def test_corrupt_dataofs(logger): """ Tests the tamper 'replace' primitive. """ packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="S", dataofs="6L")) original = copy.deepcopy(packet) tamper = actions.tamper.TamperAction(None, field="dataofs", tamper_type="corrupt") tamper.tamper(packet, logger) # Confirm tamper actually corrupted the checksum assert packet[TCP].dataofs != "0" new_value = packet[TCP].dataofs # Must run this check repeatedly - if a scapy fuzz-ed value is not properly # ._fix()-ed, it will return different values each time it's requested for _ in range(0, 5): assert packet[ TCP].dataofs == new_value, "Corrupted value is not stable" # Confirm tamper didn't corrupt anything else in the TCP header assert confirm_unchanged(packet, original, TCP, ["dataofs"]) # Confirm tamper didn't corrupt anything in the IP header assert confirm_unchanged(packet, original, IP, [])
def test_corrupt_chksum(logger): """ Tests the tamper 'replace' primitive. """ tamper = actions.tamper.TamperAction(None, field="chksum", tamper_type="corrupt", tamper_value="R") assert tamper.field == "chksum", "Tamper action changed checksum." assert tamper.tamper_type == "corrupt", "Tamper action changed types." assert str( tamper ) == "tamper{TCP:chksum:corrupt}", "Tamper returned incorrect string representation: %s" % str( tamper) packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="S")) original = copy.deepcopy(packet) tamper.tamper(packet, logger) # Confirm tamper actually corrupted the checksum assert packet[TCP].chksum != 0 new_value = packet[TCP].chksum # Must run this check repeatedly - if a scapy fuzz-ed value is not properly # ._fix()-ed, it will return different values each time it's requested for _ in range(0, 5): assert packet[TCP].chksum == new_value, "Corrupted value is not stable" # Confirm tamper didn't corrupt anything else in the TCP header assert confirm_unchanged(packet, original, TCP, ["chksum"]) # Confirm tamper didn't corrupt anything else in the IP header assert confirm_unchanged(packet, original, IP, [])
def test_add(): """ Tests the tamper 'add' primitive. """ tamper = actions.tamper.TamperAction(None, field="seq", tamper_type="add", tamper_value=10) assert tamper.field == "seq", "Tamper action changed fields." assert tamper.tamper_type == "add", "Tamper action changed types." assert str( tamper ) == "tamper{TCP:seq:add:10}", "Tamper returned incorrect string representation: %s" % str( tamper) packet = actions.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="S")) original = copy.deepcopy(packet) tamper.tamper(packet, logger) new_value = packet[TCP].seq assert new_value == 110, "Tamper did not add" # Must run this check repeatedly - if a scapy fuzz-ed value is not properly # ._fix()-ed, it will return different values each time it's requested for _ in range(0, 5): assert packet[TCP].seq == new_value, "Corrupted value is not stable" # Confirm tamper didn't corrupt anything else in the TCP header assert confirm_unchanged(packet, original, TCP, ["seq"]) # Confirm tamper didn't corrupt anything else in the IP header assert confirm_unchanged(packet, original, IP, [])
def test_parse_flags(logger): """ Tests the tamper 'replace' primitive. """ tamper = actions.tamper.TamperAction(None, field="flags", tamper_type="replace", tamper_value="FRAPUN") assert tamper.field == "flags", "Tamper action changed checksum." assert tamper.tamper_type == "replace", "Tamper action changed types." assert str( tamper ) == "tamper{TCP:flags:replace:FRAPUN}", "Tamper returned incorrect string representation: %s" % str( tamper) packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="S")) tamper.tamper(packet, logger) assert packet[TCP].flags == "FRAPUN", "Tamper failed to change flags."
