class NTLM_Client(_NTLM_Automaton):
"""
A class to overload to create a client automaton when using the
NTLM relay.
"""
port = 445
cls = conf.raw_layer
ssl = False
kwargs_cls = {}
def __init__(self, *args, **kwargs):
self.client_pipe = ObjectPipe()
super(NTLM_Client, self).__init__(*args, **kwargs)
def bind(self, srv_atmt):
# type: (NTLM_Server) -> None
self.srv_atmt = srv_atmt
def set_srv(self, attr, value):
self.srv_atmt.values[attr] = value
def get_token(self):
return self.srv_atmt.token_pipe.recv()
def echo(self, pkt):
return self.srv_atmt.send(pkt)
def wait_server(self):
kwargs = self.client_pipe.recv()
self.client_pipe.close()
return kwargs
def _run(self,
count=0, # type: int
store=True, # type: bool
offline=None, # type: Any
quiet=False, # type: bool
prn=None, # type: Optional[Callable[[Packet], Any]]
lfilter=None, # type: Optional[Callable[[Packet], bool]]
L2socket=None, # type: Optional[Type[SuperSocket]]
timeout=None, # type: Optional[int]
opened_socket=None, # type: Optional[SuperSocket]
stop_filter=None, # type: Optional[Callable[[Packet], bool]]
iface=None, # type: Optional[_GlobInterfaceType]
started_callback=None, # type: Optional[Callable[[], Any]]
session=None, # type: Optional[_GlobSessionType]
session_kwargs={}, # type: Dict[str, Any]
**karg # type: Any
):
# type: (...) -> None
self.running = True
# Start main thread
# instantiate session
if not isinstance(session, DefaultSession):
session = session or DefaultSession
session = session(prn=prn, store=store,
**session_kwargs)
else:
session.prn = prn
session.store = store
# sniff_sockets follows: {socket: label}
sniff_sockets = {} # type: Dict[SuperSocket, _GlobInterfaceType]
if opened_socket is not None:
if isinstance(opened_socket, list):
sniff_sockets.update(
(s, "socket%d" % i)
for i, s in enumerate(opened_socket)
)
elif isinstance(opened_socket, dict):
sniff_sockets.update(
(s, label)
for s, label in six.iteritems(opened_socket)
)
else:
sniff_sockets[opened_socket] = "socket0"
if offline is not None:
flt = karg.get('filter')
if isinstance(offline, str):
# Single file
offline = [offline]
if isinstance(offline, list) and \
all(isinstance(elt, str) for elt in offline):
# List of files
sniff_sockets.update((PcapReader(
fname if flt is None else
tcpdump(fname,
args=["-w", "-"],
flt=flt,
getfd=True,
quiet=quiet)
), fname) for fname in offline)
elif isinstance(offline, dict):
# Dict of files
sniff_sockets.update((PcapReader(
fname if flt is None else
tcpdump(fname,
args=["-w", "-"],
flt=flt,
getfd=True,
quiet=quiet)
), label) for fname, label in six.iteritems(offline))
elif isinstance(offline, (Packet, PacketList, list)):
# Iterables (list of packets, PacketList..)
offline = IterSocket(offline)
sniff_sockets[offline if flt is None else PcapReader(
tcpdump(offline,
args=["-w", "-"],
flt=flt,
getfd=True,
quiet=quiet)
)] = offline
else:
# Other (file descriptors...)
sniff_sockets[PcapReader(
offline if flt is None else
tcpdump(offline,
args=["-w", "-"],
flt=flt,
getfd=True,
quiet=quiet)
)] = offline
if not sniff_sockets or iface is not None:
# The _RL2 function resolves the L2socket of an iface
_RL2 = lambda i: L2socket or resolve_iface(i).l2listen() # type: Callable[[_GlobInterfaceType], Callable[..., SuperSocket]] # noqa: E501
if isinstance(iface, list):
sniff_sockets.update(
(_RL2(ifname)(type=ETH_P_ALL, iface=ifname, **karg),
ifname)
for ifname in iface
)
elif isinstance(iface, dict):
sniff_sockets.update(
(_RL2(ifname)(type=ETH_P_ALL, iface=ifname, **karg),
iflabel)
for ifname, iflabel in six.iteritems(iface)
)
else:
iface = iface or conf.iface
sniff_sockets[_RL2(iface)(type=ETH_P_ALL, iface=iface,
**karg)] = iface
# Get select information from the sockets
_main_socket = next(iter(sniff_sockets))
select_func = _main_socket.select
nonblocking_socket = _main_socket.nonblocking_socket
# We check that all sockets use the same select(), or raise a warning
if not all(select_func == sock.select for sock in sniff_sockets):
warning("Warning: inconsistent socket types ! "
"The used select function "
"will be the one of the first socket")
if not nonblocking_socket:
# select is blocking: Add special control socket
from scapy.automaton import ObjectPipe
close_pipe = ObjectPipe()
sniff_sockets[close_pipe] = "control_socket"
def stop_cb():
# type: () -> None
if self.running:
close_pipe.send(None)
self.continue_sniff = False
self.stop_cb = stop_cb
else:
# select is non blocking
def stop_cb():
# type: () -> None
self.continue_sniff = False
self.stop_cb = stop_cb
close_pipe = None
try:
if started_callback:
started_callback()
self.continue_sniff = True
# Start timeout
if timeout is not None:
stoptime = time.time() + timeout
remain = None
while sniff_sockets and self.continue_sniff:
if timeout is not None:
remain = stoptime - time.time()
if remain <= 0:
break
sockets = select_func(list(sniff_sockets.keys()), remain)
dead_sockets = []
for s in sockets:
if s is close_pipe:
break
try:
p = s.recv()
except EOFError:
# End of stream
try:
s.close()
except Exception:
pass
dead_sockets.append(s)
continue
except Exception as ex:
msg = " It was closed."
try:
# Make sure it's closed
s.close()
except Exception as ex2:
msg = " close() failed with '%s'" % ex2
warning(
"Socket %s failed with '%s'." % (s, ex) + msg
)
dead_sockets.append(s)
if conf.debug_dissector >= 2:
raise
continue
if p is None:
continue
if lfilter and not lfilter(p):
continue
p.sniffed_on = sniff_sockets[s]
# on_packet_received handles the prn/storage
session.on_packet_received(p)
# check
if (stop_filter and stop_filter(p)) or \
(0 < count <= session.count):
self.continue_sniff = False
break
# Removed dead sockets
for s in dead_sockets:
del sniff_sockets[s]
except KeyboardInterrupt:
pass
self.running = False
if opened_socket is None:
for s in sniff_sockets:
s.close()
elif close_pipe:
close_pipe.close()
self.results = session.toPacketList()
def _run(self,
count=0,
store=True,
offline=None,
quiet=False,
prn=None,
lfilter=None,
L2socket=None,
timeout=None,
opened_socket=None,
stop_filter=None,
iface=None,
started_callback=None,
session=None,
session_args=[],
session_kwargs={},
*arg,
**karg):
self.running = True
# Start main thread
# instantiate session
if not isinstance(session, DefaultSession):
session = session or DefaultSession
session = session(prn=prn,
store=store,
*session_args,
**session_kwargs)
else:
session.prn = prn
session.store = store
# sniff_sockets follows: {socket: label}
sniff_sockets = {}
if opened_socket is not None:
if isinstance(opened_socket, list):
sniff_sockets.update(
(s, "socket%d" % i) for i, s in enumerate(opened_socket))
elif isinstance(opened_socket, dict):
sniff_sockets.update(
(s, label) for s, label in six.iteritems(opened_socket))
else:
sniff_sockets[opened_socket] = "socket0"
if offline is not None:
flt = karg.get('filter')
if isinstance(offline, list) and \
all(isinstance(elt, str) for elt in offline):
sniff_sockets.update(
(PcapReader(fname if flt is None else tcpdump(
fname, args=["-w", "-"], flt=flt, getfd=True)), fname)
for fname in offline)
elif isinstance(offline, dict):
sniff_sockets.update(
(PcapReader(fname if flt is None else tcpdump(
fname, args=["-w", "-"], flt=flt, getfd=True)), label)
for fname, label in six.iteritems(offline))
else:
# Write Scapy Packet objects to a pcap file
def _write_to_pcap(packets_list):
filename = get_temp_file(autoext=".pcap")
wrpcap(filename, offline)
return filename, filename
if isinstance(offline, Packet):
tempfile_written, offline = _write_to_pcap([offline])
elif isinstance(offline, list) and \
all(isinstance(elt, Packet) for elt in offline):
tempfile_written, offline = _write_to_pcap(offline)
sniff_sockets[PcapReader(offline if flt is None else tcpdump(
offline,
args=["-w", "-"],
flt=flt,
getfd=True,
quiet=quiet))] = offline
if not sniff_sockets or iface is not None:
iface = resolve_iface(iface or conf.iface)
if L2socket is None:
L2socket = iface.l2listen()
if isinstance(iface, list):
sniff_sockets.update(
(L2socket(type=ETH_P_ALL, iface=ifname, *arg, **karg),
ifname) for ifname in iface)
elif isinstance(iface, dict):
sniff_sockets.update(
(L2socket(type=ETH_P_ALL, iface=ifname, *arg, **karg),
iflabel) for ifname, iflabel in six.iteritems(iface))
else:
sniff_sockets[L2socket(type=ETH_P_ALL,
iface=iface,
*arg,
**karg)] = iface
# Get select information from the sockets
_main_socket = next(iter(sniff_sockets))
select_func = _main_socket.select
_backup_read_func = _main_socket.__class__.recv
nonblocking_socket = _main_socket.nonblocking_socket
# We check that all sockets use the same select(), or raise a warning
if not all(select_func == sock.select for sock in sniff_sockets):
warning("Warning: inconsistent socket types ! "
"The used select function "
"will be the one of the first socket")
if nonblocking_socket:
# select is non blocking
def stop_cb():
self.continue_sniff = False
self.stop_cb = stop_cb
close_pipe = None
else:
# select is blocking: Add special control socket
from scapy.automaton import ObjectPipe
close_pipe = ObjectPipe()
sniff_sockets[close_pipe] = "control_socket"
def stop_cb():
if self.running:
close_pipe.send(None)
self.continue_sniff = False
self.stop_cb = stop_cb
try:
if started_callback:
started_callback()
self.continue_sniff = True
# Start timeout
if timeout is not None:
stoptime = time.time() + timeout
remain = None
while sniff_sockets and self.continue_sniff:
if timeout is not None:
remain = stoptime - time.time()
if remain <= 0:
break
sockets, read_func = select_func(sniff_sockets, remain)
read_func = read_func or _backup_read_func
dead_sockets = []
for s in sockets:
if s is close_pipe:
break
try:
p = read_func(s)
except EOFError:
# End of stream
try:
s.close()
except Exception:
pass
dead_sockets.append(s)
continue
except Exception as ex:
msg = " It was closed."
try:
# Make sure it's closed
s.close()
except Exception as ex:
msg = " close() failed with '%s'" % ex
warning("Socket %s failed with '%s'." % (s, ex) + msg)
dead_sockets.append(s)
if conf.debug_dissector >= 2:
raise
continue
if p is None:
continue
if lfilter and not lfilter(p):
continue
p.sniffed_on = sniff_sockets[s]
# on_packet_received handles the prn/storage
session.on_packet_received(p)
# check
if (stop_filter and stop_filter(p)) or \
(0 < count <= session.count):
self.continue_sniff = False
break
# Removed dead sockets
for s in dead_sockets:
del sniff_sockets[s]
except KeyboardInterrupt:
pass
self.running = False
if opened_socket is None:
for s in sniff_sockets:
s.close()
elif close_pipe:
close_pipe.close()
self.results = session.toPacketList()
def _run(self,
count=0,
store=True,
offline=None,
prn=None,
lfilter=None,
L2socket=None,
timeout=None,
opened_socket=None,
stop_filter=None,
iface=None,
started_callback=None,
session=None,
*arg,
**karg):
self.running = True
# Start main thread
c = 0
session = session or DefaultSession
session = session(prn, store) # instantiate session
# sniff_sockets follows: {socket: label}
sniff_sockets = {}
if opened_socket is not None:
if isinstance(opened_socket, list):
sniff_sockets.update(
(s, "socket%d" % i) for i, s in enumerate(opened_socket))
elif isinstance(opened_socket, dict):
sniff_sockets.update(
(s, label) for s, label in six.iteritems(opened_socket))
else:
sniff_sockets[opened_socket] = "socket0"
if offline is not None:
flt = karg.get('filter')
from scapy.arch.common import TCPDUMP
if not TCPDUMP and flt is not None:
message = "tcpdump is not available. Cannot use filter!"
