def run(self):
while True:
raw_packet = self.queue.get(block=True)
if raw_packet == "finished":
print("Finished processing packets")
break
try: #this filters for unfragmented DNS responses #this filters for fragmented DNS responses
packet = Ether(raw_packet)
if packet.haslayer(IPv6):
ip_v = IPv6
else:
ip_v = IP
if (packet.haslayer(DNS) and packet[DNS].qr == 1) or (
packet.haslayer(UDP) and
(packet[UDP].dport == 53 and packet[ip_v].flags == 1)):
if packet[UDP].len >= self.min_pkt_size and packet.haslayer(
DNSQR):
print("Received response: writing to scan_results")
self.file.write(
packet[ip_v].src + "\t" +
packet[DNSQR].qname.decode("ascii").rstrip(".") +
"\t" + str(packet[UDP].len) + "\n")
self.file.flush()
except Exception as e:
print("Exception in Sniffer: " + str(e))
self.file.close()
def main():
if len(sys.argv)<2:
print 'pass 2 arguments: <destination>'
exit(1)
addr = socket.gethostbyname(sys.argv[1])
iface = get_if()
print "sending on interface %s to %s" % (iface, str(addr))
while True:
print
s = str(raw_input('Type space separated port nums '
'(example: "2 3 2 2 1") or "q" to quit: '))
if s == "q":
break;
print
i = 0
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff');
for p in s.split(" "):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i+1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
pkt = pkt / IP(dst=addr) / UDP(dport=4321, sport=1234)
pkt.show2()
sendp(pkt, iface=iface, verbose=False)
def main():
if len(sys.argv) < 3:
print 'pass 3 arguments: <destination> <num>'
exit(1)
addr = socket.gethostbyname(sys.argv[1])
num = int(sys.argv[2])
iface = get_if()
print "sending on interface %s to %s" % (iface, str(addr))
while num > 0:
num = num - 1
s = "2 2 1"
i = 0
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
for p in s.split(" "):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i + 1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
pkt = pkt / IP(
dst=addr, options=IPOption_MRI(
count=0, pathid=1, swtraces=[])) / UDP(dport=4321, sport=1234)
pkt.show2()
sendp(pkt, iface=iface, verbose=False)
def send():
iface_tx = get_if()
global wCurr, rCurr
j = 0
pkt = Ether(src=get_if_hwaddr(iface_tx), dst="ff:ff:ff:ff:ff:ff")
for p in rCurr:
try:
pkt = pkt / SourceRoute(bos=0, port=p)
j = j + 1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, j).bos = 1
# Check if sent enough packets
global totalSent
if wCurr + totalSent >= goalSent:
wCurr = goalSent - totalSent
print "Time Start: ", time_start # Recorded for FCT evaluation
totalSent = totalSent + wCurr
print("Winodow is: ", wCurr)
print("Route is: ", nCurr)
t = (time.time() -
time_start) * 1000000 # timestamp in the unit of microsecond
pkt = pkt / IP(dst=dst_ip, proto=17) / UDP(dport=4321, sport=1234) / MRI(
count=1, swtraces=[SwitchTrace(swid=100, egresst=t)]) / str(
RandString(size=1000))
sendp(pkt, iface=iface_tx, inter=0, count=wCurr, verbose=False)
def run(self, ami, action):
amifile = ami.GetFilePath()
amipath = os.path.dirname(os.path.realpath(amifile))
pcap_in = os.path.join(amipath, action.Variables()["$filename"])
print("Importing PCAP: %s" % pcap_in)
to_replace = action.FieldActions()
n_items_replaced = 0
packets_injected = 0
ip_list = None
try:
ip_list = to_replace["ip"]["replace"]
except:
pass # That means we have no definition to replace, we won't replace then
packets = rdpcap(pcap_in)
