def mutate(self, packets): result = [] numseg = self.numseg position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets #if numseg >= len(packets): # return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) forged.flags = 0 if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) else: packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets):
numseg = self.numseg
position = self.position
# Not enough segments, Syn or Ack, return
if (
utils.check_length(numseg, packets)
or utils.check_syn(packets[numseg - 1])
or utils.check_ack(packets[numseg - 1])
):
return packets
forged = packets[numseg - 1].copy()
forged = utils.tcp_bad_payload(forged)
# calculate and modify chksum
forged.chksum = scapy.checksum(forged) + 1
"""il frammento manipolato dovrebbe essere preso per buono da
snort -k notcp ma scartato da host vittima. """
# insert forged segment
if position == "after":
packets.insert(numseg, forged)
elif position == "before":
packets.insert(numseg - 1, forged)
# last position is for original packet, not the forged one!!!!
elif position == "last":
packets.append(packets[numseg - 1])
del (packets[numseg - 1])
packets.insert(numseg - 1, forged)
return packets
def mutate(self, packets): numseg = self.numseg thl = self.thl position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) #modify data offset in tcp field forged.dataofs = thl #insert forged segment if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) elif position == "last": packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets): numseg = self.numseg #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets packets.insert(numseg+1, packets[numseg-1]) del(packets[numseg-1]) return packets
def mutate(self, packets): result = [] size = self.size #if SYN or ACK do nothing if len(packets)>0: if ( utils.check_syn(packets[0].payload) or utils.check_ack(packets[0].payload) ): return packets for p in packets: result.extend(ip.fragment(p,size)) return result
def mutate(self, packets): numseg = self.numseg pos = self.pos #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets if pos >= len(packets): packets.append(packets[numseg-1]) return packets packets.insert(pos-1, packets[numseg-1]) return packets
def mutate(self, packets):
numseg = self.numseg
timer = self.timer
# Not enough segments, Syn or Ack, return
if (
utils.check_length(numseg, packets)
or utils.check_syn(packets[numseg - 1])
or utils.check_ack(packets[numseg - 1])
):
return packets
packets[numseg - 1].timeout = timer
return packets
def mutate(self, packets): result = [] numseg = self.numseg timer = self.timer #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD) forged.flags = 'R' #calculate and modify chksum forged.chksum = scapy.checksum(forged)+1 packets.insert(numseg-1, forged) packets[numseg].timeout = timer return packets
def mutate(self, packets): numseg = self.numseg timer = self.timer offset = self.offset #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD) forged.flags = 'R' #seq. number forged.seq += offset packets.insert(numseg-1, forged) packets[numseg].timeout = timer return packets
def mutate(self, packets): #no fragments, syn or ack if len(packets) < 2 or utils.check_syn(packets[0].payload) or utils.check_ack(packets[0].payload): return packets forged = packets[0].copy() forged = utils.ip_bad_payload(forged) #ip options with bad option length forged.options = self.option+self.data #insert packet first pos packets.insert (0,forged) #move original fragment last pos packets.append (packets[1]) del(packets[1]) return packets
def mutate(self, packets):
numseg = self.numseg
position = self.position
option = self.opt
#Not enough segments, Syn or Ack, return
if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
return packets
if option == "mss":
forged=scapy.TCP(options=[("MSS",144)])/packets[numseg-1].load
elif option == "timestamp":
forged=scapy.TCP(options=[("Timestamp",(0,-1))])/packets[numseg-1].load
elif option == "wscale":
forged=scapy.TCP(options=[("WScale", 10)])/packets[numseg-1].load
elif option == "sackok":
forged=scapy.TCP(options=[("SAckOK", 1)])/packets[numseg-1].load
forged.sport = packets[numseg-1].sport
forged.dport = packets[numseg-1].dport
forged.seq = packets[numseg-1].seq
forged.ack = packets[numseg-1].ack
forged.dataofs = packets[numseg-1].dataofs
forged.reserverd = packets[numseg-1].reserved
forged.flags = packets[numseg-1].flags
if option =="timestamp":
#disable ACK flag
forged.flags = 0
forged.window = packets[numseg-1].window
forged.urgptr = packets[numseg-1].urgptr
'''nell elenco in __init__.py, mettere TCPBadOption prima di TCPFakeReset
per non rischiare che operatore precedente abbia cancellato il payload'''
forged = utils.tcp_bad_payload(forged)
if position == "after":
packets.insert(numseg, forged)
elif position == "before":
packets.insert(numseg-1, forged)
else:
packets.append(packets[numseg-1])
del(packets[numseg-1])
packets.insert(numseg-1, forged)
return packets
def mutate(self, packets): numseg = self.numseg position = self.position #Not enough segments, Syn or Ack, return if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) if position == "after": #forged after original packets.insert(numseg, forged) else: #forged one before original packets.insert(numseg-1, forged) return packets
def mutate(self, packets): numseg = self.numseg position = self.position flags_ = self.flags #do nothing if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]): return packets forged = packets[numseg-1].copy() forged = utils.tcp_bad_payload(forged) forged.flags = flags_ if position == "after": packets.insert(numseg, forged) elif position == "before": packets.insert(numseg-1, forged) else: packets.append(packets[numseg-1]) del(packets[numseg-1]) packets.insert(numseg-1, forged) return packets
