def run(self): while True: raw_packet = self.queue.get(block=True) if raw_packet == "finished": print("Finished processing packets") break try: #this filters for unfragmented DNS responses #this filters for fragmented DNS responses packet = Ether(raw_packet) if packet.haslayer(IPv6): ip_v = IPv6 else: ip_v = IP if (packet.haslayer(DNS) and packet[DNS].qr == 1) or ( packet.haslayer(UDP) and (packet[UDP].dport == 53 and packet[ip_v].flags == 1)): if packet[UDP].len >= self.min_pkt_size and packet.haslayer( DNSQR): print("Received response: writing to scan_results") self.file.write( packet[ip_v].src + "\t" + packet[DNSQR].qname.decode("ascii").rstrip(".") + "\t" + str(packet[UDP].len) + "\n") self.file.flush() except Exception as e: print("Exception in Sniffer: " + str(e)) self.file.close()
def main(): if len(sys.argv)<2: print 'pass 2 arguments: <destination>' exit(1) addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, str(addr)) while True: print s = str(raw_input('Type space separated port nums ' '(example: "2 3 2 2 1") or "q" to quit: ')) if s == "q": break; print i = 0 pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff'); for p in s.split(" "): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i+1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 pkt = pkt / IP(dst=addr) / UDP(dport=4321, sport=1234) pkt.show2() sendp(pkt, iface=iface, verbose=False)
def main(): if len(sys.argv) < 3: print 'pass 3 arguments: <destination> <num>' exit(1) addr = socket.gethostbyname(sys.argv[1]) num = int(sys.argv[2]) iface = get_if() print "sending on interface %s to %s" % (iface, str(addr)) while num > 0: num = num - 1 s = "2 2 1" i = 0 pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') for p in s.split(" "): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i + 1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 pkt = pkt / IP( dst=addr, options=IPOption_MRI( count=0, pathid=1, swtraces=[])) / UDP(dport=4321, sport=1234) pkt.show2() sendp(pkt, iface=iface, verbose=False)
def send(): iface_tx = get_if() global wCurr, rCurr j = 0 pkt = Ether(src=get_if_hwaddr(iface_tx), dst="ff:ff:ff:ff:ff:ff") for p in rCurr: try: pkt = pkt / SourceRoute(bos=0, port=p) j = j + 1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, j).bos = 1 # Check if sent enough packets global totalSent if wCurr + totalSent >= goalSent: wCurr = goalSent - totalSent print "Time Start: ", time_start # Recorded for FCT evaluation totalSent = totalSent + wCurr print("Winodow is: ", wCurr) print("Route is: ", nCurr) t = (time.time() - time_start) * 1000000 # timestamp in the unit of microsecond pkt = pkt / IP(dst=dst_ip, proto=17) / UDP(dport=4321, sport=1234) / MRI( count=1, swtraces=[SwitchTrace(swid=100, egresst=t)]) / str( RandString(size=1000)) sendp(pkt, iface=iface_tx, inter=0, count=wCurr, verbose=False)
def run(self, ami, action): amifile = ami.GetFilePath() amipath = os.path.dirname(os.path.realpath(amifile)) pcap_in = os.path.join(amipath, action.Variables()["$filename"]) print("Importing PCAP: %s" % pcap_in) to_replace = action.FieldActions() n_items_replaced = 0 packets_injected = 0 ip_list = None try: ip_list = to_replace["ip"]["replace"] except: pass # That means we have no definition to replace, we won't replace then packets = rdpcap(pcap_in) last_packet = None seq = 0 for packet in packets: packet.time = time.time() if CookedLinux in packet: packet = Ether() / packet.payload try: del packet[IP].chksum del packet[TCP].chksum del packet[UDP].chksum except IndexError: pass if ip_list: ip_to_replace = None for k, v in ip_list.items(): ip_to_replace = k ip_replacement = IP_y(v) if packet.haslayer(IP): if packet[IP].src == ip_to_replace: packet[IP].src = str(ip_replacement) n_items_replaced += 1 if packet[IP].dst == ip_to_replace: packet[IP].dst = str(ip_replacement) n_items_replaced += 1 self.plugins_data.AddPacket(action, packet) packets_injected += 1 # seq += 1 last_packet = packet else: # if ip_list self.plugins_data.AddPacket(action, packet) packets_injected += 1 print("%s replaced %d items" % (self.name, n_items_replaced)) print("Imported %d packets" % (packets_injected)) return self.plugins_data
