Esempio n. 1
0
	def mutate(self, packets):
		result = []
		numseg = self.numseg
		position = self.position
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
		#if numseg >= len(packets):
		#	return packets
			
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged)
		forged.flags = 0
		
		if position == "after":
			packets.insert(numseg, forged)
		elif position == "before":	
			packets.insert(numseg-1, forged)
		else:
			packets.append(packets[numseg-1])
			del(packets[numseg-1])
			packets.insert(numseg-1, forged)	
		
		return packets
Esempio n. 2
0
    def mutate(self, packets):
        numseg = self.numseg
        position = self.position
        # Not enough segments, Syn or Ack, return
        if (
            utils.check_length(numseg, packets)
            or utils.check_syn(packets[numseg - 1])
            or utils.check_ack(packets[numseg - 1])
        ):
            return packets

        forged = packets[numseg - 1].copy()
        forged = utils.tcp_bad_payload(forged)
        # calculate and modify chksum
        forged.chksum = scapy.checksum(forged) + 1

        """il frammento manipolato dovrebbe essere preso per buono da 
		snort -k notcp ma scartato da host vittima. """

        # insert forged segment
        if position == "after":
            packets.insert(numseg, forged)
        elif position == "before":
            packets.insert(numseg - 1, forged)
            # last position is for original packet, not the forged one!!!!
        elif position == "last":
            packets.append(packets[numseg - 1])
            del (packets[numseg - 1])
            packets.insert(numseg - 1, forged)

        return packets
Esempio n. 3
0
	def mutate(self, packets):
		numseg = self.numseg
		thl = self.thl
		position = self.position
				
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
			
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged)
		
		#modify  data offset in tcp field
		forged.dataofs = thl
		
		#insert forged segment
		if position == "after":
			packets.insert(numseg, forged)
		elif position == "before":	
			packets.insert(numseg-1, forged)
		elif position == "last":
			packets.append(packets[numseg-1])
			del(packets[numseg-1])
			packets.insert(numseg-1, forged)
					
		return packets
Esempio n. 4
0
	def mutate(self, packets):
		numseg = self.numseg
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
			
		packets.insert(numseg+1, packets[numseg-1])
		del(packets[numseg-1])
		
		return packets
Esempio n. 5
0
	def mutate(self, packets):
		result = []
		size = self.size
		
		#if SYN or ACK do nothing
		if len(packets)>0:
			if ( utils.check_syn(packets[0].payload) or utils.check_ack(packets[0].payload) ):
				return packets
		
		for p in packets:
			result.extend(ip.fragment(p,size))
		return result
Esempio n. 6
0
	def mutate(self, packets):
		numseg = self.numseg
		pos = self.pos
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets	
			
		if pos >= len(packets):
			packets.append(packets[numseg-1])
			return packets
		
		packets.insert(pos-1, packets[numseg-1])
				
		return packets
Esempio n. 7
0
    def mutate(self, packets):
        numseg = self.numseg
        timer = self.timer

        # Not enough segments, Syn or Ack, return
        if (
            utils.check_length(numseg, packets)
            or utils.check_syn(packets[numseg - 1])
            or utils.check_ack(packets[numseg - 1])
        ):
            return packets

        packets[numseg - 1].timeout = timer

        return packets
Esempio n. 8
0
	def mutate(self, packets):
		result = []
		numseg = self.numseg
		timer = self.timer
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
			
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD)
		forged.flags = 'R'
		#calculate and modify chksum
		forged.chksum = scapy.checksum(forged)+1
		packets.insert(numseg-1, forged)
		packets[numseg].timeout = timer
		
		return packets
Esempio n. 9
0
	def mutate(self, packets):
		numseg = self.numseg
		timer = self.timer
		offset = self.offset
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
			
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged, utils.NOPAYLOAD)
		forged.flags = 'R'
		#seq. number
		forged.seq += offset
		packets.insert(numseg-1, forged)
		packets[numseg].timeout = timer
						
		return packets
Esempio n. 10
0
	def mutate(self, packets):
				
		#no fragments, syn or ack
		if len(packets) < 2 or utils.check_syn(packets[0].payload) or utils.check_ack(packets[0].payload):	
			return packets
					
		forged = packets[0].copy()
		forged = utils.ip_bad_payload(forged)
		
