def __init__(self, suggested_mtu):
if not os.path.exists('./injectors/LSB/libLSB.so.1'):
print '[ERR] LibLSB.so.1 not found, trying to compile as shared library'
os.system('gcc -c ./injectors/LSB/LSB.c -o ./injectors/LSB/LSB.o && gcc -shared -Wl -o ./injectors/LSB/libLSB.so.1 ./injectors/LSB/LSB.o')
print '[INJ] compiled libLSB.so.1'
if os.path.exists('./injectors/LSB/libLSB.so.1'):
self.lsb_dll = CDLL("./injectors/LSB/libLSB.so.1")
else:
print '[ERR] File ./injectors/LSB/libLSB.so.1 not found.'
self.bit_per_byte = int(conf.get('lsb','modified_bit_per_byte'))
self.len_tunmtu = int(conf.get('lsb', 'lsb_tun_mtu'))
# # Min size of medium packets
# self.len_pktmtu = 848/self.bit_per_byte
#
# # Max size of message
# self.len_tunmtu = (self.len_pktmtu)/(8/self.bit_per_byte) - self.len_stegoheader - 4
#
# # Mas size of message with header
# self.len_tunmtu_w_header = (self.len_pktmtu)/(8/self.bit_per_byte)
self.pendingtunpkt=''
self.__initializeStegoPositions(1500)
injector.__init__(self, suggested_mtu)
def __init__(self, sessionkey, tun_mtu):
self.len_tunmtu = tun_mtu
self.len_tunmtu_eth = tun_mtu + 4 # Ethernet
self.bufferToInject = []
self.tun_fd = os.open("/dev/net/tun", os.O_RDWR)
ifs = ioctl(self.tun_fd, TUNSETIFF,
struct.pack("16sH", "stego%d", TUNMODE))
self.ifname = ifs[:16].strip("\x00")
self.tun_ip = conf.get('global', 'tun_ip')
self.tun_netmask = conf.get('global', 'tun_netmask')
ifcommand = [
'/sbin/ifconfig', self.ifname, 'up', self.tun_ip, 'netmask',
self.tun_netmask, 'mtu',
str(self.len_tunmtu)
]
os.system(' '.join(ifcommand))
print '[TUN] Started Interface ' + ' '.join(ifcommand[1:])
thread.start_new_thread(self.tunListener, (None, ))
self.keep_running = True
self.is_stopped = False
def __init__(self, suggested_mtu):
if not os.path.exists('./injectors/LSB/libLSB.so.1'):
print '[ERR] LibLSB.so.1 not found, trying to compile as shared library'
os.system(
'gcc -c ./injectors/LSB/LSB.c -o ./injectors/LSB/LSB.o && gcc -shared -Wl -o ./injectors/LSB/libLSB.so.1 ./injectors/LSB/LSB.o'
)
print '[INJ] compiled libLSB.so.1'
if os.path.exists('./injectors/LSB/libLSB.so.1'):
self.lsb_dll = CDLL("./injectors/LSB/libLSB.so.1")
else:
print '[ERR] File ./injectors/LSB/libLSB.so.1 not found.'
self.bit_per_byte = int(conf.get('lsb', 'modified_bit_per_byte'))
self.len_tunmtu = int(conf.get('lsb', 'lsb_tun_mtu'))
# # Min size of medium packets
# self.len_pktmtu = 848/self.bit_per_byte
#
# # Max size of message
# self.len_tunmtu = (self.len_pktmtu)/(8/self.bit_per_byte) - self.len_stegoheader - 4
#
# # Mas size of message with header
# self.len_tunmtu_w_header = (self.len_pktmtu)/(8/self.bit_per_byte)
self.pendingtunpkt = ''
self.__initializeStegoPositions(1500)
injector.__init__(self, suggested_mtu)
def __init__(self, suggested_mtu):
self.len_tunmtu = int(conf.get('raw', 'raw_tun_mtu'))
self.keep_original_payload_size = conf.get('raw', 'keep_pkt_size')
self.pendingtunpkt = ''
injector.__init__(self, suggested_mtu)
def __init__(self, suggested_mtu):
self.len_tunmtu = int(conf.get('raw', 'raw_tun_mtu'))
self.keep_original_payload_size = conf.get('raw', 'keep_pkt_size')
self.pendingtunpkt = ''
injector.__init__(self, suggested_mtu)
def __init__(self, index, ports=[]):
self.connections = rtp_sessions()
self.first_payload = False
self.injector_name = conf.get('global', 'injector')
dissector.__init__(self, index, ports)
def __init__(self,index,ports=[]):
self.connections = rtp_sessions()
self.first_payload = False
self.injector_name=conf.get('global','injector')
dissector.__init__(self,index,ports)
def __init__(self, suggested_mtu):
self.key=conf.get('global','secret')
self.len_pktmtu_suggested=suggested_mtu
self.minikeyhash=hashlib.md5(self.key).digest()[:4]
print '[INJ] Tunnel MTU: %i, stegosip header: %i, cover-paket payload MTU: %i' % (self.len_tunmtu, self.len_stegoheader, self._getCoverLenghtFromMsgLength(self.len_tunmtu))
self.tun = tunnel.Tunnel(self.key, self.len_tunmtu)
def __init__(self, suggested_mtu):
self.len_tunmtu = int(conf.get('raw', 'raw_tun_mtu'))
self.lasttimestamp = -1
self.rate = int(conf.get('lack', 'pkt_rate'))
if self.rate <= 0:
self.rate = 1
self.delay = float(conf.get('lack', 'delay'))
self.delay_usec = self.delay / 1000000
self.pendingtunpkt = ''
injector.__init__(self, suggested_mtu)
self.prime = getPrimes(1, ord(self.minikeyhash[0]))[-1]
if self.rate % self.prime == 0:
print '[ERR] Error initializing linear congruential generator:'
print 'rate %i is divisible by prime number %i. Change rate or secret.'
