UDP / DNS response: invert src / dst UDP ports
udp = UDP(src=udpdst, dst=udpsrc, with_cs=self.UDP_CS)
# DNS request: transaction id, flags, questions, queries
dnsreq = ipbuf[28:]
transac_id, questions, queries = dnsreq[0:2], \
unpack('!H', dnsreq[4:6])[0], \
dnsreq[12:]
if questions > 1:
# not supported
return
# DNS response: transaction id, flags, questions, answer RRs,
# author RRs, add RRs, queries, answers, autor nameservers, add records
if self.RAND:
ip_resp = _urandom(4)
else:
ip_resp = inet_aton(self.IP_RESP)
dnsresp = '{0}\x81\x80\0\x01\0\x01\0\0\0\0{1}\xc0\x0c'\
'\0\x01\0\x01\0\0\0\x20\0\x04{2}'.format(
transac_id, queries, ip_resp)
# build the IPv4 header: invert src / dst addr
ipsrc, ipdst = map(inet_ntoa, (ipbuf[12:16], ipbuf[16:20]))
iphdr = IPv4(src=ipdst, dst=ipsrc)
p = Block()
p.append(iphdr)
p.append(udp)
p[-1].hierarchy = 1
p.append(dnsresp)
p[-1].hierarchy = 2
# send back the DNS response
self.GTPUd.transfer_to_int(bytes(p))