def test_task10(riot_ctrl, log_nodes): # pylint: disable=R0914 node = riot_ctrl(0, APP, Shell, port=TAP) host_netif = bridge(TAP) host_lladdr = get_link_local(host_netif) node_netifs = NETIF_PARSER.parse(node.ifconfig_list()) node_netif = next(iter(node_netifs)) node_hwaddr = node_netifs[node_netif]["hwaddr"] node_lladdr = [ addr["addr"] for addr in node_netifs[node_netif]["ipv6_addrs"] if addr["scope"] == "link" ][0] ip = IPv6(src=host_lladdr, dst=node_lladdr) stop_id = 0xc07c test_id = 0xb488 sniffer = AsyncSniffer( stop_filter=lambda p: ICMPv6EchoReply in p and p[ICMPv6EchoReply].id == stop_id, iface=host_netif, ) sniffer.start() time.sleep(.1) max_pkts = _max_encapsulations() for i in range(max_pkts): start = time.time() ips = ip for _ in range(i): ips /= ip sendp(Ether(dst=node_hwaddr) / ips / ICMPv6EchoRequest(id=test_id, seq=i), iface=host_netif, verbose=log_nodes) stop = time.time() if (stop - start) <= 0.001: time.sleep(0.001 - (stop - start)) # send stop condition for sniffer sendp(Ether(dst=node_hwaddr) / ip / ICMPv6EchoRequest(id=stop_id), iface=host_netif, verbose=log_nodes) sniffer.join() pkts = sniffer.results requests = [ p for p in pkts if ICMPv6EchoRequest in p and p[ICMPv6EchoRequest].id == test_id ] replies = [ p for p in pkts if ICMPv6EchoReply in p and p[ICMPv6EchoReply].id == test_id ] assert len(requests) <= max_pkts assert len(replies) <= max_pkts assert (len(replies) / max_pkts) > .96 reply_seqs = [r[ICMPv6EchoReply].seq for r in replies] reply_seq_occs = [reply_seqs.count(seq) for seq in reply_seqs] # no sequence number occurs more than once in the replies assert not any(occ > 1 for occ in reply_seq_occs)
def test_scapy_sniffer(self): send_data = [ Ether(src="99:54:8f:91:12:f6", dst="44:35:a2:a6:d0:bd") / IPv6(src="fe80::1", dst="fe80::2") / ICMPv6EchoRequest(), Ether(src="44:35:a2:a6:d0:bd", dst="99:54:8f:91:12:f6") / IPv6(src="fe80::2", dst="fe80::1") / ICMPv6EchoReply(), Ether(src="1f:db:ed:9c:26:6e", dst="18:39:3c:e8:1f:ad") / IPv6(src="2001:db8:8a5a:4020:f160:162:c83d:527d", dst="2001:db8:2932:29c9:35eb:9377:ae68:634d") / UDP(sport=31245, dport=8788) / b"abcdef", Ether(src="18:39:3c:e8:1f:ad", dst="1f:db:ed:9c:26:6e") / IPv6(src="2001:db8:2932:29c9:35eb:9377:ae68:634d", dst="2001:db8:8a5a:4020:f160:162:c83d:527d") / UDP(sport=8788, dport=31245) / b"12345", ] sniffer = AsyncSniffer() sniffer.start() self.spawn.expect(r"Initializing L2listen with arguments") self.spawn.expect(r"Bound socket to '(.*)'\s") remote = self.spawn.match.group(1) # wait a bit to avoid race where socket is not bound yet time.sleep(.5) for packet in send_data: time.sleep(.001) # some spacing for test stability self.assertEqual(len(raw(packet)), self.comm_sock.sendto(raw(packet), remote)) for packet in send_data: self.spawn.expect(r"Receiving on L2listen with arguments") results = sniffer.stop() self.assertIsNotNone(results) self.assertEqual(len(send_data), len(results)) for pkt in send_data: self.assertIn(Ether(raw(pkt)), results)
def craft(hdr, fl): helpers.Utils.set_fl(hdr, fl) pkt = hdr / IPv6() / ICMPv6EchoRequest() pkt = pkt.__class__(str(pkt)) return ([pkt], {fl: [pkt]})
def iterate_bgp_prefix(prefix): prefixlen = prefix.prefixlen #ie. number of possible network prefixes for i in range(2**(64 - prefixlen)): #only interested in network half of prefix #shift i left 64 bits so only this half of the address is searched #use arbitrary value 1 for host identifier half # prefix_iteration = prefix.network_address + (i << 64) + ipaddress.IPv6Address("::1000:0:1:2") # prefix_iteration = prefix.network_address + (i << 64) + 0x200e prefix_iteration = prefix.network_address + (i << 64) + 1 #print(prefix_iteration) icmp_pkt = IPv6(dst=str(prefix_iteration)) / ICMPv6EchoRequest() #send - send packets at layer 3 #sr - send packets and match reply #sr1 - send packets, but only match first reply res = sr1(icmp_pkt, timeout=15) #invalid/unadvertised prefix or host identifier, DROP policy on final hop if res == None: print("Timeout, no response received.") #note: .show() displays None, but prints packet details before print line elif ICMPv6EchoReply in res: print("Echo reply - host found:\n%s" % res.show()) #code 3 = Destination Unreachable: Address Unreachable #ie. live network prefix found, no matching host ID elif ICMPv6DestUnreach in res: if res[ICMPv6DestUnreach].code == 3: print("Destination unreachable:\n%s, %s" % (res.show(), "Address Unreachable")) #code 0 = Destination Unreachable: No Route #invalid/unadvertised prefix, REJECT policy on final hop elif res[ICMPv6DestUnreach].code == 0: print("Destination unreachable:\n%s, %s" % (res.show(), "No route")) else: print("Other: %s" % res.show())
def iterate_interface_identifier(prefix, oui): #ie. iterate through the missing 24 bits in IID, starting at 1 #for i in range(2**24): responses = [] for i in range(600): #need 0xfffe for actual OUI testing, ignore for initial tests host_iteration = prefix.network_address + (0xf << 16) + i #host_iteration = prefix + oui + 0xfffe + i icmp_pkt = IPv6(dst=str(host_iteration)) / ICMPv6EchoRequest() #icmp_pkt.show() #print(host_iteration) #''' #res = sr1(icmp_pkt, timeout=5) res = sr1(icmp_pkt, timeout=2, filter="ip6") if res == None: print("Timeout, no response received within limit. %s" % icmp_pkt.dst) elif ICMPv6DestUnreach in res: print("Destination unreachable: code %s" % res.code) elif ICMPv6EchoReply in res: print("Echo reply: %s" % res.src) responses.append(res.src) else: print("Other: %s" % res.show()) #''' print("\n\n===========\nFinal responses: %d\n%s\n\n" % (len(responses), responses))
def run(self): """Sends ICMPv6 echo request packets marked with the data upribox to the IPv6 all nodes multicast address. Received echo replies are processed by a SniffThread. """ while True: send(IPv6(dst=self._MULTICAST_DEST) / ICMPv6EchoRequest(data=self._DATA), iface=self.interface) time.sleep(self._SLEEP)
def test_scapy_srp1(self): send_data = Ether(src="99:54:8f:91:12:f6", dst="44:35:a2:a6:d0:bd") / \ IPv6(src="fe80::1", dst="fe80::2") / \ ICMPv6EchoRequest() exp_reply = Ether(src="44:35:a2:a6:d0:bd", dst="99:54:8f:91:12:f6") / \ IPv6(src="fe80::2", dst="fe80::1") / \ ICMPv6EchoReply() self._test_sndrcv1(srp1, "L2socket", send_data, exp_reply)
def sendip6ping(self): """ send a IPv6 Icmp Ping """ if self.mac is not None: if self.linklocal is None: self.linklocal = mac2ipv6(self.mac) if self._verbose > 1: print("sendip6ping:", self.linklocal, self.name) send(IPv6(dst=self.linklocal) / ICMPv6EchoRequest() / "whosthere")
def ping_ipv6(self, target): """Request an ICMP echo reply from the target host via IPv6. Returns bool if the target responded. """ random_id = self.random_icmp_id() packet = IPv6(dst=target) / ICMPv6EchoRequest(id=random_id) try: answer = self._send_packet(packet) return answer.payload.id == random_id except (TypeError, ValueError, AttributeError, KeyError): #traceback.print_exc() pass return False
def exfil_ipv6(self, target, payload): """Exfiltrate the payload ICMP echo requests over IPv6. Data is simply stored in the ICMP packet's payload without modification. """ try: for chunk in payload.chunk_iter(): random_id = self.random_icmp_id() packet = IPv6(dst=target) / ICMPv6EchoRequest(id=random_id, data=chunk) answer = self._send_packet(packet) if chunk not in bytes(answer.payload.data): return False except (TypeError, ValueError, AttributeError, KeyError): #traceback.print_exc() return False return True
def craft(hdr, fl): snd = [] rcv = {} for fl in range(fl, fl+nbrFlux): Utils.set_fl(hdr, fl) sip = 'fc00:2:0:1::1' # Adresses don't rlly matter dip = 'fc00:2:0:2::1' packets_snd = fragment6(IPv6(src=sip, dst=dip) / IPv6ExtHdrFragment() / ICMPv6EchoRequest(data='A'*300), 100) packets_snd = [pkt.__class__(str(hdr/pkt)) for pkt in packets_snd] packet_excepted = pkt.__class__(str(hdr/IPv6(src=sip, dst=dip) / ICMPv6EchoRequest(data='A'*300))) snd.extend(packets_snd) rcv[fl] = [packet_excepted] return (snd, rcv)
def iterate_interface_identifier_no_reply(prefix, oui): #ie. iterate through the missing 24 bits in IID, starting at 1 #for i in range(2**24): responses = [] #uni testing for i in range(600): #sky testing #for i in range(64600, 64735): #for i in range(64715, 64725): #need 0xfffe for actual OUI testing, ignore for initial tests #uni network testing #host_iteration = prefix.network_address + (0xf << 16) + i host_iteration = prefix.network_address + (0xf << 16) + i #sky network testing #host_iteration = ipaddress.IPv6Address("2a02:c7f:b09f:d200:40e6:2373:982c:0") + i #genuine OUI testing #host_iteration = prefix + oui + 0xfffe + i icmp_pkt = IPv6(dst=str(host_iteration)) / ICMPv6EchoRequest() #icmp_pkt.show() #print(host_iteration) #''' #res = sr1(icmp_pkt, timeout=5) #res = sr1(icmp_pkt, timeout=2, filter="ip6") send(icmp_pkt, inter=0, verbose=False) #time.sleep(1/64) sends around 43 packets per second #time.sleep(1/100) sends around 55.5 packets per second #1/150 sends around ? packets per second #1/200 sends around 88.7 packets per second #no sleep call sends around 181 packets per second #time.sleep(1) #time.sleep(1/1.5) #time.sleep(1/2) #time.sleep(1/5) #time.sleep(1/10) #time.sleep(1/25) #time.sleep(1/50) #time.sleep(1/100) #time.sleep(1/150) #time.sleep(1/200) if i % 10000 == 0: print("sent: %s" % host_iteration)
def test_00_icmp_accepted(self): for dst in [self.PROXY_HOST, self.ALT_HOST]: pkt = \ IP(dst=dst) / \ UDP(sport=12345, dport=19523) / \ GLBGUE(private_data=GLBGUEChainedRouting(hops=[self.ALT_HOST])) / \ IPv6(src=self.SELF_HOST_V6, dst=self.V4_TO_V6[dst]) / \ ICMPv6EchoRequest() print repr(pkt) # expect a ICMP echo response back from self.PROXY_HOST (decapsulated) resp_ip = self._sendrecv6(pkt, lfilter=lambda p: isinstance(p, IPv6) and isinstance(p.payload, ICMPv6EchoReply)) assert isinstance(resp_ip, IPv6) assert_equals(resp_ip.src, self.V4_TO_V6[dst]) assert_equals(resp_ip.dst, self.SELF_HOST_V6) resp_icmp = resp_ip.payload assert isinstance(resp_icmp, ICMPv6EchoReply)
