def echoMulticastQuery(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["dst"] = "ff02::1"
ip_packet.fields["nh"] = 0
router_alert = RouterAlert()
router_alert.fields["otype"] = 5
router_alert.fields["value"] = 0
router_alert.fields["optlen"] = 2
padding = PadN()
padding.fields["otype"] = 1
padding.fields["optlen"] = 0
ip_ext = IPv6ExtHdrHopByHop()
ip_ext.fields["nh"] = 58
ip_ext.fields["options"] = [router_alert, padding]
ip_ext.fields["autopad"] = 1
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
icmp_packet = ICMPv6MLQuery()
icmp_packet.fields["code"] = 0
icmp_packet.fields["reserved"] = 0
icmp_packet.fields["mladdr"] = "::"
flags = "02"
qqic = "7d" #125
numberOfSources = "0000"
raw = Raw()
raw.fields["load"] = binascii.unhexlify(flags + qqic + numberOfSources)
payload = ip_packet / ip_ext / icmp_packet / raw
if receive:
filter = lambda (packet): IPv6 in packet
###Add function here
responseDict = {}
responses = self.send_receive(payload, filter, 8)
for response in responses:
if self.isMulticastReportv2(response):
reports = self.parseMulticastReport(response[Raw])
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip in responseDict:
responseDict[ip]["multicast_report"] += reports
else:
responseDict[ip] = {
"mac": mac,
"multicast_report": reports
}
return responseDict
else:
send(payload)
def echoMulticastQuery(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["dst"] = "ff02::1"
ip_packet.fields["nh"] = 0
router_alert = RouterAlert()
router_alert.fields["otype"] = 5
router_alert.fields["value"] = 0
router_alert.fields["optlen"] = 2
padding = PadN()
padding.fields["otype"] = 1
padding.fields["optlen"] = 0
ip_ext = IPv6ExtHdrHopByHop()
ip_ext.fields["nh"] = 58
ip_ext.fields["options"] = [router_alert, padding]
ip_ext.fields["autopad"] = 1
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
icmp_packet = ICMPv6MLQuery()
icmp_packet.fields["code"] = 0
icmp_packet.fields["reserved"] = 0
icmp_packet.fields["mladdr"] = "::"
flags = "02"
qqic = "7d" # 125
numberOfSources = "0000"
raw = Raw()
raw.fields["load"] = binascii.unhexlify(flags + qqic + numberOfSources)
payload = ip_packet / ip_ext / icmp_packet / raw
if receive:
filter = lambda (packet): IPv6 in packet
###Add function here
responseDict = {}
responses = self.send_receive(payload, filter, 8)
for response in responses:
if self.isMulticastReportv2(response):
reports = self.parseMulticastReport(response[Raw])
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip in responseDict:
responseDict[ip]["multicast_report"] += reports
else:
responseDict[ip] = {"mac": mac, "multicast_report": reports}
return responseDict
else:
send(payload)
def echoAllNodes(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["version"] = 6L
ip_packet.fields["tc"] = 0L
ip_packet.fields["nh"] = 58
ip_packet.fields["hlim"] = 1
ip_packet.fields["dst"] = "ff02::1"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
"""
#ICMPv6 Packet
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Message Body +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
"""
icmp_packet = ICMPv6EchoRequest()
icmp_packet.fields["code"] = 0
icmp_packet.fields["seq"] = 1
icmp_packet.fields["type"] = 128
data = "e3d3f15500000000f7f0010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637"
icmp_packet.fields["data"] = binascii.unhexlify(data)
# if receive is true, set up listener
if receive:
build_lfilter = lambda (packet): ICMPv6EchoReply in packet
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho,
[build_lfilter])
send(ip_packet / icmp_packet, verbose=False)