def mutate(self, packets): result = [] seq_offset = self.seq_offset #if real SYN or ACK do nothing if utils.check_syn(packets[0]) or utils.check_ack(packets[0]): return packets if len(packets) < 2: return packets for i in range(0,len(packets)): forged = scapy.TCP() forged.seq = packets[0].seq+i*seq_offset forged.sport = packets[0].sport forged.dport = packets[0].dport forged.flags = "S" forged.window = packets[0].window #forged.urgptr = packets[i].urgptr result.append(packets[i]) result.append(forged) return result
def mutate(self, packets): numfrag = self.numfrag ihl = self.ihl #Not enough fragments, Syn or Ack, return if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload): return packets forged = packets[numfrag-1].copy() forged = utils.ip_bad_payload(forged) #modify total length forged.ihl = ihl #insert fragment first pos packets.insert(0,forged) #move original fragment last pos packets.append(packets[numfrag]) del(packets[numfrag]) return packets
def mutate(self, packets): BADMAC = self.BADMAC timer = self.timer numframe = self.numframe #if packet is fragmented,SYN or ACK do nothing if utils.check_length(numframe, packets) or utils.check_syn(packets[numframe-1].payload.payload) or utils.check_ack(packets[numframe-1].payload.payload) or utils.check_fragmentation(packets[numframe-1].payload): return packets #create fake RST forged = packets[numframe-1].copy() forged.payload.payload = utils.tcp_bad_payload(forged.payload.payload, utils.NOPAYLOAD) forged.dst=BADMAC #set reset flag forged.payload.payload.flags = 'R' #insert fake RST packets.insert(numframe-1, forged) #append original packets.append(packets[numframe]) del(packets[numframe]) #create fake SYN forged_syn = packets[numframe-1].copy() forged_syn.dst=BADMAC forged_syn.timeout = timer forged_syn.payload.payload.flags = 'S' forged_syn.payload.payload.seq += 103245 forged_syn.payload.payload.ack = 0 #insert fake SYN packets.insert(numframe, forged_syn) #create fake SYN/ACK forged_synack = packets[numframe-1].copy() forged_synack.dst=BADMAC forged_synack.payload.payload.sport = packets[numframe].payload.payload.dport forged_synack.payload.payload.dport = packets[numframe].payload.payload.sport forged_synack.payload.payload.flags = 'SA' forged_synack.payload.payload.seq += 207654 forged_synack.payload.payload.ack = packets[numframe].payload.payload.seq + 1 forged_synack.payload.dst = packets[numframe].payload.src forged_synack.payload.src = packets[numframe].payload.dst #insert fake SYN/ACK packets.insert(numframe+1, forged_synack) #create fake ACK forged_ack = packets[numframe-1].copy() forged_ack.dst=BADMAC forged_ack.payload.payload.flags = 'A' forged_ack.payload.payload.seq = packets[numframe+1].payload.payload.ack forged_ack.payload.payload.ack = packets[numframe+1].payload.payload.seq + 1 #insert fake SYN/ACK packets.insert(numframe+2, forged_ack) #delete reset del(packets[numframe-1]) return packets
def mutate(self, packets): numfrag = self.numfrag if len(packets) == 1: return packets #Not enough fragments, Syn or Ack, return if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload): return packets frag_out = packets[numfrag-1] del(packets[numfrag-1]) packets.insert(numfrag,frag_out) return packets
def mutate(self, packets): numfrag = self.numfrag #Not enough fragments, Syn or Ack, return if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload): return packets forged = packets[numfrag-1].copy() forged = utils.ip_bad_payload(forged) #calculate and modify chksum forged.chksum = ip.scapy.checksum(forged)+1 ''' forged packet will be accepted by snort only if using -k noip option ''' #insert fragment first pos packets.insert(0,forged) #move original fragment last pos packets.append(packets[numfrag]) del(packets[numfrag]) return packets
def mutate(self, packets): numfrag = self.numfrag #if not enough packets, syn or ack return if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload): return packets forged = packets[numfrag-1].copy() forged = utils.ip_bad_payload(forged) #change IP version forged.version = 8 #insert forged packets.insert (0 ,forged) #append original packets.append(packets[numfrag]) del(packets[numfrag]) return packets
def mutate(self, packets): numfrag = self.numfrag #Not enough elements, Syn or Ack return if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload): return packets #set self.TTL for each packet for i,f in enumerate(packets): packets[i].ttl=self.TTL #create forged forged = packets[numfrag-1].copy() forged = utils.ip_bad_payload(forged) #set short TTL forged.ttl=self.shortTTL packets.insert(numfrag-1, forged) #append numfrag packets.append(packets[numfrag]) del(packets[numfrag]) return packets
def mutate(self, packets): numframe = self.numframe BADMAC = self.BADMAC if utils.check_length(numframe, packets) or utils.check_syn(packets[numframe-1].payload.payload) or utils.check_ack(packets[numframe-1].payload.payload): return packets forged = packets[numframe-1].copy() forged.payload = utils.ip_bad_payload(forged.payload) forged.dst=BADMAC #insert forged frame packets.insert(0, forged) #append original packets.append(packets[numframe]) del(packets[numframe]) return packets
def mutate(self, packets): result = [] #Not enough segments, Syn or Ack, return if utils.check_length(self.numseg, packets) or utils.check_syn(packets[self.numseg-1]) or utils.check_ack(packets[self.numseg-1]): return packets count = 0 for p in packets: if count == self.numseg: p.flags = 0 result.append(p) count +=1 return result