def main(): if len(sys.argv) < 2: print 'pass 2 arguments: <destination>' exit(1) #addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, sys.argv[1]) print s = str( raw_input('Type space separated port nums ' '(example: "4 3 1 2 2 ") or "q" to quit: ')) if s == "q": exit(1) print i = 0 pkt = Ether(src=get_if_hwaddr(iface), dst='00:00:00:00:02:02') for p in s.split(" "): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i + 1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 #pkt = pkt / IPv6(dst=sys.argv[1], nh=150) / Bitmap(bit_label=228, bit_reserve=0) / MRI1(count=0, swtraces=[]) pkt = pkt / IPv6(dst=sys.argv[1], nh=150) while True: with open('flag.txt', 'r') as f: t = float(f.readline()) if (t != MAX_t): p = pkt / Bitmap(bit_label=255, bit_reserve=0) / MRI1(count=0, swtraces=[]) else: p = pkt / Bitmap(bit_label=228, bit_reserve=0) / MRI2(count=0, swtraces=[]) #p = pkt / Bitmap(bit_label=255, bit_reserve=0) / MRI1(count=0, swtraces=[]) p.show2() sendp(p, iface=iface, verbose=False) sleep(t)
def send_ack(pkt): iface = get_if() options = getOptions(sys.argv[1:]) list_switches, dict_host_ip, dict_link_weight, dict_link_port = get_network( options.topo) global dict_mri flag = 0 for i in range(0, len(pkt[MRI].swtraces)): dict_mri[pkt[MRI].swtraces[i].swid] = pkt[MRI].swtraces[i].qdepth if pkt[MRI].swtraces[i].qdepth > 5: flag = 1 src_ip = pkt[IP].src dst_ip = pkt[IP].dst src_host = dict_host_ip.keys()[dict_host_ip.values().index(src_ip)] dst_host = dict_host_ip.keys()[dict_host_ip.values().index(dst_ip)] sp_nodes, sp_ports = update_shorest_path(dict_mri, dict_link_weight, dict_link_port, src=dst_host, dst=src_host) ack = Ether(src=get_if_hwaddr(iface), dst="ff:ff:ff:ff:ff:ff") j = 0 for p in sp_ports: try: ack = ack / SourceRoute(bos=0, port=p) j = j + 1 except ValueError: pass if ack.haslayer(SourceRoute): ack.getlayer(SourceRoute, j).bos = 1 ack = ack / IP(dst=pkt[IP].src, proto=17) / UDP( dport=4322, sport=1235) / MRI(count=pkt[MRI].count, swtraces=pkt[MRI].swtraces) # ack.show2() sendp(ack, iface=iface, verbose=False) print("ACK sent at time: ", time.time())
def main(): if len(sys.argv) < 2: print 'pass 2 arguments: <destination>' exit(1) #addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, sys.argv[1]) while True: print s = str( raw_input('Type space separated port nums ' '(example: "4 3 1 2 2 ") or "q" to quit: ')) if s == "q": break print i = 0 #pkt = Ether(src=get_if_hwaddr(iface), dst='00:aa:00:00:00:01'); pkt = Ether() for p in s.split(" "): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i + 1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 pkt = pkt / IPv6(dst=sys.argv[1], nh=150) / MRI(count=0, swtraces=[]) #pkt = pkt / SwitchTrace(swid=0, in_port=0, out_port=0, qdepth=0, in_time=0, out_time=0, bos=0) #pkt = pkt / SwitchTrace(swid=0, in_port=0, out_port=0, qdepth=0, in_time=0, out_time=0, bos=0) #pkt = pkt / UDP(dport=4321, sport=1234) / "P4 is cool" pkt.show2() for i in range(int(sys.argv[2])): sendp(pkt, iface=iface, verbose=False) sleep(1)
def run(self, script=None): pprint.pprint(script) pcap_in = os.path.join(script["__dir"], script["filename"]) print("Importing PCAP: %s" % pcap_in) n_items_replaced = 0 packets_injected = 0 replace = None ip_list = None payload_list = None try: replace = script["replace"] ip_list = replace["ip"] payload_list = replace["payload"] except: pass # That means we have no definition to replace, we won't replace then packets = rdpcap(pcap_in) last_packet = None seq = 0 for packet in packets: if CookedLinux in packet: packet = Ether() / packet.payload try: del packet[IP].chksum del packet[TCP].chksum del packet[UDP].chksum except IndexError: pass # if packet.haslayer(TCP): # packet[TCP].seq = seq # if packet[TCP].flags == 18: # S|A # print("we have SYN ACK") # packet[TCP].ack = last_packet.seq # if payload_list: # payload_sizediff = 0 # for k, v in payload_list.items(): # if packet.haslayer(TCP): # payload_before = len(packet[TCP].payload) # packet[TCP].payload = str(packet[TCP].payload).replace(k, v) # payload_sizediff += len(packet[TCP].payload) - payload_before # print("Replaced %s by %s in TCP" % (k,v)) # if packet.haslayer(UDP): # payload_before = len(packet[UDP].payload) # packet[UDP].payload = str(packet[UDP].payload).replace(k, v) # payload_sizediff += len(packet[UDP].payload) - payload_before # print("Replaced %s by %s in UDP" % (k,v)) # packet[IP].len = packet[IP].len + payload_sizediff if ip_list: ip_to_replace = None for k, v in ip_list.items(): ip_to_replace = k ip = IP_y(v) has_started = False ipstart = "" ipstop = "" try: ipstart = script["ipstart"] except: has_started = True try: ipstop = script["ipstop"] except: pass has_stoped = False for individual_ip in ip: # print("We replace %s with %s" % (ip_to_replace, individual_ip)) if has_stoped: break if str(individual_ip).endswith(".0") or str(individual_ip).endswith(".255"): continue if not has_started: if str(individual_ip) != ipstart: continue else: has_started = True if packet.haslayer(IP): if packet[IP].src == ip_to_replace: packet[IP].src = str(individual_ip) n_items_replaced += 1 if packet[IP].dst == ip_to_replace: packet[IP].dst = str(individual_ip) n_items_replaced += 1 else: print("No IP Layer") if str(individual_ip) == ipstop: has_stoped = True self.plugins_data.pcap.append(packet) packets_injected += 1 # seq += 1 last_packet = packet else: # if ip_list self.plugins_data.pcap.append(packet) packets_injected += 1 print("%s replaced %d items" % ( self.name, n_items_replaced) ) print("Imported %d packets" % (packets_injected) ) return script["_next"], self.plugins_data
def main(): pathIDs = [] portpaths = [] info = psutil.net_if_addrs() for cname in info.keys(): if cname!='lo': hostname = cname.split('-')[0] print hostname #if len(sys.argv)<5: # print 'pass 5 arguments: <destination> <num> <pathID> <path>' # exit(1) f = open("pinglist16-1.txt", "r") line = f.readline() while line: line = line[0:-1] paras = line.split(" ") if hostname==paras[1].split(",")[0]: #pathID = int(paras[0]) pathIDs.append(int(paras[0])) #s = paras[2] portpaths.append(paras[2]) line = f.readline() addr = socket.gethostbyname("10.0.0.2") num = 0 #pathID = int(sys.argv[3]) #s=sys.argv[4] iface = get_if() #print "sending on interface %s to %s" % (iface, str(addr)) pathnum = len(pathIDs) begin_time = datetime.datetime.now() probepkts = [] for j in range(pathnum): pathID = pathIDs[j] s = portpaths[j] i=0 pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') for p in s.split(","): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i+1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 pkt = pkt / IP(dst=addr, options = IPOption_MRI(count=0, pathid=pathID, swtraces=[])) / UDP(dport=4321, sport=1234) probepkts.append(pkt) #write_cap(probepkts) packet_size = len(probepkts[0]) while num<pathnum*200: #pathID = pathIDs[num%pathnum] #s=portpaths[num%pathnum] ''' i = 0 pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') for p in s.split(","): try: pkt = pkt / SourceRoute(bos=0, port=int(p)) i = i+1 except ValueError: pass if pkt.haslayer(SourceRoute): pkt.getlayer(SourceRoute, i).bos = 1 pkt = pkt / IP(dst=addr, options = IPOption_MRI(count=0, pathid=pathID, swtraces=[])) / UDP(dport=4321, sport=1234) #print len(pkt) #pkt.show2() ''' #pkt.show2() sendp(probepkts[num%pathnum], iface=iface, verbose=False) print(str(num)+"/"+str(pathnum*200)) num = num + 1 '''
def bpf_handler(): global current_connection #arguments interface = "eth0" if len(argv) == 2: if str(argv[1]) == '-h': help() else: usage() if len(argv) == 3: if str(argv[1]) == '-i': interface = argv[2] else: usage() if len(argv) > 3: usage() success_text = open("./success", "rb").read() print("binding socket to '%s'" % interface) # initialize BPF - load source code from parse.c bpf = BPF(src_file="parse.c", debug=0) #load eBPF program filter of type SOCKET_FILTER into the kernel eBPF vm #more info about eBPF program types #http://man7.org/linux/man-pages/man2/bpf.2.html logging.info('JIT eBPF Code') function_filter = bpf.load_func("filter", BPF.SOCKET_FILTER) #create raw socket, bind it to interface #attach bpf program to socket created logging.info('Creating Raw Socket') BPF.attach_raw_socket(function_filter, interface) #get file descriptor of the socket previously created inside BPF.attach_raw_socket socket_fd = function_filter.sock #create python socket object, from the file descriptor sock = socket.fromfd(socket_fd, socket.PF_PACKET, socket.SOCK_RAW, socket.IPPROTO_IP) #set it as blocking socket sock.setblocking(True) while True: #retrieve raw packet from socket packet_str = os.read(socket_fd, 2048) packet_bytearray = bytearray(packet_str) # Parse RAW data using scapy.. super general and easy c = Ether(packet_bytearray) if c.haslayer(IP): layer_ip = c.getlayer(IP) logging.info('IP: {} said the magic word ;-)'.format(layer_ip.src)) if len(current_connection) > 0: for con, addr in current_connection: if (layer_ip.src, layer_ip.sport) == addr: con.send(success_text) logging.info('Sending success text now to: {}'.format( layer_ip.src))