last_packet = None
seq = 0
for packet in packets:
packet.time = time.time()
if CookedLinux in packet:
packet = Ether() / packet.payload
try:
del packet[IP].chksum
del packet[TCP].chksum
del packet[UDP].chksum
except IndexError:
pass
if ip_list:
ip_to_replace = None
for k, v in ip_list.items():
ip_to_replace = k
ip_replacement = IP_y(v)
if packet.haslayer(IP):
if packet[IP].src == ip_to_replace:
packet[IP].src = str(ip_replacement)
n_items_replaced += 1
if packet[IP].dst == ip_to_replace:
packet[IP].dst = str(ip_replacement)
n_items_replaced += 1
self.plugins_data.AddPacket(action, packet)
packets_injected += 1
# seq += 1
last_packet = packet
else: # if ip_list
self.plugins_data.AddPacket(action, packet)
packets_injected += 1
print("%s replaced %d items" % (self.name, n_items_replaced))
print("Imported %d packets" % (packets_injected))
return self.plugins_data
def main():
if len(sys.argv) < 2:
print 'pass 2 arguments: <destination>'
exit(1)
#addr = socket.gethostbyname(sys.argv[1])
iface = get_if()
print "sending on interface %s to %s" % (iface, sys.argv[1])
print
s = str(
raw_input('Type space separated port nums '
'(example: "4 3 1 2 2 ") or "q" to quit: '))
if s == "q":
exit(1)
print
i = 0
pkt = Ether(src=get_if_hwaddr(iface), dst='00:00:00:00:02:02')
for p in s.split(" "):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i + 1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
#pkt = pkt / IPv6(dst=sys.argv[1], nh=150) / Bitmap(bit_label=228, bit_reserve=0) / MRI1(count=0, swtraces=[])
pkt = pkt / IPv6(dst=sys.argv[1], nh=150)
while True:
with open('flag.txt', 'r') as f:
t = float(f.readline())
if (t != MAX_t):
p = pkt / Bitmap(bit_label=255, bit_reserve=0) / MRI1(count=0,
swtraces=[])
else:
p = pkt / Bitmap(bit_label=228, bit_reserve=0) / MRI2(count=0,
swtraces=[])
#p = pkt / Bitmap(bit_label=255, bit_reserve=0) / MRI1(count=0, swtraces=[])
p.show2()
sendp(p, iface=iface, verbose=False)
sleep(t)
def send_ack(pkt):
iface = get_if()
options = getOptions(sys.argv[1:])
list_switches, dict_host_ip, dict_link_weight, dict_link_port = get_network(
options.topo)
global dict_mri
flag = 0
for i in range(0, len(pkt[MRI].swtraces)):
dict_mri[pkt[MRI].swtraces[i].swid] = pkt[MRI].swtraces[i].qdepth
if pkt[MRI].swtraces[i].qdepth > 5:
flag = 1
src_ip = pkt[IP].src
dst_ip = pkt[IP].dst
src_host = dict_host_ip.keys()[dict_host_ip.values().index(src_ip)]
dst_host = dict_host_ip.keys()[dict_host_ip.values().index(dst_ip)]
sp_nodes, sp_ports = update_shorest_path(dict_mri,
dict_link_weight,
dict_link_port,
src=dst_host,
dst=src_host)
ack = Ether(src=get_if_hwaddr(iface), dst="ff:ff:ff:ff:ff:ff")
j = 0
for p in sp_ports:
try:
ack = ack / SourceRoute(bos=0, port=p)
j = j + 1
except ValueError:
pass
if ack.haslayer(SourceRoute):
ack.getlayer(SourceRoute, j).bos = 1
ack = ack / IP(dst=pkt[IP].src, proto=17) / UDP(
dport=4322, sport=1235) / MRI(count=pkt[MRI].count,
swtraces=pkt[MRI].swtraces)
# ack.show2()
sendp(ack, iface=iface, verbose=False)
print("ACK sent at time: ", time.time())
def main():
if len(sys.argv) < 2:
print 'pass 2 arguments: <destination>'
exit(1)
#addr = socket.gethostbyname(sys.argv[1])
iface = get_if()
print "sending on interface %s to %s" % (iface, sys.argv[1])
while True:
print
s = str(
raw_input('Type space separated port nums '
'(example: "4 3 1 2 2 ") or "q" to quit: '))
