def build_query(self, conf): """Method used to build the packet to send :conf: the namespace configuration :returns: packet to send """ pkt = Ether(src=conf['mac_local'], dst=ETHER_BROADCAST) pkt /= ARP(op=1, pdst=conf['ip_nh']) return pkt.__class__(str(pkt))
def build_query(self, conf): """Method used to build the packet to send :conf: the namespace configuration :returns: packet built """ pkt = Ether(src=conf['mac_local'], dst=conf['mac_nh']) pkt /= self._payload # Force building the packet return pkt.__class__(str(pkt))
def build_query(self, conf): """Method used to build the packet to send :conf: the namespace configuration :returns: packet to send """ pkt = Ether(src=conf['mac_local'], dst=conf['mac_nh']) pkt /= IP(src=conf['ip_priv'], dst=conf['ip_rmt'], id=RandShort()) pkt /= ICMP(id=RandShort(), seq=1) pkt /= self._payload return fragment(pkt.__class__(str(pkt)))
def build_query(self, conf): """Method used to build a serie of fragment of a huge UDP packet. :conf: the namespace configuration :returns: packet to send """ payload = self._payload pkt = Ether(src=conf['mac_local'], dst=conf['mac_nh']) pkt /= IP(src=conf['ip_priv'], dst=conf['ip_rmt'], id=RandShort()) pkt /= UDP(sport=RandShort(), dport=RandShort()) pkt /= payload return fragment(pkt.__class__(str(pkt)))
def build_query(self, conf): """Method used to build the UDP packet to send. TCP test need to validate any kind of TCP packet so let's use TCP SYN :conf: the namespace configuration :returns: packet to send """ pkt = Ether(src=conf['mac_local'], dst=conf['mac_nh']) pkt /= IP(src=conf['ip_priv'], dst=conf['ip_rmt'], id=RandShort()) pkt /= UDP(sport=RandShort(), dport=RandShort()) pkt /= self._payload return pkt.__class__(str(pkt))
def build_query(self, conf): """Method used to build the UDP packet to send. :conf: the namespace configuration :returns: packet to send """ pkt = Ether(src=conf['mac_local'], dst=conf['mac_nh']) pkt /= IP(src=conf['ip_priv'], dst=conf['ip_rmt'], id=RandShort(), flags=2) pkt /= UDP(sport=RandShort(), dport=RandShort(), chksum=0) pkt /= self._payload return pkt.__class__(str(pkt))
def find_tunneled_layer(tunnel_packet: scapy.layers.l2.Ether, protocol: str): """ Locate tunneled protocol layer in packet capture. Args: tunnel_packet (scapy.layers.l2.Ether): the PDU to search protocol (str): the tunneled protocol to search for Returns: offset (int): the byte offset of the tunneled protocol in data field of 'packet' """ offset = 0 while True: data = tunnel_packet[Raw].load[offset:] if len(data) < 20: offset = -1 break chksum1 = tunnel_packet[Raw].load[offset + 10:offset + 12] chksum1 = int.from_bytes(chksum1, "big") temp_packet = Ether() / IP() temp_packet[IP].chksum = None # try: temp_packet = Ether(dst=tunnel_packet[Ether].dst, src=tunnel_packet[Ether].src, type=tunnel_packet[Ether].type)/IP(data) # except: # print("Struct error handled") del temp_packet[IP].chksum temp_packet = temp_packet.__class__(bytes(temp_packet)) chksum2 = temp_packet[IP].chksum if offset >= len(data): offset = -1 break if chksum1 == chksum2: break offset += 1 return offset
def open_logfile(logfile, victim_info, attacker_info, r_victim_info, r_attacker_info, interface, timing_type, s_switch=None): print('Opening "{}"'.format(logfile)) # before reading through packets we must get some info about the file header fp = open(logfile, 'rb') magic_number = fp.read(4).hex() major_version = int.from_bytes(fp.read(2), byteorder="little") minor_version = int.from_bytes(fp.read(2), byteorder="little") time_zone_offset = int.from_bytes(fp.read(4), byteorder="little") time_stamp_acc = int.from_bytes(fp.read(4), byteorder="little") snapshot_len = int.from_bytes(fp.read(4), byteorder="little") link_layer_type = int.from_bytes(fp.read(4), byteorder="little") fp.close() print('PCAP Magic') print('Version major number = {}'.format(major_version)) print('Version minor number = {}'.format(minor_version)) print('GMT to local correction = {}'.format(time_zone_offset)) print('Timestamp accuracy = {}'.format(time_stamp_acc)) print('Snaplen = {}'.format(snapshot_len)) print('Linktype = {}\n'.format(link_layer_type)) # list of common internet protocol numbers we will use ip_proto_list = {"ICMP": 1, "IGMP": 2, "TCP": 6, "UDP": 17} frame_num = 0 relative_start_time = 0 flagged_packets = 0 sent_packets = 0 new_seq = 0 new_ack = 0 amount_recv = 0 set_flag = None # open file for reading packets for ( pkt_data, pkt_metadata, ) in RawPcapReader(logfile): # getting packet info and timestamp pkt_num = frame_num pkt_time_sec = pkt_metadata[0] pkt_time_usec = pkt_metadata[1] local_time = time.asctime(time.localtime(pkt_time_sec)) pkt_actual_len = pkt_metadata[2] pkt_caplen = pkt_metadata[3] total_time = pkt_time_sec + (pkt_time_usec / 100000) if pkt_num == 0: relative_start_time = total_time pkt_relative_time = 0000.000000 else: pkt_relative_time = total_time - relative_start_time # ethernet header info acquired ether_pkt = Ether(pkt_data) eth_src = ether_pkt.fields["src"] eth_dst = ether_pkt.fields["dst"] if 'type' not in ether_pkt.fields: frame_num += 1 continue # ensuring it is ipv4 if ether_pkt.type != 0x0800: frame_num += 1 continue # getting ip info [TCP vs UPD vs ICMP etc] ip_pkt = ether_pkt[IP] # check if the packet is the one we want based on the config file if ip_pkt.fields["dst"] == victim_info[0]: flagged_packets += 1 printout_packet_header(pkt_num, pkt_relative_time, local_time, pkt_actual_len, pkt_caplen) printout_ether_header(eth_src, eth_dst, r_victim_info, r_attacker_info) printout_ip_header(ip_pkt, r_victim_info, r_attacker_info) # replace the original information for sending if s_switch is None: print("\t\tPacket is not sent") else: ether_pkt[Ether].src = r_attacker_info[1] ether_pkt[Ether].dst = r_victim_info[1] ether_pkt[IP].fields["src"] = r_attacker_info[0] ether_pkt[IP].fields["dst"] = r_victim_info[0] ether_pkt[IP][TCP].fields["sport"] = r_attacker_info[2] ether_pkt[IP][TCP].fields["dport"] = r_victim_info[2] # fix ack and seq numbers ether_pkt[TCP].seq = new_seq ether_pkt[TCP].ack = new_ack print("\t\tsending pkt seq: {} ack: {}".format( ether_pkt[TCP].seq, ether_pkt[TCP].ack)) if set_flag is not None: ether_pkt[TCP].flags = set_flag # redo checksum del ether_pkt.chksum del ether_pkt[IP].chksum del ether_pkt[IP][TCP].chksum ether_pkt = ether_pkt.__class__(bytes(ether_pkt)) if timing_type == "delay": time.sleep(.5) # sleep for 500 ms # send packet and receive answer = srp1(ether_pkt, iface=interface, verbose=False, inter=1, timeout=2) sent_packets += 1 print("\t\tPacket sent with flag: {}".format( ether_pkt[TCP].flags)) if answer != None: amount_recv += 1 print("\t\trecieved packet with flag: {}".format( answer[TCP].flags)) print("\t\ttheir seq: {} , ack: {}".format( answer[TCP].seq, answer[TCP].ack)) print("\t\tsize of TCP payload: {}".format( len(ether_pkt[TCP].payload))) if "A" == answer[TCP].flags: print( "\t\tvictim acknowledge data was sent, send more") new_seq = answer[TCP].ack new_ack = answer[TCP].seq + len(answer[TCP].payload) print("\t\t\t\tnew seq = {} \tnew ack = {}".format( new_seq, new_ack)) elif "PA" == answer[TCP].flags: print("\t\tVictim sent data to us") new_seq = answer[TCP].ack new_ack = answer[TCP].seq + len(answer[TCP].payload) print("\t\t\t\tnew seq = {} \tnew ack = {}".format( new_seq, new_ack)) elif "SA" == answer[TCP].flags: print( "\t\tvictim sent a syn ack, so we'll respond with an ack" ) new_seq = answer[TCP].ack new_ack = answer[TCP].seq + 1 print("\t\t\t\tnew seq = {} \tnew ack = {}".format( new_seq, new_ack)) elif "F" == answer[TCP].flags: print("\t\tgot a fin flag -- send one back...") new_seq = answer[TCP].ack new_ack = answer[TCP].seq + 1 set_flag = "F" else: print("\t\tdid not recieve a packet yet from victim") else: # regular print out since it did not match printout_packet_header(pkt_num, pkt_relative_time, local_time, pkt_actual_len, pkt_caplen) printout_ether_header(eth_src, eth_dst) printout_ip_header(ip_pkt) print("\t\tPacket is not sent") frame_num += 1 print( '\n{} contains {} total packets ({} flagged) ({} sent) ({} recieved)'. format(logfile, frame_num, flagged_packets, sent_packets, amount_recv))