def test_decompress(logger): """ Tests the tamper 'decompress' primitive. """ tamper = actions.tamper.TamperAction(None, field="qd", tamper_type="compress", tamper_value=10, tamper_proto="DNS") assert tamper.field == "qd", "Tamper action changed fields." assert tamper.tamper_type == "compress", "Tamper action changed types." assert str( tamper ) == "tamper{DNS:qd:compress}", "Tamper returned incorrect string representation: %s" % str( tamper) packet = layers.packet.Packet( IP(dst="8.8.8.8") / UDP(dport=53) / DNS(qd=DNSQR(qname="minghui.ca."))) original = packet.copy() tamper.tamper(packet, logger) assert bytes( packet["DNS"] ) == b'\x00\x00\x01\x00\x00\x02\x00\x00\x00\x00\x00\x00\x07minghui\xc0\x1a\x00\x01\x00\x01\x02ca\x00\x00\x01\x00\x01' resp = sr1(packet.packet) assert resp["DNS"] assert resp["DNS"].rcode != 1 assert resp["DNSQR"] assert resp["DNSRR"].rdata assert confirm_unchanged(packet, original, IP, ["len"]) print(resp.summary()) packet = layers.packet.Packet( IP(dst="8.8.8.8") / UDP(dport=53) / DNS(qd=DNSQR(qname="maps.google.com"))) original = packet.copy() tamper.tamper(packet, logger) assert bytes( packet["DNS"] ) == b'\x00\x00\x01\x00\x00\x02\x00\x00\x00\x00\x00\x00\x04maps\xc0\x17\x00\x01\x00\x01\x06google\x03com\x00\x00\x01\x00\x01' resp = sr1(packet.packet) assert resp["DNS"] assert resp["DNS"].rcode != 1 assert resp["DNSQR"] assert resp["DNSRR"].rdata assert confirm_unchanged(packet, original, IP, ["len"]) print(resp.summary()) # Confirm this is a NOP on normal packets packet = layers.packet.Packet(IP() / UDP()) original = packet.copy() tamper.tamper(packet, logger) assert packet.packet.summary() == original.packet.summary() # Confirm tamper didn't corrupt anything else in the TCP header assert confirm_unchanged(packet, original, UDP, []) # Confirm tamper didn't corrupt anything else in the IP header assert confirm_unchanged(packet, original, IP, [])
def test_replace(logger): """ Tests the tamper 'replace' primitive. """ tamper = actions.tamper.TamperAction(None, field="flags", tamper_type="replace", tamper_value="R") assert tamper.field == "flags", "Tamper action changed fields." assert tamper.tamper_type == "replace", "Tamper action changed types." packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="S")) original = copy.deepcopy(packet) tamper.tamper(packet, logger) # Confirm tamper replaced the field it was supposed to assert packet[TCP].flags == "R", "Tamper did not replace flags." # Confirm tamper didn't replace anything else in the TCP header assert confirm_unchanged(packet, original, TCP, ["flags"]) # Confirm tamper didn't replace anything else in the IP header assert confirm_unchanged(packet, original, IP, []) # chksums must be handled specially by tamper, so run a second check on this value tamper.field = "chksum" tamper.tamper_value = 0x4444 original = copy.deepcopy(packet) tamper.tamper(packet, logger) assert packet[TCP].chksum == 0x4444, "Tamper failed to change chksum." # Confirm tamper didn't replace anything else in the TCP header assert confirm_unchanged(packet, original, TCP, ["chksum"]) # Confirm tamper didn't replace anything else in the IP header assert confirm_unchanged(packet, original, IP, [])
def test_tamper_mutate_compress(logger): """ Tests that compress is handled right if its enabled """ backup = copy.deepcopy(actions.tamper.ACTIVATED_PRIMITIVES) actions.tamper.ACTIVATED_PRIMITIVES = ["compress"] try: tamper = actions.tamper.TamperAction(None) assert tamper.parse("TCP:flags:corrupt", logger) tamper._mutate_tamper_type() assert tamper.tamper_type == "compress" assert tamper.tamper_proto_str == "DNS" assert tamper.field == "qd" packet = layers.packet.Packet(IP() / TCP() / DNS() / DNSQR()) packet2 = tamper.tamper(packet, logger) assert packet2 == packet finally: actions.tamper.ACTIVATED_PRIMITIVES = backup