def run(self):
reverseReady = False
first = True
name = threading.currentThread().getName() + str(self.__class__)
if DEBUG: print 'START %s' % name
while True:
buf = self.source.recv(BUFFER_SIZE)
if not buf: break
p = icmp.ICMPPacket()
data = p.parse(buf, DEBUG)
#code, address, ident, data = rip(buf)
global ICMPID
ICMPID = p.id
code = int(p.code)
address = socket.inet_ntoa(p.src)
if int(code) != DRINKER: continue
if not reverseReady:
if DEBUG: print '%s: Got the 1st ICMP packet.' % name
self.sink.connect((self.TCP_ADDRESS))
if DEBUG:
print '%s: TCP ESTABLISHED: %s -> %s' % (
name, self.sink.getsockname(), self.sink.getpeername())
T2I_pipe(self.sink, self.source, address).start()
time.sleep(1)
reverseReady = True
first = False
else:
self.sink.send(data)
# else:
# if DEBUG: print '%s: Got an ICMP packet not from the drinker' % name
if DEBUG:
print '%s: ICMP from %s RELAYto %s -> %s' % \
(name, address, self.sink.getsockname(), self.sink.getpeername())
def run(self):
name = threading.currentThread().getName() + str(self.__class__)
if DEBUG: print 'START %s' % name
while True:
buf = self.source.recv(BUFFER_SIZE)
if not buf: break
p = icmp.ICMPPacket()
data = p.parse(buf, DEBUG)
global ICMPID
ICMPID = p.id
code = int(p.code)
address = socket.inet_ntoa(p.src)
if int(code) != DRINKER: continue
if data == 'Halo':
if self.sink != None:
print '%s: Already got a connection.' % name
continue
if DEBUG: print '%s: Got an ICMP SYN packet.' % name
self.sink = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.sink.connect((self.TCP_ADDRESS))
if DEBUG: print '%s: TCP ESTABLISHED: %s -> %s' % \
(name, self.sink.getsockname(), self.sink.getpeername())
T2I_pipe(self.sink, self.source, address).start()
time.sleep(1)
elif data == 'Olah':
self.sink.close()
self.sink = None
else:
self.sink.send(data)
if DEBUG:
print '%s: ICMP from %s RELAYto %s -> %s' % \
(name, address, self.sink.getsockname(), self.sink.getpeername())
def _send(self, host, data: bytes):
if len(data) % 2 == 1:
data = b'\x00' + data
packet = icmp.ICMPPacket(self.ICMP_SEND, self.ICMP_CODE, 0, self.my_id,
0, data).create()
self.icmp_socket.sendto(packet, (host, 1))
def tcp_data_handler(self, sock):
sdata = sock.recv(TCP_BUFFER_SIZE)
# if no data the socket may be closed/timeout/EOF
len_sdata = len(sdata)
code = 0 if len_sdata > 0 else 1
new_packet = icmp.ICMPPacket(icmp.ICMP_ECHO_REQUEST, code,
0, 0, 0, sdata,
self.tcp_socket.getsockname(), self.dest)
packet = new_packet.create()
self.icmp_socket.sendto(packet, (self.proxy, 1))
if code == 1:
exit() #exit thread
def run(self):
name = threading.currentThread().getName() + str(self.__class__)
if DEBUG: print 'START %s' % name
while True:
buf = self.source.recv(BUFFER_SIZE)
if not buf: break
p = icmp.ICMPPacket()
data = p.parse(buf, DEBUG)
code = int(p.code)
address = socket.inet_ntoa(p.src)
if int(code) != TARGET: continue
self.sink.send(data)
if DEBUG: print '%s: ICMP from %s RELAYto %s -> %s' % \
(name, address, self.sink.getsockname(), self.sink.getpeername())
def target_to_client(self, sock):
"""
Receiving TCP packets from the target server. Wraping them in ICMP and forwarding them to the client
"""
logger.debug(
"Receiving TCP packets from the target. Wraping them in ICMP and forwarding to the client server"
)
try:
sdata = sock.recv(TCP_BUFFER_SIZE)
except OSError:
return
new_packet = icmp.ICMPPacket(icmp.ICMP_ECHO_REPLY, 0, sdata, self.dest)
packet = new_packet.build_raw_icmp()
self.icmp_send_socket.sendto(packet, (self.source, 0))
def client_to_tunnel(self, sock):
"""
Forwarding the TCP packets received from the client server to the tunnel server.
Wraping the TCP in ICMP during the procedure.
"""
logger.debug(
"Receiving TCP packets from the client. Wraping them in ICMP and forwarding to the tunnel server"
)
try:
sdata = sock.recv(TCP_BUFFER_SIZE)
except socket.error:
logger.warning("The tunnel server closed its socket")
sdata = ""
# if no data the socket may be closed/timeout/EOF
len_sdata = len(sdata)
code = 0 if len_sdata > 0 else 1
new_packet = icmp.ICMPPacket(icmp.ICMP_ECHO_REQUEST, code, sdata,
self.dest)
packet = new_packet.build_raw_icmp()
self.icmp_socket.sendto(packet, (self.tunnel_server, 1))
if code == 1:
self.exit_thread()
import socket, sys, icmp
p = icmp.ICMPPacket()
duf = p.create(0, 88, 0, 0, 'Sent from the server.')
print socket.gethostname()
s = socket.socket(socket.AF_INET, socket.SOCK_RAW,
socket.getprotobyname("icmp"))
for x in xrange(5):
buf = s.recv(1024)
p.parse(buf, True)
print str(buf[28:])
# s.sendto(duf, ('localhost', 22))
def tcp_data_handler(self, sock):
sdata = sock.recv(TCP_BUFFER_SIZE)
new_packet = icmp.ICMPPacket(icmp.ICMP_ECHO, 0, 0, 0, 0, sdata,
self.source, self.dest)
packet = new_packet.create()
self.icmp_socket.sendto(packet, (self.source, 0))
def run(self):
self.icmpfd = socket.socket(
socket.AF_INET,
socket.SOCK_RAW,
socket.getprotobyname("icmp"),
)
self.clients = {}
packet = icmp.ICMPPacket()
self.client_seqno = 1
while True:
rset = select.select([self.icmpfd, self.tfd], [], [])[0]
for r in rset:
if r == self.tfd:
if DEBUG:
os.write(1, ">")
data = os.read(self.tfd, MTU)
if MODE == 1: # Server
for key in self.clients:
buf = packet.create(
0,
CODE + 1,
self.clients[key]["id"],
self.clients[key]["seqno"],
data,
)
self.clients[key]["seqno"] += 1
self.icmpfd.sendto(
buf,
(self.clients[key]["ip"], 22),
)
# Remove timeout clients
curTime = time.time()
for key in self.clients.keys():
if curTime - self.clients[key]["aliveTime"] \
> TIMEOUT:
print "Remove timeout client", \
self.clients[key]["ip"]
del self.clients[key]
else: # Client
buf = packet.create(8, CODE, PORT, self.client_seqno,
data)
self.client_seqno += 1
self.icmpfd.sendto(buf, (IP, 22))
elif r == self.icmpfd:
if DEBUG:
os.write(1, "<")
buf = self.icmpfd.recv(icmp.BUFFER_SIZE)
data = packet.parse(buf, DEBUG)
ip = socket.inet_ntoa(packet.src)
if packet.code in (CODE, CODE + 1):
if MODE == 1: # Server
key = struct.pack("4sH", packet.src, packet.id)
if key not in self.clients:
# New client comes
if data == SHARED_PASSWORD:
self.clients[key] = {
"aliveTime": time.time(),
"ip": ip,
"id": packet.id,
"seqno": packet.seqno,
}
print "New Client from %s:%d" \
% (ip, packet.id)
else:
print "Wrong password from %s:%d" \
% (ip, packet.id)
buf = packet.create(
0,
CODE + 1,
packet.id,
packet.seqno,
"PASSWORD" * 10,
)
self.icmpfd.sendto(buf, (ip, 22))
else:
# Simply write the packet to local
# or forward them to other clients ???
os.write(self.tfd, data)
self.clients[key]["aliveTime"] = time.time()
else: # Client
if data.startswith("PASSWORD"):
# Do login
buf = packet.create(
8,
CODE,
packet.id,
self.client_seqno,
SHARED_PASSWORD,
)
self.client_seqno += 1
self.icmpfd.sendto(buf, (ip, 22))
else:
os.write(self.tfd, data)
def wrap(data, code, ident, type_):
p = icmp.ICMPPacket()
global count
count += 1
return p.create(type_, code, ident, count, data)
def rip(self, data):
packet = icmp.ICMPPacket()
buf = packet.parse(data, True)
return buf
def wrap(self, data):
packet = icmp.ICMPPacket()
buf = packet.create(8, 88, 0, 0, data)
return buf
def rip(data): p = icmp.ICMPPacket() buf = p.parse(data, False) return p.code, p.src, buf
def wrap(data, code): p = icmp.ICMPPacket() return p.create(0, code, 0, 0, data)
