def __init__(self):
"""
Creates a new instance of the DDoS attack.
"""
# Initialize attack
super(DDoSAttack,
self).__init__("DDoS Attack", "Injects a DDoS attack'",
"Resource Exhaustion")
self.total_pkt_num = 0
self.default_port = 0
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.PORT_SOURCE, Port()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.NUMBER_ATTACKERS, IntegerPositive()),
Parameter(self.ATTACK_DURATION, IntegerPositive()),
Parameter(self.VICTIM_BUFFER, IntegerPositive()),
Parameter(self.LATENCY_MAX, Float())
])
def __init__(self):
"""
Creates a new instance of the SMBScanAttack.
This Attack injects TCP Syn Requests to the port 445 of several ips and related response into the output
pcap file.
If port 445 is open, it will simulate and inject the SMB Protocol Negotiation too.
"""
# Initialize attack
super(SMBScanAttack,
self).__init__("SMBScan Attack", "Injects an SMB scan",
"Scanning/Probing")
self.host_os = Util.get_rnd_os()
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.TARGET_COUNT, IntegerPositive()),
Parameter(self.HOSTING_PERCENTAGE, Percentage()),
Parameter(self.PORT_SOURCE, Port()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE_RANDOMIZE, Boolean()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.PORT_SOURCE_RANDOMIZE, Boolean()),
Parameter(self.HOSTING_IP, IPAddress()),
Parameter(self.HOSTING_VERSION, String()),
Parameter(self.SOURCE_PLATFORM, SpecificString(Util.platforms)),
Parameter(self.PROTOCOL_VERSION, String())
])
def __init__(self):
"""
Creates a new instance of the PortscanAttack.
This attack injects TCP Syn-requests and respective responses into the output pcap file.
"""
# Initialize attack
super(PortscanAttack, self).__init__("Portscan Attack",
"Injects a nmap 'regular scan'",
"Scanning/Probing")
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.PORT_SOURCE, Port()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.PORT_OPEN, Port()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.PORT_DEST_SHUFFLE, Boolean()),
Parameter(self.PORT_DEST_ORDER_DESC, Boolean()),
Parameter(self.IP_SOURCE_RANDOMIZE, Boolean()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.PORT_SOURCE_RANDOMIZE, Boolean())
])
def __init__(self):
"""
Creates a new instance of the "Memcrashed" Memcached amplification attack.
"""
# Initialize attack
super(MemcrashedSpooferAttack, self).__init__("Memcrashed Attack (Spoofer side)",
"Injects the spoofer-side of a Memcached amplification attack",
"Resource Exhaustion")
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.ATTACK_DURATION, IntegerPositive()),
Parameter(self.IP_VICTIM, IPAddress()),
Parameter(self.ATTACK_DURATION, IntegerPositive())
])
def __init__(self):
"""
Creates a new instance of the SQLi Attack.
"""
# Initialize attack
super(SQLiAttack, self).__init__("SQLi Attack", "Injects a SQLi attack'",
"Privilege elevation")
self.pkt_num = 0
self.path_attack_pcap = None
# Define allowed parameters and their type
self.update_params([
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.TARGET_HOST, Domain()),
Parameter(self.PACKETS_PER_SECOND, Float())
])
def __init__(self):
"""
Creates a new instance of the FTPExploit.
This attack injects a buffer overflow for the WinaXe FTP-client into the output pcap file.
"""
# Initialize attack
super(FTPWinaXeExploit,
self).__init__("FTPWinaXe Exploit",
"Injects a WinaXe 7.7 FTP buffer overflow.",
"Privilege elevation")
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.IP_SOURCE_RANDOMIZE, Boolean()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.CUSTOM_PAYLOAD, String()),
Parameter(self.CUSTOM_PAYLOAD_FILE, FilePath())
])
def __init__(self):
"""
Creates a new instance of the SMBLorisAttack.
This attack injects special SMB-packets, which exploit the SMBLoris DoS vulnerability, into the output pcap
file.