		#ip options with bad option length
		forged.options = self.option+self.data
		#insert packet first pos
		packets.insert (0,forged)
		#move original fragment last pos
		packets.append (packets[1])
		del(packets[1])
				
		return packets
Esempio n. 11
0
	def mutate(self, packets):
		numseg = self.numseg
		position = self.position
		option = self.opt
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
					
		if option == "mss":
			forged=scapy.TCP(options=[("MSS",144)])/packets[numseg-1].load
		elif option == "timestamp":
			forged=scapy.TCP(options=[("Timestamp",(0,-1))])/packets[numseg-1].load
		elif option == "wscale":
			forged=scapy.TCP(options=[("WScale", 10)])/packets[numseg-1].load
		elif option == "sackok":
			forged=scapy.TCP(options=[("SAckOK", 1)])/packets[numseg-1].load
		
		
		forged.sport = packets[numseg-1].sport
		forged.dport = packets[numseg-1].dport
		forged.seq = packets[numseg-1].seq
		forged.ack = packets[numseg-1].ack
		forged.dataofs = packets[numseg-1].dataofs
		forged.reserverd = packets[numseg-1].reserved
		forged.flags = packets[numseg-1].flags
		if option =="timestamp":
			#disable ACK flag
			forged.flags = 0		
		forged.window = packets[numseg-1].window
		forged.urgptr = packets[numseg-1].urgptr
		'''nell elenco in __init__.py, mettere TCPBadOption prima di TCPFakeReset
		per non rischiare che operatore precedente abbia cancellato il payload'''
		forged = utils.tcp_bad_payload(forged)

		if position == "after":
			packets.insert(numseg, forged)
		elif position == "before":	
			packets.insert(numseg-1, forged)
		else:
			packets.append(packets[numseg-1])
			del(packets[numseg-1])
			packets.insert(numseg-1, forged)	
		
		return packets
Esempio n. 12
0
	def mutate(self, packets):
		numseg = self.numseg
		position = self.position
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets		
		
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged)
		
		if position == "after":
			#forged after original
			packets.insert(numseg, forged)
		else:	
			#forged one before original	
			packets.insert(numseg-1, forged)

		return packets
Esempio n. 13
0
	def mutate(self, packets):
		numseg = self.numseg
		position = self.position
		flags_ = self.flags
		#do nothing
		if utils.check_length(numseg, packets) or utils.check_syn(packets[numseg-1]) or utils.check_ack(packets[numseg-1]):
			return packets
			
		forged = packets[numseg-1].copy()
		forged = utils.tcp_bad_payload(forged)
		forged.flags = flags_
		
		if position == "after":
			packets.insert(numseg, forged)
		elif position == "before":	
			packets.insert(numseg-1, forged)
		else:
			packets.append(packets[numseg-1])
			del(packets[numseg-1])
			packets.insert(numseg-1, forged)	
		
		return packets
Esempio n. 14
0
	def mutate(self, packets):
		result = []
		seq_offset = self.seq_offset
		#if real SYN or ACK do nothing
		if utils.check_syn(packets[0]) or utils.check_ack(packets[0]):
			return packets
					
		if len(packets) < 2:
			return packets	
					
		for i in range(0,len(packets)):
			forged = scapy.TCP()			
			forged.seq = packets[0].seq+i*seq_offset
			forged.sport = packets[0].sport
			forged.dport = packets[0].dport
			forged.flags = "S"
			forged.window = packets[0].window
			#forged.urgptr = packets[i].urgptr
			result.append(packets[i])
			result.append(forged)
				
		return result
Esempio n. 15
0
	def mutate(self, packets):
		numfrag = self.numfrag
		ihl = self.ihl
				
		
		#Not enough fragments, Syn or Ack, return
		if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload):
			return packets
			
		forged = packets[numfrag-1].copy()
		forged = utils.ip_bad_payload(forged)
		
		#modify total length
		forged.ihl = ihl
		
		#insert fragment first pos
		packets.insert(0,forged)
		#move original fragment last pos
		packets.append(packets[numfrag])
		del(packets[numfrag])
			