# if receive, return response
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
responseDict[ip] = {"mac": mac}
return responseDict
def echoAllNodes(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["version"] = 6L
ip_packet.fields["tc"] = 0L
ip_packet.fields["nh"] = 58
ip_packet.fields["hlim"] = 1
ip_packet.fields["dst"] = "ff02::1"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
"""
#ICMPv6 Packet
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Message Body +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
"""
icmp_packet = ICMPv6EchoRequest()
icmp_packet.fields["code"] = 0
icmp_packet.fields["seq"] = 1
icmp_packet.fields["type"] = 128
data = "e3d3f15500000000f7f0010000000000101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f3031323334353637"
icmp_packet.fields["data"] = binascii.unhexlify(data)
# if receive is true, set up listener
if receive:
build_lfilter = lambda (packet): ICMPv6EchoReply in packet
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho, [build_lfilter])
send(ip_packet / icmp_packet, verbose=False)
# if receive, return response
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
responseDict[ip] = {"mac": mac}
return responseDict
def parseLLMNR(self, responses):
responseDict = {}
for response in responses:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip not in responseDict:
responseDict[ip] = {"mac": mac}
dnsDict = {}
try:
dnsDict = self.parseLLMNRPacket(response[LLMNRQuery])
except Exception, e:
print e
if dnsDict:
responseDict[ip].update({"dns_data": dnsDict})
def parseLLMNR(self,responses):
responseDict = {}
for response in responses:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip not in responseDict:
responseDict[ip] = {"mac":mac}
dnsDict = {}
try:
dnsDict = self.parseLLMNRPacket(response[LLMNRQuery])
except Exception,e: print e
if dnsDict:
responseDict[ip].update({"dns_data":dnsDict})
return responseDict
def echoAllNodeNames(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["dst"] = "ff02::1"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
icmp_packet = ICMPv6NIQueryName()
icmp_packet.fields["code"] = 0
icmp_packet.fields["type"] = 139
icmp_packet.fields["unused"] = 0L
icmp_packet.fields["flags"] = 0L
icmp_packet.fields["qtype"] = 2
icmp_packet.fields["data"] = (0, 'ff02::1')
# set up sniffer if receive
if receive:
build_lfilter = lambda (packet): ICMPv6NIReplyName in packet
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho,
[build_lfilter])
send(ip_packet / icmp_packet)
# return response if receive
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
device_name = response[ICMPv6NIReplyName].fields["data"][1][
1].strip()
responseDict[ip] = {"mac": mac, "device_name": device_name}
return responseDict
def echoAllNodeNames(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["dst"] = "ff02::1"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
icmp_packet = ICMPv6NIQueryName()
icmp_packet.fields["code"] = 0
icmp_packet.fields["type"] = 139
icmp_packet.fields["unused"] = 0L
icmp_packet.fields["flags"] = 0L
icmp_packet.fields["qtype"] = 2
icmp_packet.fields["data"] = (0, "ff02::1")
# set up sniffer if receive
if receive:
build_lfilter = lambda (packet): ICMPv6NIReplyName in packet
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho, [build_lfilter])
send(ip_packet / icmp_packet)
# return response if receive
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
device_name = response[ICMPv6NIReplyName].fields["data"][1][1].strip()
responseDict[ip] = {"mac": mac, "device_name": device_name}
return responseDict