def __init__(self, suggested_mtu):
self.key = conf.get('global', 'secret')
self.len_pktmtu_suggested = suggested_mtu
self.minikeyhash = hashlib.md5(self.key).digest()[:4]
print '[INJ] Tunnel MTU: %i, stegosip header: %i, cover-paket payload MTU: %i' % (
self.len_tunmtu, self.len_stegoheader,
self._getCoverLenghtFromMsgLength(self.len_tunmtu))
self.tun = tunnel.Tunnel(self.key, self.len_tunmtu)
def _iptablesHandler(self, ports, delete=False):
if delete:
delstr = '-D'
else:
delstr = '-I'
local_ip = conf.get('global', 'default_iface_ip')
if local_ip:
loc_ipstr_src = '-s ' + local_ip
loc_ipstr_dst = '-d ' + local_ip
else:
loc_ipstr_src = ''
loc_ipstr_dst = ''
if len(ports) == 2:
os.system('iptables ' + delstr + ' INPUT ' + loc_ipstr_dst +
' -j NFQUEUE -p ' + self.protocol + ' --sport ' +
str(ports[1]) + ' --dport ' + str(ports[0]))
os.system('iptables -t mangle ' + delstr + ' INPUT ' +
loc_ipstr_dst + ' -j MARK --set-mark ' +
str(self.incoming) + ' -p ' + self.protocol +
' --sport ' + str(ports[1]) + ' --dport ' +
str(ports[0]))
os.system('iptables ' + delstr + ' OUTPUT ' + loc_ipstr_src +
' -j NFQUEUE -p ' + self.protocol + ' --sport ' +
str(ports[0]) + ' --dport ' + str(ports[1]))
os.system('iptables -t mangle ' + delstr + ' OUTPUT ' +
loc_ipstr_src + ' -j MARK --set-mark ' +
str(self.outgoing) + ' -p ' + self.protocol +
' --sport ' + str(ports[0]) + ' --dport ' +
str(ports[1]))
elif len(ports) == 1:
os.system('iptables ' + delstr + ' INPUT ' + loc_ipstr_dst +
' -j NFQUEUE -p ' + self.protocol + ' --dport ' +
str(ports[0]))
os.system('iptables -t mangle ' + delstr + ' INPUT ' +
loc_ipstr_dst + ' -j MARK --set-mark ' +
str(self.incoming) + ' -p ' + self.protocol +
' --dport ' + str(ports[0]))
os.system('iptables ' + delstr + ' OUTPUT ' + loc_ipstr_src +
' -j NFQUEUE -p ' + self.protocol + ' --sport ' +
str(ports[0]))
os.system('iptables -t mangle ' + delstr + ' OUTPUT ' +
loc_ipstr_src + ' -j MARK --set-mark ' +
str(self.outgoing) + ' -p ' + self.protocol +
' --sport ' + str(ports[0]))
def __init__(self, suggested_mtu):
self.len_tunmtu = int(conf.get('raw', 'raw_tun_mtu'))
self.lasttimestamp = -1
self.rate = int(conf.get('lack','pkt_rate'))
if self.rate <= 0:
self.rate = 1
self.delay = float(conf.get('lack', 'delay'))
self.delay_usec = self.delay/1000000
self.pendingtunpkt = ''
injector.__init__(self, suggested_mtu)
self.prime = getPrimes(1, ord(self.minikeyhash[0]))[-1]
if self.rate % self.prime == 0:
print '[ERR] Error initializing linear congruential generator:'
print 'rate %i is divisible by prime number %i. Change rate or secret.'