		return packets
Esempio n. 16
0
	def mutate(self, packets):
		BADMAC = self.BADMAC
		timer = self.timer	
		numframe = self.numframe
		#if packet is fragmented,SYN or ACK do nothing
		if utils.check_length(numframe, packets) or utils.check_syn(packets[numframe-1].payload.payload) or utils.check_ack(packets[numframe-1].payload.payload) or utils.check_fragmentation(packets[numframe-1].payload):
			return packets
		#create fake RST	
		forged = packets[numframe-1].copy()
		forged.payload.payload = utils.tcp_bad_payload(forged.payload.payload, utils.NOPAYLOAD)
		forged.dst=BADMAC
		#set reset flag
		forged.payload.payload.flags = 'R'
		#insert fake RST
		packets.insert(numframe-1, forged)
		#append original
		packets.append(packets[numframe])
		del(packets[numframe])
		#create fake SYN
		forged_syn = packets[numframe-1].copy()
		forged_syn.dst=BADMAC
		forged_syn.timeout = timer
		forged_syn.payload.payload.flags = 'S'
		forged_syn.payload.payload.seq += 103245
		forged_syn.payload.payload.ack = 0
		#insert fake SYN
		packets.insert(numframe, forged_syn)
		#create fake SYN/ACK
		forged_synack = packets[numframe-1].copy()
		forged_synack.dst=BADMAC
		forged_synack.payload.payload.sport = packets[numframe].payload.payload.dport
		forged_synack.payload.payload.dport = packets[numframe].payload.payload.sport
		forged_synack.payload.payload.flags = 'SA'
		forged_synack.payload.payload.seq += 207654
		forged_synack.payload.payload.ack = packets[numframe].payload.payload.seq + 1
		forged_synack.payload.dst = packets[numframe].payload.src
		forged_synack.payload.src = packets[numframe].payload.dst
		#insert fake SYN/ACK
		packets.insert(numframe+1, forged_synack)		
		#create fake ACK
		forged_ack = packets[numframe-1].copy()
		forged_ack.dst=BADMAC
		forged_ack.payload.payload.flags = 'A'
		forged_ack.payload.payload.seq = packets[numframe+1].payload.payload.ack
		forged_ack.payload.payload.ack = packets[numframe+1].payload.payload.seq + 1
		#insert fake SYN/ACK
		packets.insert(numframe+2, forged_ack)	
		
		#delete reset
		del(packets[numframe-1])

		return packets
Esempio n. 17
0
	def mutate(self, packets):
		numfrag = self.numfrag
		
		if len(packets) == 1:
			return packets
		
		#Not enough fragments, Syn or Ack, return
		if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload):
			return packets
								
		frag_out = packets[numfrag-1]
		del(packets[numfrag-1])
		packets.insert(numfrag,frag_out)		
		
		return packets
Esempio n. 18
0
	def mutate(self, packets):
		numfrag = self.numfrag
		
		#Not enough fragments, Syn or Ack, return
		if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload):
			return packets

		forged = packets[numfrag-1].copy()
		forged = utils.ip_bad_payload(forged)
		#calculate and modify chksum
		forged.chksum = ip.scapy.checksum(forged)+1

		'''
		forged packet will be accepted by snort only if using -k noip option
		'''

		#insert fragment first pos
		packets.insert(0,forged)
		#move original fragment last pos
		packets.append(packets[numfrag])
		del(packets[numfrag])

		return packets
Esempio n. 19
0
	def mutate(self, packets):
		numfrag = self.numfrag
		
		#if not enough packets, syn or ack return
		if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload):
			return packets 
		
		forged = packets[numfrag-1].copy()
		forged = utils.ip_bad_payload(forged)
		
		#change IP version
		forged.version = 8
		#insert forged 
		packets.insert (0 ,forged)
		#append original
		packets.append(packets[numfrag])
		del(packets[numfrag])
				
		return packets
		
Esempio n. 20
0
	def mutate(self, packets):
		numfrag = self.numfrag

		#Not enough elements,  Syn or Ack return
		if utils.check_length(numfrag, packets) or utils.check_syn(packets[numfrag-1].payload) or utils.check_ack(packets[numfrag-1].payload):
			return packets
		
		#set self.TTL for each packet
		for i,f in enumerate(packets):
			packets[i].ttl=self.TTL		
		#create forged
		forged = packets[numfrag-1].copy()
		forged = utils.ip_bad_payload(forged)
		#set short TTL
		forged.ttl=self.shortTTL
		packets.insert(numfrag-1, forged)
		
		#append numfrag
		packets.append(packets[numfrag])
		del(packets[numfrag])
		
		return packets
Esempio n. 21
0
	def mutate(self, packets):
			
		numframe = self.numframe
		BADMAC = self.BADMAC

		
		if utils.check_length(numframe, packets) or utils.check_syn(packets[numframe-1].payload.payload) or utils.check_ack(packets[numframe-1].payload.payload):
			return packets
				
		forged = packets[numframe-1].copy()
		forged.payload = utils.ip_bad_payload(forged.payload)
		forged.dst=BADMAC
		#insert forged frame
		packets.insert(0, forged)
		#append original
		packets.append(packets[numframe])
		del(packets[numframe])
		
		return packets
Esempio n. 22
0
	def mutate(self, packets):
		result = []
		
		#Not enough segments, Syn or Ack, return
		if utils.check_length(self.numseg, packets) or utils.check_syn(packets[self.numseg-1]) or utils.check_ack(packets[self.numseg-1]):
			return packets
		
		count = 0
		for p in packets:
			if count == self.numseg:
				p.flags = 0
			result.append(p)
			count +=1
		return result