def _create_udp_base_packets(
conversation: Layer3Conversation) -> Tuple[Packet, Packet]:
src_port, dst_port = _generate_port(), _generate_port()
base_src_to_dst = (ethernet.Ethernet(
src_s=conversation.src_mac,
dst_s=conversation.dst_mac,
type=ethernet.ETH_TYPE_IP,
) + ip.IP(p=ip.IP_PROTO_UDP,
src_s=conversation.src_ip,
dst_s=conversation.dst_ip) +
udp.UDP(sport=src_port, dport=dst_port))
base_dst_to_src = (ethernet.Ethernet(
src_s=conversation.dst_mac,
dst_s=conversation.src_mac,
type=ethernet.ETH_TYPE_IP,
) + ip.IP(p=ip.IP_PROTO_UDP,
src_s=conversation.dst_ip,
dst_s=conversation.src_ip) +
udp.UDP(sport=dst_port, dport=src_port))
return base_src_to_dst, base_dst_to_src
def test_dhcp_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]):
src_mac = "00:00:00:12:34:ff"
dst_mac = "00:00:00:ff:00:1e"
src_ip = "21.53.78.255"
given_ip = "10.0.0.255"
broadcast_ip = "255.255.255.255"
src_port = 16424
dst_port = 68
bpf_filter = "ip"
display_filter = "dhcp"
expected_output = {
"eth.src": src_mac,
"eth.dst": dst_mac,
"ip.src": src_ip,
"ip.dst": broadcast_ip,
"udp.srcport": src_port,
"udp.dstport": dst_port,
"dhcp.ip.your": given_ip,
"dhcp.option.dhcp_server_id": src_ip,
}
packet = (
ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac)
+ ip.IP(src_s=src_ip, dst_s=broadcast_ip, p=ip.IP_PROTO_UDP)
+ udp.UDP(sport=src_port, dport=dst_port)
+ dhcp.DHCP(
yiaddr_s=given_ip,
magic=dhcp.DHCP_MAGIC,
opts=[
dhcp.DHCPOpt(
type=dhcp.DHCP_OPT_SERVER_ID,
len=4,
body_bytes=bytes(int(num) for num in src_ip.split(".")),
)
],
)
)
general_filter_and_parse_test(
marine_or_marine_pool=marine_or_marine_pool,
packet=packet.bin(),
packet_encapsulation=encap_consts.ENCAP_ETHERNET,
bpf_filter=bpf_filter,
display_filter=display_filter,
field_templates=None,
expected_passed=True,
expected_output=expected_output,
)
def test_dns_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]):
src_mac = "00:00:00:12:34:ff"
dst_mac = "00:00:00:ff:00:1e"
src_ip = "21.53.78.255"
dst_ip = "10.0.0.255"
src_port = 16424
dst_port = 53
bpf_filter = "ip"
display_filter = "dns"
domain_name = "www.testwebsite.com"
expected_output = {
"eth.src": src_mac,
"eth.dst": dst_mac,
"ip.src": src_ip,
"ip.dst": dst_ip,
"udp.srcport": src_port,
"udp.dstport": dst_port,
"dns.qry.name": domain_name,
}
packet = (
ethernet.Ethernet(src_s=src_mac, dst_s=dst_mac)
+ ip.IP(src_s=src_ip, dst_s=dst_ip, p=ip.IP_PROTO_UDP)
+ udp.UDP(sport=src_port, dport=dst_port)
+ dns.DNS(queries=[dns.DNS.Query(name_s=domain_name, type=1, cls=1)])
)
general_filter_and_parse_test(
marine_or_marine_pool=marine_or_marine_pool,
packet=packet.bin(),
packet_encapsulation=encap_consts.ENCAP_ETHERNET,
bpf_filter=bpf_filter,
display_filter=display_filter,
field_templates=None,
expected_passed=True,
expected_output=expected_output,
)
from pypacker.layer4 import udp
from pypacker.layer567 import dhcp
from pypacker import psocket
import time
# interface to listen on
IFACE = "wlan0"
#
# spoof DHCP request
#
dhcp_param = [dhcp.DHCP_OPT_NETMASK, dhcp.DHCP_OPT_ROUTER, dhcp.DHCP_OPT_DNS_SVRS, dhcp.DHCP_OPT_NISTIMESERV]
dhcp_spoof = ethernet.Ethernet(src_s="20:16:d8:ef:1f:49", dst_s="ff:ff:ff:ff:ff:ff") +\
ip.IP(src_s="0.0.0.0", dst_s="255.255.255.255", p=ip.IP_PROTO_UDP, id=1) +\
udp.UDP(sport=68, dport=67) +\
dhcp.DHCP(chaddr=pypacker.mac_str_to_bytes("20:16:d8:ef:1f:49") + b"\x00" * 10,
xid=0,
opts=[
dhcp.DHCPOptMulti(type=dhcp.DHCP_OPT_MSGTYPE, len=3, body_bytes=b"\x01"),
dhcp.DHCPOptSingle(type=0xff)
]
)
psock = psocket.SocketHndl(iface_name=IFACE)
for a in range(9):
print("sending DHCP request")
psock.send(dhcp_spoof.bin())
mac = "08:9e:01:dd:ee:f%d" % a
dhcp_spoof.src_s = mac
icmpreq = ethernet.Ethernet(src_s="12:34:56:78:90:12", dst_s="12:34:56:78:90:13", type=ethernet.ETH_TYPE_IP) +\
ip.IP(p=ip.IP_PROTO_ICMP, src_s="192.168.0.2", dst_s="192.168.0.1") +\
icmp.ICMP(type=8) +\
icmp.ICMP.Echo(id=1, ts=123456789, body_bytes=b"12345678901234567890")
psock.send(icmpreq.bin())
# send TCP SYN
tcpsyn = ethernet.Ethernet(src_s="12:34:56:78:90:12", dst_s="12:34:56:78:90:13", type=ethernet.ETH_TYPE_IP) +\
ip.IP(p=ip.IP_PROTO_TCP, src_s="192.168.0.2", dst_s="192.168.0.1") +\
tcp.TCP(sport=12345, dport=80)
psock.send(tcpsyn.bin())
# send UDP data
udpcon = ethernet.Ethernet(src_s="12:34:56:78:90:12", dst_s="12:34:56:78:90:13", type=ethernet.ETH_TYPE_IP) +\
ip.IP(p=ip.IP_PROTO_UDP, src_s="192.168.0.2", dst_s="192.168.0.1") +\
udp.UDP(sport=12345, dport=80)
udpcon[udp.UDP].body_bytes = b"udpdata"
psock.send(udpcon.bin())
psock.close()
#
# send and receive packets on layer 3 (assumes running HTTP-server on port 80)
#
packet_ip = ip.IP(src_s="127.0.0.1", dst_s="127.0.0.1") + tcp.TCP(dport=80)
psock = psocket.SocketHndl(mode=psocket.SocketHndl.MODE_LAYER_3,
timeout=10)
packets = psock.sr(packet_ip, max_packets_recv=1)
for p in packets:
print("got layer 3 packet: %s" % p)
psock.close()
except socket.timeout as e: