if DEBUG:
os.write(1, "Received from %s\n" % ifname)
if VERB:
os.write(1, "%s\n" % eth_rcvd_frame.summary())
# Prepare Dot11 frame for injection
dot11_sent_frame = RadioTap() / Dot11(
type="Data",
FCfield="from-DS",
addr1=eth_rcvd_frame.getlayer(Ether).dst,
addr2=BSSID)
# It doesn't seem possible to set tuntap interface MAC address
# when we create it, so we set source MAC here
if not HAS_SMAC:
dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src
else:
dot11_sent_frame.addr3 = SMAC
if WEP:
dot11_sent_frame.FCfield |= 0x40
dot11_sent_frame /= Dot11WEP(iv="111", keyid=KEYID)
dot11_sent_frame /= LLC(ctrl=3) / SNAP(
code=eth_rcvd_frame.getlayer(
Ether).type) / eth_rcvd_frame.getlayer(Ether).payload
if DEBUG:
os.write(1, "Sending from-DS to %s\n" % OUT_IFACE)
if VERB:
os.write(1, "%s\n" % dot11_sent_frame.summary())
# Frame injection :
if options.debug:
os.write(1, "Received from %s\n" % ifname)
if options.verb:
os.write(1, "%s\n" % eth_rcvd_frame.summary())
# Prepare Dot11 frame for injection
dot11_sent_frame = RadioTap() / Dot11(
type="Data",
FCfield="from-DS",
addr1=eth_rcvd_frame.getlayer(Ether).dst,
addr2=options.bssid)
# It doesn't seem possible to set tuntap interface MAC address
# when we create it, so we set source MAC here
if options.smac is None:
dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src
else:
dot11_sent_frame.addr3 = options.smac
if options.wepkey is not None:
dot11_sent_frame.FCfield |= 0x40
dot11_sent_frame /= Dot11WEP(iv="111", keyid=options.keyid)
dot11_sent_frame /= LLC(ctrl=3) / SNAP(
code=eth_rcvd_frame.getlayer(
Ether).type) / eth_rcvd_frame.getlayer(Ether).payload
if options.debug:
os.write(1, "Sending from-DS to %s\n" % options.out_iface)
if options.verb:
os.write(1, "%s\n" % dot11_sent_frame.summary())
if dot11_frame.haslayer(DNS) and dot11_frame.getlayer(DNS).qr == 0:
if options.debug:
os.write(1,
"Received DNS Query on %s\n" % options.in_iface)
if options.verb:
os.write(1, "%s\n" % dot11_frame.summary())
# Building DNS Reply answer for injection
dot11_answer = RadioTap() / Dot11(
type="Data",
FCfield="from-DS",
addr1=dot11_frame.getlayer(Dot11).addr2,
addr2=options.bssid)
if options.smac is not None:
dot11_answer.addr3 = dot11_frame.getlayer(Dot11).addr1
else:
dot11_answer.addr3 = options.smac
if options.wepkey is not None:
dot11_answer.FCfield |= 0x40
dot11_answer /= Dot11WEP(iv="111", keyid=options.keyid)
dot11_answer /= LLC(ctrl=3) / SNAP() / IP(
src=dot11_frame.getlayer(IP).dst,
dst=dot11_frame.getlayer(IP).src,
ttl=options.ttl)
dot11_answer /= UDP(sport=dot11_frame.getlayer(UDP).dport,
dport=dot11_frame.getlayer(UDP).sport)
# Identifying DNS Queries if dot11_frame.haslayer(DNS) and dot11_frame.getlayer(DNS).qr == 0: if DEBUG: os.write(1,"Received DNS Query on %s\n" % IN_IFACE) if VERB: os.write(1,"%s\n" % dot11_frame.summary()) # Building DNS Reply answer for injection dot11_answer = RadioTap()/Dot11( type = "Data", FCfield = "from-DS", addr1 = dot11_frame.getlayer(Dot11).addr2, addr2 = BSSID) if not HAS_SMAC: dot11_answer.addr3 = dot11_frame.getlayer(Dot11).addr1 else: dot11_answer.addr3 = SMAC if WEP: dot11_answer.FCfield |= 0x40 dot11_answer /= Dot11WEP( iv = "111", keyid = KEYID) dot11_answer /= LLC(ctrl = 3)/SNAP()/IP( src = dot11_frame.getlayer(IP).dst, dst = dot11_frame.getlayer(IP).src, ttl = TTL) dot11_answer /= UDP( sport = dot11_frame.getlayer(UDP).dport, dport = dot11_frame.getlayer(UDP).sport) dot11_answer /= DNS(
if DEBUG: os.write(1,"Received from %s\n" % ifname) if VERB: os.write(1,"%s\n" % eth_rcvd_frame.summary()) # Prepare Dot11 frame for injection dot11_sent_frame = RadioTap()/Dot11( type = "Data", FCfield = "from-DS", addr1 = eth_rcvd_frame.getlayer(Ether).dst, addr2 = BSSID) # It doesn't seem possible to set tuntap interface MAC address # when we create it, so we set source MAC here if not HAS_SMAC: dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src else: dot11_sent_frame.addr3 = SMAC if WEP: dot11_sent_frame.FCfield |= 0x40 dot11_sent_frame /= Dot11WEP( iv = "111", keyid = KEYID) dot11_sent_frame /= LLC(ctrl = 3)/SNAP(code=eth_rcvd_frame.getlayer(Ether).type)/eth_rcvd_frame.getlayer(Ether).payload if DEBUG: os.write(1,"Sending from-DS to %s\n" % OUT_IFACE) if VERB: os.write(1,"%s\n" % dot11_sent_frame.summary()) # Frame injection :