def __init__(self, sessionkey, tun_mtu):
self.len_tunmtu = tun_mtu
self.len_tunmtu_eth = tun_mtu + 4 # Ethernet
self.bufferToInject = []
self.tun_fd = os.open("/dev/net/tun", os.O_RDWR)
ifs = ioctl(self.tun_fd, TUNSETIFF, struct.pack("16sH", "stego%d", TUNMODE))
self.ifname = ifs[:16].strip("\x00")
self.tun_ip = conf.get('global', 'tun_ip')
self.tun_netmask = conf.get('global', 'tun_netmask')
ifcommand = ['/sbin/ifconfig', self.ifname, 'up', self.tun_ip, 'netmask', self.tun_netmask, 'mtu', str(self.len_tunmtu)]
os.system(' '.join(ifcommand))
print '[TUN] Started Interface ' + ' '.join(ifcommand[1:])
thread.start_new_thread(self.tunListener, (None,))
self.keep_running = True
self.is_stopped = False
def get_SDP_port(sdps):
"""
It should match the common media ports between local and remote
"""
video = int(conf.get('sdp','prefer_video'))
if video:
if sdps.local.video_port and sdps.local.video_port[0] and sdps.remote.video_port and sdps.remote.video_port[0]:
return sdps.local.video_port[0], sdps.remote.video_port[0]
if sdps.local.audio_port and sdps.local.audio_port[0] and sdps.local.audio_port and sdps.local.audio_port[0]:
if video:
print '[ERR] Video port not availables, fallback to audio ports'
return sdps.local.audio_port[0], sdps.remote.audio_port[0]
return None, None
def get_SDP_port(sdps):
"""
It should match the common media ports between local and remote
"""
video = int(conf.get('sdp', 'prefer_video'))
if video:
if sdps.local.video_port and sdps.local.video_port[
0] and sdps.remote.video_port and sdps.remote.video_port[0]:
return sdps.local.video_port[0], sdps.remote.video_port[0]
if sdps.local.audio_port and sdps.local.audio_port[
0] and sdps.local.audio_port and sdps.local.audio_port[0]:
if video:
print '[ERR] Video port not availables, fallback to audio ports'
return sdps.local.audio_port[0], sdps.remote.audio_port[0]
return None, None
import asyncore, sys, os
import core.nf_pkt_dispatcher
import core.dissector_dict
from core.options import conf, debug
from optparse import OptionParser
if __name__ == '__main__':
if os.getuid()!=0:
print '[ERR] Retry as root.'
sys.exit(1)
proto = conf.get('global', 'protocol')
if not proto:
print '[ERR] Parameter in stegosip.conf \'protocol\' is mandatory.'
sys.exit(1)
try:
core.dissector_dict.dissd.loadDissectorsInstances([proto,])
try:
core.nf_pkt_dispatcher.nf_pkt_dispatcher()
except Exception, e:
print '[ERR] Error loading netfilter queue. Have you loaded the kernel module? Try running \'modprobe nfnetlink_queue\'.'
raise
asyncore.loop()
def _iptablesHandler(self, ports, delete=False):
if delete:
delstr = "-D"
else:
delstr = "-I"
local_ip = conf.get("global", "default_iface_ip")
if local_ip:
loc_ipstr_src = "-s " + local_ip
loc_ipstr_dst = "-d " + local_ip
else:
loc_ipstr_src = ""
loc_ipstr_dst = ""
if len(ports) == 2:
os.system(
"iptables "
+ delstr
+ " INPUT "
+ loc_ipstr_dst
+ " -j NFQUEUE -p "
+ self.protocol
+ " --sport "
+ str(ports[1])
+ " --dport "
+ str(ports[0])
)
os.system(
"iptables -t mangle "
+ delstr
+ " INPUT "
+ loc_ipstr_dst
+ " -j MARK --set-mark "
+ str(self.incoming)
+ " -p "
+ self.protocol
+ " --sport "
+ str(ports[1])
+ " --dport "
+ str(ports[0])
)
os.system(
"iptables "
+ delstr
+ " OUTPUT "
+ loc_ipstr_src
+ " -j NFQUEUE -p "
+ self.protocol
+ " --sport "
+ str(ports[0])
+ " --dport "
+ str(ports[1])
)
os.system(
"iptables -t mangle "
+ delstr
+ " OUTPUT "
+ loc_ipstr_src
+ " -j MARK --set-mark "
+ str(self.outgoing)
+ " -p "
+ self.protocol
+ " --sport "
+ str(ports[0])
+ " --dport "
+ str(ports[1])
)
elif len(ports) == 1:
os.system(
"iptables "
+ delstr
+ " INPUT "
+ loc_ipstr_dst
+ " -j NFQUEUE -p "
+ self.protocol
+ " --dport "
+ str(ports[0])
)
os.system(
"iptables -t mangle "
+ delstr
+ " INPUT "
+ loc_ipstr_dst
+ " -j MARK --set-mark "
+ str(self.incoming)
+ " -p "
+ self.protocol
+ " --dport "
+ str(ports[0])
)
os.system(
"iptables "
+ delstr
+ " OUTPUT "
+ loc_ipstr_src
+ " -j NFQUEUE -p "
+ self.protocol
+ " --sport "
+ str(ports[0])
)
os.system(
"iptables -t mangle "
+ delstr
+ " OUTPUT "
+ loc_ipstr_src
+ " -j MARK --set-mark "
+ str(self.outgoing)
+ " -p "
+ self.protocol
+ " --sport "
+ str(ports[0])
)