"""
# Initialize attack
super(SMBLorisAttack,
self).__init__("SMBLoris Attack",
"Injects an SMBLoris (D)DoS Attack",
"Resource Exhaustion")
# Define allowed parameters and their type
self.update_params([
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.PACKETS_PER_SECOND, Float()),
Parameter(self.ATTACK_DURATION, IntegerPositive()),
Parameter(self.NUMBER_ATTACKERS, IntegerPositive()),
])
def __init__(self):
"""
Creates a new instance of the EternalBlue Exploit.
"""
# Initialize attack
super(MS17ScanAttack,
self).__init__("MS17ScanAttack", "Injects a MS17 scan'",
"Scanning/Probing")
self.pkt_num = 0
self.path_attack_pcap = None
# Define allowed parameters and their type
self.update_params([
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.PORT_SOURCE, Port()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.PACKETS_PER_SECOND, Float())
])
def __init__(self):
"""
Creates a new instance of the EternalBlue Exploit.
"""
# Initialize attack
super(EternalBlueExploit,
self).__init__("EternalBlue Exploit",
"Injects an EternalBlue exploit'",
"Privilege elevation")
self.pkt_num = 0
self.path_attack_pcap = None
# Define allowed parameters and their type
self.update_params([
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.PORT_SOURCE, Port()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.PACKETS_PER_SECOND, Float())
])
def __init__(self):
"""
Creates a new instance of the Joomla Registeration Privileges Escalation Exploit.
"""
# Initialize attack
super(JoomlaRegPrivExploit,
self).__init__("JoomlaRegPrivesc Exploit",
"Injects an JoomlaRegPrivesc exploit'",
"Privilege elevation")
self.pkt_num = 0
self.path_attack_pcap = None
# Define allowed parameters and their type
self.update_params([
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.MAC_DESTINATION, MACAddress()),
Parameter(self.IP_DESTINATION, IPAddress()),
Parameter(self.PORT_DESTINATION, Port()),
Parameter(self.TARGET_HOST, Domain()),
Parameter(self.PACKETS_PER_SECOND, Float())
])
def __init__(self):
"""
Creates a new instance of the Sality botnet.
"""
# Initialize attack
super(SalityBotnet,
self).__init__("Sality Botnet", "Injects an Sality botnet'",
"Botnet")
self.pkt_num = 0
self.path_attack_pcap = None
# Define allowed parameters and their type
self.update_params([
Parameter(self.MAC_SOURCE, MACAddress()),
Parameter(self.IP_SOURCE, IPAddress()),
Parameter(self.PACKETS_PER_SECOND, Float())
])
def test_generate_random_mac_address(self):
mac_list = BAtk.BaseAttack.generate_random_mac_address(10)
for mac in mac_list:
with self.subTest(mac=mac):
self.assertTrue(MACAddress._is_mac_address(mac))
def test_is_mac_address_minus_valid(self):
self.assertTrue(MACAddress._is_mac_address("00-80-41-ae-fd-7e"))
def test_is_mac_address_minus_invalid(self):
self.assertFalse(MACAddress._is_mac_address("00-80-41-aec-fd-7e"))
def test_is_mac_address_empty(self):
self.assertFalse(MACAddress._is_mac_address(""))
def test_is_mac_address_list_valid(self):
self.assertTrue(
MACAddress._is_mac_address(
["00:80:41:ae:fd:7e", "00-80-41-ae-fd-7e"]))
def test_is_mac_address_invalid(self):
self.assertFalse(MACAddress._is_mac_address("00:80:41:aec:fd:7e"))
def test_is_mac_address_valid(self):
self.assertTrue(MACAddress._is_mac_address("00:80:41:ae:fd:7e"))
def test_is_mac_address_list_invalid(self):
self.assertFalse(
MACAddress._is_mac_address(
["00:80:41:aec:fd:7e", "00-80-41-aec-fd-7e"]))