def srv6_traceroute(destination, result_table, packet_len, max_ttl, sr_hops, verbosity, timeout): ttl = 1 while ttl <= max_ttl: p = sr1(IPv6(dst=destination, hlim=ttl) / IPv6ExtHdrSegmentRouting(addresses=sr_hops) / ICMPv6EchoRequest(data=RandString(packet_len)), timeout=timeout, verbose=verbosity) if p is not None: if not ttl in result_table: result_table[ttl] = {} result_table[ttl]["SR"] = p[IPv6].src else: result_table[ttl]["SR"] = "-" ttl += 1 return result_table
def icmp_traceroute(destination, result_table, packet_len, verbosity, timeout): ttl = 1 while 1: start_time = time.time() p = sr1(IPv6(dst=destination, hlim=ttl) / ICMPv6EchoRequest(data=RandString(packet_len)), verbose=verbosity, timeout=timeout) end_time = time.time() latency = ((end_time - start_time) * 1000) if not ttl in result_table: result_table[ttl] = {} if p is not None: if p[IPv6].src.startswith('fe'): result_table[ttl]["ASN"] = "Link local" else: result_table[ttl]["ASN"] = get_asn_description(p[IPv6].src) result_table[ttl]["ICMP"] = p[IPv6].src if latency > 2000: result_table[ttl]["latency"] = "Timeout" else: result_table[ttl]["latency"] = str(latency) if ICMPv6EchoReply in p: break else: result_table[ttl]["latency"] = "-" result_table[ttl]["ASN"] = "-" result_table[ttl]["ICMP"] = "-" ttl += 1 max_hops = ttl return (max_hops, result_table)
def test_03_icmp_echo_request(self): test_packet = Ether() / IPv6( src='fd91:79d3:d621::1234', dst='fdb4:98ce:52d4::42') / ICMPv6EchoRequest() self.sendp(test_packet, iface=self.IFACE_NAME_PY) packet = self.wait_for_packet( self.eth_tx, lambda packet: isinstance( packet.payload, IP) and isinstance(packet.payload.payload, UDP) and packet.payload.payload.dport == self.DIRECTOR_GUE_PORT) assert isinstance(packet, Ether) assert_equals(packet.dst, self.py_side_mac) fou_ip = packet.payload assert isinstance(fou_ip, IP) # Expecting an IP packet assert_equals(fou_ip.src, '65.65.65.65') assert_equals(fou_ip.dst, '5.6.7.8') fou_udp = fou_ip.payload assert isinstance(fou_udp, UDP) # Expecting a FOU packet assert_equals(fou_udp.dport, self.DIRECTOR_GUE_PORT) glb_gue = fou_udp.payload assert isinstance( glb_gue, GLBGUE) # Expecting a GUE packet (scapy will always map this) assert_equals(glb_gue.private_data[0].hop_count, 1) assert_equals(glb_gue.private_data[0].next_hop, 0) assert_equals(glb_gue.private_data[0].hops, ['6.7.8.9']) inner_ip = glb_gue.payload assert isinstance(inner_ip, IPv6) # Expecting the inner IP packet assert_equals(inner_ip.src, 'fd91:79d3:d621::1234') assert_equals(inner_ip.dst, 'fdb4:98ce:52d4::42') inner_tcp = inner_ip.payload assert isinstance(inner_tcp, ICMPv6EchoRequest) # Expecting the inner ICMP packet