if s == "q":
break
print
i = 0
#pkt = Ether(src=get_if_hwaddr(iface), dst='00:aa:00:00:00:01');
pkt = Ether()
for p in s.split(" "):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i + 1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
pkt = pkt / IPv6(dst=sys.argv[1], nh=150) / MRI(count=0, swtraces=[])
#pkt = pkt / SwitchTrace(swid=0, in_port=0, out_port=0, qdepth=0, in_time=0, out_time=0, bos=0)
#pkt = pkt / SwitchTrace(swid=0, in_port=0, out_port=0, qdepth=0, in_time=0, out_time=0, bos=0)
#pkt = pkt / UDP(dport=4321, sport=1234) / "P4 is cool"
pkt.show2()
for i in range(int(sys.argv[2])):
sendp(pkt, iface=iface, verbose=False)
sleep(1)
def run(self, script=None):
pprint.pprint(script)
pcap_in = os.path.join(script["__dir"], script["filename"])
print("Importing PCAP: %s" % pcap_in)
n_items_replaced = 0
packets_injected = 0
replace = None
ip_list = None
payload_list = None
try:
replace = script["replace"]
ip_list = replace["ip"]
payload_list = replace["payload"]
except:
pass # That means we have no definition to replace, we won't replace then
packets = rdpcap(pcap_in)
last_packet = None
seq = 0
for packet in packets:
if CookedLinux in packet:
packet = Ether() / packet.payload
try:
del packet[IP].chksum
del packet[TCP].chksum
del packet[UDP].chksum
except IndexError:
pass
# if packet.haslayer(TCP):
# packet[TCP].seq = seq
# if packet[TCP].flags == 18: # S|A
# print("we have SYN ACK")
# packet[TCP].ack = last_packet.seq
# if payload_list:
# payload_sizediff = 0
# for k, v in payload_list.items():
# if packet.haslayer(TCP):
# payload_before = len(packet[TCP].payload)
# packet[TCP].payload = str(packet[TCP].payload).replace(k, v)
# payload_sizediff += len(packet[TCP].payload) - payload_before
# print("Replaced %s by %s in TCP" % (k,v))
# if packet.haslayer(UDP):
# payload_before = len(packet[UDP].payload)
# packet[UDP].payload = str(packet[UDP].payload).replace(k, v)
# payload_sizediff += len(packet[UDP].payload) - payload_before
# print("Replaced %s by %s in UDP" % (k,v))
# packet[IP].len = packet[IP].len + payload_sizediff
if ip_list:
ip_to_replace = None
for k, v in ip_list.items():
ip_to_replace = k
ip = IP_y(v)
has_started = False
ipstart = ""
ipstop = ""
try:
ipstart = script["ipstart"]
except:
has_started = True
try:
ipstop = script["ipstop"]
except:
pass
has_stoped = False
for individual_ip in ip:
# print("We replace %s with %s" % (ip_to_replace, individual_ip))
if has_stoped:
break
if str(individual_ip).endswith(".0") or str(individual_ip).endswith(".255"):
continue
if not has_started:
if str(individual_ip) != ipstart:
continue
else:
has_started = True
if packet.haslayer(IP):
if packet[IP].src == ip_to_replace:
packet[IP].src = str(individual_ip)
n_items_replaced += 1
if packet[IP].dst == ip_to_replace:
packet[IP].dst = str(individual_ip)
n_items_replaced += 1
else:
print("No IP Layer")
if str(individual_ip) == ipstop:
has_stoped = True
self.plugins_data.pcap.append(packet)
packets_injected += 1
# seq += 1
last_packet = packet
else: # if ip_list
self.plugins_data.pcap.append(packet)
packets_injected += 1
print("%s replaced %d items" % ( self.name, n_items_replaced) )
print("Imported %d packets" % (packets_injected) )
return script["_next"], self.plugins_data
def main():
pathIDs = []
portpaths = []
info = psutil.net_if_addrs()
for cname in info.keys():