raise Scapy_Exception(message)
if isinstance(offline, list):
sniff_sockets.update(
(PcapReader(fname if flt is None else tcpdump(
fname, args=["-w", "-", flt], getfd=True)), fname)
for fname in offline)
elif isinstance(offline, dict):
sniff_sockets.update(
(PcapReader(fname if flt is None else tcpdump(
fname, args=["-w", "-", flt], getfd=True)), label)
for fname, label in six.iteritems(offline))
else:
sniff_sockets[PcapReader(offline if flt is None else tcpdump(
offline, args=["-w", "-", flt], getfd=True))] = offline
if not sniff_sockets or iface is not None:
if L2socket is None:
L2socket = conf.L2listen
if isinstance(iface, list):
sniff_sockets.update(
(L2socket(type=ETH_P_ALL, iface=ifname, *arg, **karg),
ifname) for ifname in iface)
elif isinstance(iface, dict):
sniff_sockets.update(
(L2socket(type=ETH_P_ALL, iface=ifname, *arg, **karg),
iflabel) for ifname, iflabel in six.iteritems(iface))
else:
sniff_sockets[L2socket(type=ETH_P_ALL,
iface=iface,
*arg,
**karg)] = iface
# Get select information from the sockets
_main_socket = next(iter(sniff_sockets))
read_allowed_exceptions = _main_socket.read_allowed_exceptions
select_func = _main_socket.select
_backup_read_func = _main_socket.__class__.recv
nonblocking_socket = _main_socket.nonblocking_socket
# We check that all sockets use the same select(), or raise a warning
if not all(select_func == sock.select for sock in sniff_sockets):
warning("Warning: inconsistent socket types ! "
"The used select function "
"will be the one of the first socket")
# Fill if empty
if not read_allowed_exceptions:
read_allowed_exceptions = (IOError, )
if nonblocking_socket:
# select is non blocking
def stop_cb():
self.continue_sniff = False
self.stop_cb = stop_cb
close_pipe = None
else:
# select is blocking: Add special control socket
from scapy.automaton import ObjectPipe
close_pipe = ObjectPipe()
sniff_sockets[close_pipe] = "control_socket"
def stop_cb():
if self.running:
close_pipe.send(None)
self.continue_sniff = False
self.stop_cb = stop_cb
try:
if started_callback:
started_callback()
self.continue_sniff = True
# Start timeout
if timeout is not None:
stoptime = time.time() + timeout
remain = None
while sniff_sockets and self.continue_sniff:
if timeout is not None:
remain = stoptime - time.time()
if remain <= 0:
break
sockets, read_func = select_func(sniff_sockets, remain)
read_func = read_func or _backup_read_func
dead_sockets = []
for s in sockets:
if s is close_pipe:
break
try:
p = read_func(s)
except EOFError:
# End of stream
dead_sockets.append(s)
continue
except read_allowed_exceptions:
continue
except Exception as ex:
msg = " It was closed."
try:
# Make sure it's closed
s.close()
except Exception as ex:
msg = " close() failed with '%s'" % ex
warning("Socket %s failed with '%s'." % (s, ex) + msg)
dead_sockets.append(s)
continue
if p is None:
continue
if lfilter and not lfilter(p):
continue
p.sniffed_on = sniff_sockets[s]
c += 1
# on_packet_received handles the prn/storage
session.on_packet_received(p)
# check
if (stop_filter and stop_filter(p)) or (0 < count <= c):
self.continue_sniff = False
break
# Removed dead sockets
for s in dead_sockets:
del sniff_sockets[s]
except KeyboardInterrupt:
pass
self.running = False
if opened_socket is None:
for s in sniff_sockets:
s.close()
elif close_pipe:
close_pipe.close()
self.results = session.toPacketList()