# Check if destination are reachable IODebug.displayDebugInfo("DEBUG 1: Checking if destination are reachable") # Get remote MAC if not cmdParams.mac_dst: try: cmdParams.mac_dst = get_remote_addr(cmdParams.target, cmdParams.ip_src, cmdParams.iface_out) # If is level3 add a var cmdParams.level = 2 # Set send function cmdParams.send_function = sendp except RuntimeError: # Check if address is accesible without net level 2 test = sr1(IPv6(dst=cmdParams.target)/ICMPv6EchoRequest(), iface = cmdParams.iface_out, timeout=4, verbose = 0) cmdParams.level = 3 # Set send function cmdParams.send_function = send if not test: raise RuntimeError("Destination are not reachable") # Run plugin m_plugin_instances[P.run_mode].run(P, cmdParams)
def test_it_should_not_deliver_a_packet_from_tn4_on_ethx(self): self.n.node(4).send(IPv6(src=str(self.n.node(4).global_ip()), dst=str(self.ethy_t.global_ip()))/ICMPv6EchoRequest()) self.assertEqual(0, len(self.ethx_s.sent))
def test_it_should_not_deliver_a_packet_from_tr1_if0_to_ethx(self): self.n.router(1).send(IPv6(src=str(self.n.router(1).global_ip()), dst=str(self.ethx_t.global_ip()))/ICMPv6EchoRequest(), iface=0) self.assertEqual(0, len(self.ethx_s.sent))
TCP(sport=31337, dport=80, flags="A") / "katran test pckt 02", # pkt 3; reply expected Ether(src="0x002", dst="0x2") / IP(src="192.168.1.1", dst="10.200.1.2") / TCP(sport=31337, dport=42, flags="A") / "katran test pckt 03", # pkt 4; reply expected Ether(src="0x002", dst="0x2") / IP(src="192.168.1.1", dst="10.200.1.3") / TCP(sport=31337, dport=80, flags="A") / "katran test pckt 04", # pkt 5; reply expected Ether(src="0x002", dst="0x2") / IPv6(src="fc00:2::1", dst="fc00:1::1") / TCP(sport=31337, dport=80, flags="A") / "katran test pckt 05", # pkt 6; reply expected Ether(src="0x002", dst="0x2") / IP(src="192.168.1.1", dst="10.200.1.3") / ICMP(type="echo-request") / "katran test pckt 06", # pkt 7; reply expected Ether(src="0x002", dst="0x2") / IPv6(src="fc00:2::1", dst="fc00:1::1") / ICMPv6EchoRequest() / "katran test pckt 07", # pkt 8; reply expected Ether(src="0x002", dst="0x2") / IP(src="192.168.100.1", dst="10.200.1.1") / ICMP(type="dest-unreach", code="fragmentation-needed") / IP(src="10.200.1.1", dst="192.168.1.1") / TCP(sport=80, dport=31337) / "katran test pckt 08", # pkt 9; reply expected Ether(src="0x002", dst="0x2") / IPv6(src="fc00:200::1", dst="fc00:1::1") / ICMPv6PacketTooBig() / IPv6(src="fc00:1::1", dst="fc00:2::1") / TCP(sport=80, dport=31337) / "katran test pckt 09", # pkt 10; will be droped on katran side Ether(src="0x002", dst="0x2") / IP(src="192.168.1.1", dst="10.200.1.1", ihl=6) / TCP(sport=31337, dport=80, flags="A") / "katran test pckt 10", # pkt 11; will be droped on katran side Ether(src="0x002", dst="0x2") /
def test_it_should_deliver_a_packet_from_tr3_on_ethx(self): self.n.router(3).send(IPv6(src=str(self.n.router(3).link_local_ip(iface=1)), dst=str(self.ethx_t.link_local_ip()))/ICMPv6EchoRequest(), iface=1) self.assertEqual(1, len(self.ethx_s.sent))
def main(): """Send and receive IPsec packet.""" args = TrafficScriptArg([ 'src_mac', 'dst_mac', 'src_ip', 'dst_ip', 'crypto_alg', 'crypto_key', 'integ_alg', 'integ_key', 'l_spi', 'r_spi' ], ['src_tun', 'dst_tun']) rxq = RxQueue(args.get_arg('rx_if')) txq = TxQueue(args.get_arg('tx_if')) src_mac = args.get_arg('src_mac') dst_mac = args.get_arg('dst_mac') src_ip = args.get_arg('src_ip') dst_ip = args.get_arg('dst_ip') crypto_alg = args.get_arg('crypto_alg') crypto_key = args.get_arg('crypto_key') integ_alg = args.get_arg('integ_alg') integ_key = args.get_arg('integ_key') l_spi = int(args.get_arg('l_spi')) r_spi = int(args.get_arg('r_spi')) src_tun = args.get_arg('src_tun') dst_tun = args.get_arg('dst_tun') is_ipv4 = True if 6 == ip_address(unicode(src_ip)).version: is_ipv4 = False tunnel_out = None tunnel_in = None if src_tun and dst_tun: if is_ipv4: tunnel_out = IP(src=src_tun, dst=dst_tun) tunnel_in = IP(src=dst_tun, dst=src_tun) else: tunnel_out = IPv6(src=src_tun, dst=dst_tun) tunnel_in = IPv6(src=dst_tun, dst=src_tun) else: src_tun = src_ip dst_tun = dst_ip sa_in = SecurityAssociation(ESP, spi=r_spi, crypt_algo=crypto_alg, crypt_key=crypto_key, auth_algo=integ_alg, auth_key=integ_key, tunnel_header=tunnel_in) sa_out = SecurityAssociation(ESP, spi=l_spi, crypt_algo=crypto_alg, crypt_key=crypto_key, auth_algo=integ_alg, auth_key=integ_key, tunnel_header=tunnel_out) sent_packets = [] if is_ipv4: ip_pkt = IP(src=src_ip, dst=dst_ip) / \ ICMP() ip_pkt = IP(str(ip_pkt)) else: ip_pkt = IPv6(src=src_ip, dst=dst_ip) / \ ICMPv6EchoRequest() ip_pkt = IPv6(str(ip_pkt)) e_pkt = sa_out.encrypt(ip_pkt) pkt_send = Ether(src=src_mac, dst=dst_mac) / \ e_pkt sent_packets.append(pkt_send) txq.send(pkt_send) pkt_recv = rxq.recv(2, sent_packets) if pkt_recv is None: raise RuntimeError('ESP packet Rx timeout') if is_ipv4: check_ipv4(pkt_recv, src_tun, dst_ip, src_ip, sa_in) else: check_ipv6(pkt_recv, src_tun, dst_ip, src_ip, sa_in) sys.exit(0)
def test_it_should_not_deliver_a_packet_from_tn1_on_ethy(self): self.n.node(1).send(IPv6(src=str(self.n.node(1).link_local_ip()), dst=str(self.ethx_t.link_local_ip()))/ICMPv6EchoRequest()) self.assertEqual(0, len(self.ethy_s.sent))
def test_it_should_deliver_a_packet_from_tn2_on_ethx(self): self.n.node(2).send(IPv6(src=str(self.n.node(2).global_ip()), dst=str(self.ethx_t.global_ip()))/ICMPv6EchoRequest()) self.assertEqual(1, len(self.ethx_s.sent)) p = self.ethx_s.sent[0] self.assertTrue(p.haslayer(Ether)) self.assertEqual('00:b0:d0:86:bb:f7', p.getlayer(Ether).src) self.assertEqual('00:b0:d0:bb:cc:ff', p.getlayer(Ether).dst) self.assertTrue(p.haslayer(IPv6)) self.assertEqual(self.n.node(2).global_ip().short_form(), p.getlayer(IPv6).src) self.assertEqual(self.ethx_t.global_ip().short_form(), p.getlayer(IPv6).dst)
# Get remote MAC if not cmdParams.mac_dst: try: cmdParams.mac_dst = get_remote_addr(cmdParams.target, cmdParams.ip_src, cmdParams.iface_out) # If is level3 add a var cmdParams.level = 2 # Set send function cmdParams.send_function = sendp except RuntimeError: # Check if address is accesible without net level 2 test = sr1(IPv6(dst=cmdParams.target) / ICMPv6EchoRequest(), iface=cmdParams.iface_out, timeout=4, verbose=0) cmdParams.level = 3 # Set send function cmdParams.send_function = send if not test: raise RuntimeError("Destination are not reachable") #############Aquí tengo que Check if idl host destination are reachable #IODebug.displayDebugInfo("DEBUG 1: Checking if destination are reachable")
""" Script to send icmpv6 data""" import sys import time from scapy.all import Ether, ICMPv6EchoRequest, IPv6, sendp dst = sys.argv[1] print("dst: %s" % dst) eth = Ether() i = IPv6() i.dst = dst # UE_IP i.src = "2001::2" q = ICMPv6EchoRequest() packet_icmp = eth / i / q for _ in range(1): sendp(packet_icmp, iface="gtp_br0", count=1) time.sleep(0.5)