if cname!='lo':
hostname = cname.split('-')[0]
print hostname
#if len(sys.argv)<5:
# print 'pass 5 arguments: <destination> <num> <pathID> <path>'
# exit(1)
f = open("pinglist16-1.txt", "r")
line = f.readline()
while line:
line = line[0:-1]
paras = line.split(" ")
if hostname==paras[1].split(",")[0]:
#pathID = int(paras[0])
pathIDs.append(int(paras[0]))
#s = paras[2]
portpaths.append(paras[2])
line = f.readline()
addr = socket.gethostbyname("10.0.0.2")
num = 0
#pathID = int(sys.argv[3])
#s=sys.argv[4]
iface = get_if()
#print "sending on interface %s to %s" % (iface, str(addr))
pathnum = len(pathIDs)
begin_time = datetime.datetime.now()
probepkts = []
for j in range(pathnum):
pathID = pathIDs[j]
s = portpaths[j]
i=0
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
for p in s.split(","):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i+1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
pkt = pkt / IP(dst=addr, options = IPOption_MRI(count=0, pathid=pathID, swtraces=[])) / UDP(dport=4321, sport=1234)
probepkts.append(pkt)
#write_cap(probepkts)
packet_size = len(probepkts[0])
while num<pathnum*200:
#pathID = pathIDs[num%pathnum]
#s=portpaths[num%pathnum]
'''
i = 0
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
for p in s.split(","):
try:
pkt = pkt / SourceRoute(bos=0, port=int(p))
i = i+1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).bos = 1
pkt = pkt / IP(dst=addr, options = IPOption_MRI(count=0, pathid=pathID, swtraces=[])) / UDP(dport=4321, sport=1234)
#print len(pkt)
#pkt.show2()
'''
#pkt.show2()
sendp(probepkts[num%pathnum], iface=iface, verbose=False)
print(str(num)+"/"+str(pathnum*200))
num = num + 1
'''
def bpf_handler():
global current_connection
#arguments
interface = "eth0"
if len(argv) == 2:
if str(argv[1]) == '-h':
help()
else:
usage()
if len(argv) == 3:
if str(argv[1]) == '-i':
interface = argv[2]
else:
usage()
if len(argv) > 3:
usage()
success_text = open("./success", "rb").read()
print("binding socket to '%s'" % interface)
# initialize BPF - load source code from parse.c
bpf = BPF(src_file="parse.c", debug=0)
#load eBPF program filter of type SOCKET_FILTER into the kernel eBPF vm
#more info about eBPF program types
#http://man7.org/linux/man-pages/man2/bpf.2.html
logging.info('JIT eBPF Code')
function_filter = bpf.load_func("filter", BPF.SOCKET_FILTER)
#create raw socket, bind it to interface
#attach bpf program to socket created
logging.info('Creating Raw Socket')
BPF.attach_raw_socket(function_filter, interface)
#get file descriptor of the socket previously created inside BPF.attach_raw_socket
socket_fd = function_filter.sock
#create python socket object, from the file descriptor
sock = socket.fromfd(socket_fd, socket.PF_PACKET, socket.SOCK_RAW,
socket.IPPROTO_IP)
#set it as blocking socket
sock.setblocking(True)
while True:
#retrieve raw packet from socket
packet_str = os.read(socket_fd, 2048)
packet_bytearray = bytearray(packet_str)
# Parse RAW data using scapy.. super general and easy
c = Ether(packet_bytearray)
if c.haslayer(IP):
layer_ip = c.getlayer(IP)
logging.info('IP: {} said the magic word ;-)'.format(layer_ip.src))
if len(current_connection) > 0:
for con, addr in current_connection:
if (layer_ip.src, layer_ip.sport) == addr:
con.send(success_text)
logging.info('Sending success text now to: {}'.format(
layer_ip.src))
