Exemple #1
0
            if DEBUG:
                os.write(1, "Received from %s\n" % ifname)
                if VERB:
                    os.write(1, "%s\n" % eth_rcvd_frame.summary())

# Prepare Dot11 frame for injection
            dot11_sent_frame = RadioTap() / Dot11(
                type="Data",
                FCfield="from-DS",
                addr1=eth_rcvd_frame.getlayer(Ether).dst,
                addr2=BSSID)
            # It doesn't seem possible to set tuntap interface MAC address
            # when we create it, so we set source MAC here
            if not HAS_SMAC:
                dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src
            else:
                dot11_sent_frame.addr3 = SMAC
            if WEP:
                dot11_sent_frame.FCfield |= 0x40
                dot11_sent_frame /= Dot11WEP(iv="111", keyid=KEYID)
            dot11_sent_frame /= LLC(ctrl=3) / SNAP(
                code=eth_rcvd_frame.getlayer(
                    Ether).type) / eth_rcvd_frame.getlayer(Ether).payload

            if DEBUG:
                os.write(1, "Sending from-DS to %s\n" % OUT_IFACE)
                if VERB:
                    os.write(1, "%s\n" % dot11_sent_frame.summary())

# Frame injection :
Exemple #2
0
                if options.debug:
                    os.write(1, "Received from %s\n" % ifname)
                    if options.verb:
                        os.write(1, "%s\n" % eth_rcvd_frame.summary())

                # Prepare Dot11 frame for injection
                dot11_sent_frame = RadioTap() / Dot11(
                    type="Data",
                    FCfield="from-DS",
                    addr1=eth_rcvd_frame.getlayer(Ether).dst,
                    addr2=options.bssid)
                # It doesn't seem possible to set tuntap interface MAC address
                # when we create it, so we set source MAC here
                if options.smac is None:
                    dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src
                else:
                    dot11_sent_frame.addr3 = options.smac
                if options.wepkey is not None:
                    dot11_sent_frame.FCfield |= 0x40
                    dot11_sent_frame /= Dot11WEP(iv="111", keyid=options.keyid)

                dot11_sent_frame /= LLC(ctrl=3) / SNAP(
                    code=eth_rcvd_frame.getlayer(
                        Ether).type) / eth_rcvd_frame.getlayer(Ether).payload

                if options.debug:
                    os.write(1, "Sending from-DS to %s\n" % options.out_iface)
                    if options.verb:
                        os.write(1, "%s\n" % dot11_sent_frame.summary())
            if dot11_frame.haslayer(DNS) and dot11_frame.getlayer(DNS).qr == 0:
                if options.debug:
                    os.write(1,
                             "Received DNS Query on %s\n" % options.in_iface)
                    if options.verb:
                        os.write(1, "%s\n" % dot11_frame.summary())

                # Building DNS Reply answer for injection
                dot11_answer = RadioTap() / Dot11(
                    type="Data",
                    FCfield="from-DS",
                    addr1=dot11_frame.getlayer(Dot11).addr2,
                    addr2=options.bssid)

                if options.smac is not None:
                    dot11_answer.addr3 = dot11_frame.getlayer(Dot11).addr1
                else:
                    dot11_answer.addr3 = options.smac

                if options.wepkey is not None:
                    dot11_answer.FCfield |= 0x40
                    dot11_answer /= Dot11WEP(iv="111", keyid=options.keyid)

                dot11_answer /= LLC(ctrl=3) / SNAP() / IP(
                    src=dot11_frame.getlayer(IP).dst,
                    dst=dot11_frame.getlayer(IP).src,
                    ttl=options.ttl)

                dot11_answer /= UDP(sport=dot11_frame.getlayer(UDP).dport,
                                    dport=dot11_frame.getlayer(UDP).sport)
Exemple #4
0
	# Identifying DNS Queries
	if dot11_frame.haslayer(DNS) and dot11_frame.getlayer(DNS).qr == 0:
	    if DEBUG:
		os.write(1,"Received DNS Query on %s\n" % IN_IFACE)
		if VERB:
		    os.write(1,"%s\n" % dot11_frame.summary())

	# Building DNS Reply answer for injection
	    dot11_answer = RadioTap()/Dot11(
		type = "Data",
		FCfield = "from-DS",
		addr1 = dot11_frame.getlayer(Dot11).addr2,
		addr2 = BSSID)
	    if not HAS_SMAC:
	        dot11_answer.addr3 = dot11_frame.getlayer(Dot11).addr1
	    else:
		dot11_answer.addr3 = SMAC
	    if WEP:
		dot11_answer.FCfield |= 0x40
		dot11_answer /= Dot11WEP(
		    iv = "111",
		    keyid = KEYID)
	    dot11_answer /= LLC(ctrl = 3)/SNAP()/IP(
		src = dot11_frame.getlayer(IP).dst,
		dst = dot11_frame.getlayer(IP).src,
		ttl = TTL)
	    dot11_answer /= UDP(
		sport = dot11_frame.getlayer(UDP).dport,
		dport = dot11_frame.getlayer(UDP).sport)
	    dot11_answer /= DNS(
Exemple #5
0
	    if DEBUG:
	        os.write(1,"Received from %s\n" % ifname)
		if VERB:
		    os.write(1,"%s\n" % eth_rcvd_frame.summary())
	    
	# Prepare Dot11 frame for injection
	    dot11_sent_frame = RadioTap()/Dot11(
		type = "Data",
		FCfield = "from-DS",
		addr1 = eth_rcvd_frame.getlayer(Ether).dst,
		addr2 = BSSID)
	# It doesn't seem possible to set tuntap interface MAC address
	# when we create it, so we set source MAC here
	    if not HAS_SMAC:
	        dot11_sent_frame.addr3 = eth_rcvd_frame.getlayer(Ether).src
	    else:
		dot11_sent_frame.addr3 = SMAC
	    if WEP:
		dot11_sent_frame.FCfield |= 0x40
		dot11_sent_frame /= Dot11WEP(
		    iv = "111",
		    keyid = KEYID)
	    dot11_sent_frame /= LLC(ctrl = 3)/SNAP(code=eth_rcvd_frame.getlayer(Ether).type)/eth_rcvd_frame.getlayer(Ether).payload

	    if DEBUG:
	        os.write(1,"Sending from-DS to %s\n" % OUT_IFACE)
		if VERB:
		    os.write(1,"%s\n" % dot11_sent_frame.summary())
	
	# Frame injection :