def mDNSQuery(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["nh"] = 17 #DNS
ip_packet.fields["hlim"] = 255
ip_packet.fields["dst"] = "ff02::fb"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
udp_segment = UDP()
udp_segment.fields["dport"] = 5353
udp_segment.fields["sport"] = 5353
transaction_id = "0002"
flags = "0000"
questions = "0001"
answer_rrs = "0000"
authority_rrs = "0000"
additional_rrs = "0000"
questionListAll = [
'_device-info._tcp', '_spotify-connect._tcp', '_googlecast._tcp',
'_services._dns-sd._udp', '_apple-mobdev2._tcp',
'_workstation_tcp', '_http_tcp', '_https_tcp', '_rss_tcp',
'_domain_udp', '_ntp_udp', '_smb_tcp', '_airport_tcp', '_ftp_tcp',
'_tftp_udp', '_webdav_tcp', '_webdavs_tcp', '_afpovertcp_tcp',
'_nfs_tcp', '_sftp-ssh_tcp', '_apt_tcp', '_ssh_tcp', '_rfb_tcp',
'_telnet_tcp', '_timbuktu_tcp', '_net-assistant_udp', '_imap_tcp',
'_pop3_tcp', '_printer_tcp', '_pdl-datastream_tcp', '_ipp_tcp',
'_daap_tcp', '_dacp_tcp', '_realplayfavs_tcp', '_raop_tcp',
'_rtsp_tcp', '_rtp_udp', '_dpap_tcp', '_pulse-server_tcp',
'_pulse-sink_tcp', '_pulse-source_tcp', '_mpd_tcp',
'_vlc-http_tcp', '_presence_tcp', '_sip_udp', '_h323_tcp',
'_presenc_olp', '_iax_udp', '_skype_tcp', '_see_tcp', '_lobby_tcp',
'_postgresql_tcp', '_svn_tcp', '_distcc_tcp',
'_MacOSXDupSuppress_tcp', '_ksysguard_tcp', '_omni-bookmark_tcp',
'_acrobatSRV_tcp', '_adobe-vc_tcp', '_pgpkey-hkp_tcp', '_ldap_tcp',
'_tp_tcp', '_tps_tcp', '_tp-http_tcp', '_tp-https_tcp',
'_workstation._tcp', '_http._tcp', '_https._tcp', '_rss._tcp',
'_domain._udp', '_ntp._udp', '_smb._tcp', '_airport._tcp',
'_ftp._tcp', '_tftp._udp', '_webdav._tcp', '_webdavs._tcp',
'_afpovertcp._tcp', '_nfs._tcp', '_sftp-ssh._tcp', '_apt._tcp',
'_ssh._tcp', '_rfb._tcp', '_telnet._tcp', '_timbuktu._tcp',
'_net-assistant._udp', '_imap._tcp', '_pop3._tcp', '_printer._tcp',
'_pdl-datastream._tcp', '_ipp._tcp', '_daap._tcp', '_dacp._tcp',
'_realplayfavs._tcp', '_raop._tcp', '_rtsp._tcp', '_rtp._udp',
'_dpap._tcp', '_pulse-server._tcp', '_pulse-sink._tcp',
'_pulse-source._tcp', '_mpd._tcp', '_vlc-http._tcp',
'_presence._tcp', '_sip._udp', '_h323._tcp', '_presenc._olp',
'_iax._udp', '_skype._tcp', '_see._tcp', '_lobby._tcp',
'_postgresql._tcp', '_svn._tcp', '_distcc._tcp',
'_MacOSXDupSuppress._tcp', '_ksysguard._tcp',
'_omni-bookmark._tcp', '_acrobatSRV._tcp', '_adobe-vc._tcp',
'_pgpkey-hkp._tcp', '_ldap._tcp', '_tp._tcp', '_tps._tcp',
'_tp-http._tcp', '_tp-https._tcp'
]
#questionList = questionList[:50]
if receive:
build_lfilter = lambda (
packet): IPv6 in packet and UDP in packet and packet[
UDP].dport == 5353
pool = ThreadPool(processes=1)
async_result = pool.apply_async(
self.listenForEcho,
[build_lfilter, 5]) # tuple of args for foo
for questionList in self.chunker(questionListAll, 20):
payload = ""
for questionName in questionList:
queryType = "000c" # domain pointer
questionIn = "8001"
payload += binascii.hexlify(
str(DNSQR(qname=questionName + ".local",
qtype='PTR')))[:-4] + "8001"
queryInfo = transaction_id + flags + "{:04x}".format(
len(questionList)
) + answer_rrs + authority_rrs + additional_rrs
payload = queryInfo + payload
raw = Raw()
raw.fields["load"] = binascii.unhexlify(payload)
send(ip_packet / udp_segment / raw)
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip not in responseDict:
responseDict[ip] = {"mac": mac}
dnsDict = {}
try:
dnsDict = self.parsemDNS(response[Raw])
except Exception, e:
print e
if dnsDict:
responseDict[ip].update({"dns_data": dnsDict})
return responseDict
def llmnr(self, ip, version=6):
ip_packet = createIPv6()
ip_packet.fields["nh"] = 17 #DNS
ip_packet.fields["hlim"] = 255
ip_packet.fields["dst"] = "ff02::1:3"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
udp_segment = UDP()
udp_segment.fields["dport"] = 5355
udp_segment.fields["sport"] = 5355
transaction_id = "0002"
flags = "0000"
questions = "0001"
answer_rrs = "0000"
authority_rrs = "0000"
additional_rrs = "0000"
if version == 4:
questionList = [".".join(ip.split(".")[::-1]) + ".in-addr.arpa"]
elif version == 6:
ipaddress = []
digits = ip.replace(":", "")
digits = digits[:4] + "000000000000" + digits[4:]
for digit in digits[::-1]:
ipaddress.append(digit)
questionList = [".".join(ipaddress) + ".ip6.arpa"]
payload = ""
for questionName in questionList:
queryType = "000c" # domain pointer
questionIn = "8001"
payload += binascii.hexlify(
str(DNSQR(qname=questionName, qtype='PTR')))[:-4] + "0001"
queryInfo = transaction_id + flags + "{:04x}".format(
len(questionList)) + answer_rrs + authority_rrs + additional_rrs
payload = queryInfo + payload
raw = Raw()
raw.fields["load"] = binascii.unhexlify(payload)
if "src" in ip_packet.fields:
build_lfilter = lambda (packet): IPv6 in packet and packet[
IPv6].dst == ip_packet.fields["src"]
else:
src = ip_packet.route()[1]
print src
build_lfilter = lambda (packet): IPv6 in packet and packet[
IPv6].dst == src
pool = ThreadPool(processes=1)
async_result = pool.apply_async(
self.listenForEcho, [build_lfilter, 2]) # tuple of args for foo
send(ip_packet / udp_segment / raw)
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
responseDict[ip] = {"mac": mac}
dnsDict = {}
try:
dnsDict = self.parsemDNS(response[Raw])
except Exception, e:
print e
responseDict[ip].update({"dns_data": dnsDict})
def mDNSQuery(self, receive=False):
ip_packet = createIPv6()
ip_packet.fields["nh"] = 17 #DNS
ip_packet.fields["hlim"] = 255
ip_packet.fields["dst"] = "ff02::fb"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
udp_segment = UDP()
udp_segment.fields["dport"] = 5353
udp_segment.fields["sport"] = 5353
transaction_id = "0002"
flags = "0000"
questions = "0001"
answer_rrs = "0000"
authority_rrs = "0000"
additional_rrs = "0000"
questionListAll = ['_device-info._tcp','_spotify-connect._tcp','_googlecast._tcp','_services._dns-sd._udp','_apple-mobdev2._tcp','_workstation_tcp', '_http_tcp', '_https_tcp', '_rss_tcp', '_domain_udp', '_ntp_udp', '_smb_tcp', '_airport_tcp', '_ftp_tcp', '_tftp_udp', '_webdav_tcp', '_webdavs_tcp', '_afpovertcp_tcp', '_nfs_tcp', '_sftp-ssh_tcp', '_apt_tcp', '_ssh_tcp', '_rfb_tcp', '_telnet_tcp', '_timbuktu_tcp', '_net-assistant_udp', '_imap_tcp', '_pop3_tcp', '_printer_tcp', '_pdl-datastream_tcp', '_ipp_tcp', '_daap_tcp', '_dacp_tcp', '_realplayfavs_tcp', '_raop_tcp', '_rtsp_tcp', '_rtp_udp', '_dpap_tcp', '_pulse-server_tcp', '_pulse-sink_tcp', '_pulse-source_tcp', '_mpd_tcp', '_vlc-http_tcp', '_presence_tcp', '_sip_udp', '_h323_tcp', '_presenc_olp', '_iax_udp', '_skype_tcp', '_see_tcp', '_lobby_tcp', '_postgresql_tcp', '_svn_tcp', '_distcc_tcp', '_MacOSXDupSuppress_tcp', '_ksysguard_tcp', '_omni-bookmark_tcp', '_acrobatSRV_tcp', '_adobe-vc_tcp', '_pgpkey-hkp_tcp', '_ldap_tcp', '_tp_tcp', '_tps_tcp', '_tp-http_tcp', '_tp-https_tcp', '_workstation._tcp', '_http._tcp', '_https._tcp', '_rss._tcp', '_domain._udp', '_ntp._udp', '_smb._tcp', '_airport._tcp', '_ftp._tcp', '_tftp._udp', '_webdav._tcp', '_webdavs._tcp', '_afpovertcp._tcp', '_nfs._tcp', '_sftp-ssh._tcp', '_apt._tcp', '_ssh._tcp', '_rfb._tcp', '_telnet._tcp', '_timbuktu._tcp', '_net-assistant._udp', '_imap._tcp', '_pop3._tcp', '_printer._tcp', '_pdl-datastream._tcp', '_ipp._tcp', '_daap._tcp', '_dacp._tcp', '_realplayfavs._tcp', '_raop._tcp', '_rtsp._tcp', '_rtp._udp', '_dpap._tcp', '_pulse-server._tcp', '_pulse-sink._tcp', '_pulse-source._tcp', '_mpd._tcp', '_vlc-http._tcp', '_presence._tcp', '_sip._udp', '_h323._tcp', '_presenc._olp', '_iax._udp', '_skype._tcp', '_see._tcp', '_lobby._tcp', '_postgresql._tcp', '_svn._tcp', '_distcc._tcp', '_MacOSXDupSuppress._tcp', '_ksysguard._tcp', '_omni-bookmark._tcp', '_acrobatSRV._tcp', '_adobe-vc._tcp', '_pgpkey-hkp._tcp', '_ldap._tcp', '_tp._tcp', '_tps._tcp', '_tp-http._tcp', '_tp-https._tcp']
#questionList = questionList[:50]
if receive:
build_lfilter = lambda (packet): IPv6 in packet and UDP in packet and packet[UDP].dport == 5353
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho,[build_lfilter,5]) # tuple of args for foo
for questionList in self.chunker(questionListAll,20):
payload = ""
for questionName in questionList:
queryType = "000c" # domain pointer
questionIn = "8001"
payload += binascii.hexlify(str(DNSQR(qname=questionName + ".local",qtype='PTR')))[:-4] + "8001"
queryInfo = transaction_id + flags + "{:04x}".format(len(questionList)) + answer_rrs + authority_rrs + additional_rrs
payload = queryInfo + payload
raw = Raw()
raw.fields["load"] = binascii.unhexlify(payload)
send(ip_packet/udp_segment/raw)
if receive:
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
if ip not in responseDict:
responseDict[ip] = {"mac":mac}
dnsDict = {}
try:
dnsDict = self.parsemDNS(response[Raw])
except Exception,e: print e
if dnsDict:
responseDict[ip].update({"dns_data":dnsDict})
return responseDict
def llmnr(self,ip,version=6):
ip_packet = createIPv6()
ip_packet.fields["nh"] = 17 #DNS
ip_packet.fields["hlim"] = 255
ip_packet.fields["dst"] = "ff02::1:3"
if "src" not in ip_packet.fields:
ip_packet.fields["src"] = get_source_address(ip_packet)
udp_segment = UDP()
udp_segment.fields["dport"] = 5355
udp_segment.fields["sport"] = 5355
transaction_id = "0002"
flags = "0000"
questions = "0001"
answer_rrs = "0000"
authority_rrs = "0000"
additional_rrs = "0000"
if version == 4:
questionList = [".".join(ip.split(".")[::-1]) + ".in-addr.arpa"]
elif version == 6:
ipaddress = []
digits = ip.replace(":","")
digits = digits[:4] + "000000000000" + digits[4:]
for digit in digits[::-1]:
ipaddress.append(digit)
questionList = [".".join(ipaddress) + ".ip6.arpa"]
payload = ""
for questionName in questionList:
queryType = "000c" # domain pointer
questionIn = "8001"
payload += binascii.hexlify(str(DNSQR(qname=questionName,qtype='PTR')))[:-4] + "0001"
queryInfo = transaction_id + flags + "{:04x}".format(len(questionList)) + answer_rrs + authority_rrs + additional_rrs
payload = queryInfo + payload
raw = Raw()
raw.fields["load"] = binascii.unhexlify(payload)
if "src" in ip_packet.fields:
build_lfilter = lambda (packet): IPv6 in packet and packet[IPv6].dst == ip_packet.fields["src"]
else:
src = ip_packet.route()[1]
print src
build_lfilter = lambda (packet): IPv6 in packet and packet[IPv6].dst == src
pool = ThreadPool(processes=1)
async_result = pool.apply_async(self.listenForEcho,[build_lfilter,2]) # tuple of args for foo
send(ip_packet/udp_segment/raw)
responseDict = {}
return_val = async_result.get()
for response in return_val:
ip = response[IPv6].src
rawSrc = copy(response[IPv6])
rawSrc.remove_payload()
rawSrc = grabRawSrc(rawSrc)
mac = getMacAddress(rawSrc)
responseDict[ip] = {"mac":mac}
dnsDict = {}
try:
dnsDict = self.parsemDNS(response[Raw])
except Exception,e: print e
responseDict[ip].update({"dns_data":dnsDict})
return responseDict