예제 #1
0
 def decode(self, aBuffer):
     arp = ImpactPacket.ARP(aBuffer)
     self.set_decoded_protocol(arp)
     off = arp.get_header_size()
     self.data_decoder = DataDecoder()
     packet = self.data_decoder.decode(aBuffer[off:])
     arp.contains(packet)
     return arp
예제 #2
0
 def get_arp(self, sha, spa, tha, tpa, arp_type):
     ethernet_layer = ImpactPacket.Ethernet()
     arp_layer = ImpactPacket.ARP()
     ethernet_layer.contains(arp_layer)
     arp_layer.set_ar_hrd(1)  # Hardware type Ethernet
     arp_layer.set_ar_pro(0x800)  # IP
     arp_layer.set_ar_op(arp_type)
     arp_layer.set_ar_hln(6)
     arp_layer.set_ar_pln(4)
     arp_layer.set_ar_sha(
         self.addresses_helper.get_mac_in_list_format2(sha))
     arp_layer.set_ar_spa(self.addresses_helper.get_ip_in_list_format(spa))
     arp_layer.set_ar_tha(
         self.addresses_helper.get_mac_in_list_format2(tha))
     arp_layer.set_ar_tpa(self.addresses_helper.get_ip_in_list_format(tpa))
     ethernet_layer.set_ether_shost(arp_layer.get_ar_sha())
     ethernet_layer.set_ether_dhost(arp_layer.get_ar_tha())
     return ethernet_layer
예제 #3
0
    def buildAnswer(self, in_onion):
        eth = ImpactPacket.Ethernet()
        arp = ImpactPacket.ARP()
        eth.contains(arp)

        arp.set_ar_hrd(1)  # Hardward type Ethernet
        arp.set_ar_pro(0x800)  # IP
        arp.set_ar_op(2)  # REPLY
        arp.set_ar_hln(6)
        arp.set_ar_pln(4)
        arp.set_ar_sha(string2tuple(self.machine.macAddress))
        arp.set_ar_spa(string2tuple(self.machine.ipAddress))
        arp.set_ar_tha(in_onion[O_ARP].get_ar_sha())
        arp.set_ar_tpa(in_onion[O_ARP].get_ar_spa())

        eth.set_ether_shost(arp.get_ar_sha())
        eth.set_ether_dhost(arp.get_ar_tha())

        return [eth, arp]
예제 #4
0
def handle_arp(pcap, wire_packet):
    arp = wire_packet.child()
    if arp.get_op_name(arp.get_ar_op()) == 'REQUEST' and arp.as_pro(
            arp.get_ar_tpa()) == OUR_IP:
        reply = build_ethernet_reply(wire_packet, ImpactPacket.ARP.ethertype)

        reply_arp = ImpactPacket.ARP()
        reply_arp.set_ar_op(2)  # reply
        reply_arp.set_ar_hrd(1)  # ethernet
        reply_arp.set_ar_pro(ImpactPacket.IP.ethertype)
        reply_arp.set_ar_hln(6)
        reply_arp.set_ar_pln(4)
        reply_arp.set_ar_tpa(arp.get_ar_spa())
        reply_arp.set_ar_spa(arp.get_ar_tpa())
        reply_arp.set_ar_tha(arp.get_ar_sha())
        reply_arp.set_ar_sha(OUR_MAC_ARRAY)

        reply.contains(reply_arp)
        reply_str = reply.get_packet()
        pcap_sendpacket(pcap, cast(reply_str, POINTER(u_char)), len(reply_str))
예제 #5
0
    def arp_reply(self, arp_pkt):
        """Function creates and sends back an ARP reply
        Args:
            arp_pkt : received arp packet
        """
        # arp packet
        reply_arp = ImpactPacket.ARP()
        reply_arp.set_ar_hln(6)  # Ethernet size 6
        reply_arp.set_ar_pln(4)  # IPv4 size 4
        reply_arp.set_ar_hrd(
            1)  # 1:'ARPHRD ETHER', 6:'ARPHRD IEEE802', 15:'ARPHRD FRELAY'
        reply_arp.set_ar_op(
            2
        )  # 1:'REQUEST', 2:'REPLY', 3:'REVREQUEST', 4:'REVREPLY', 8:'INVREQUEST', 9:'INVREPLY'
        reply_arp.set_ar_pro(0x800)  # IPv4 0x800
        mac = [int(i, 16) for i in self.mac.split(':')]
        target_ip = unicode('.'.join(map(str, arp_pkt.get_ar_tpa())))
        for d in self.devices:
            if target_ip in d.bind_list:
                mac = [int(i, 16) for i in d.mac.split(':')]
                break
        reply_arp.set_ar_sha(mac)
        reply_arp.set_ar_tha(arp_pkt.get_ar_sha())
        reply_arp.set_ar_spa(arp_pkt.get_ar_tpa())
        reply_arp.set_ar_tpa(arp_pkt.get_ar_spa())

        # ethernet frame
        reply_eth = ImpactPacket.Ethernet()
        reply_eth.set_ether_type(0x800)
        reply_eth.set_ether_shost(mac)
        reply_eth.set_ether_dhost(arp_pkt.get_ar_sha())
        reply_eth.contains(reply_arp)

        logger.debug('Sending reply: %s', reply_eth)
        # send raw frame
        try:
            self.pcapy_object.sendpacket(reply_eth.get_packet())
        except pcapy.PcapError as ex:
            logger.exception('Exception: Cannot send reply packet: %s', ex)
예제 #6
0
#Generate arp packets with randomly
#s = socket(AF_INET, SOCK_RAW)
s = socket(AF_PACKET, SOCK_RAW)
s.bind(("h4-eth0", 0x0806))

pktid = 0
while (pktid <= 100000000):
    eth = ImpactPacket.Ethernet()
    forged_mac = randomMAC()
    eth.set_ether_shost(randomMAC())
    eth.set_ether_dhost(randomMAC())
    eth.set_ether_type(0x0806)
    print "send packet #", pktid, "with src_mac:", ':'.join(
        map(lambda x: "%02x" % x, forged_mac))
    arp = ImpactPacket.ARP(
    )  # create the arp packet that will be inside of layer 1
    arp.set_ar_hrd(0x0001)  #  set hardware type to  ARPHRD ETHER  (ethernet)
    arp.set_ar_op(
        0x01
    )  # Set tyoe to Arp Reply (0x02 = Reply, 0x04 = RevReply, 0x03 = RevRequest)
    arp.set_ar_pro(0x800)  # 2048 (Set to standard IP protocol)
    arp.set_ar_hln(6)  # Length should be 6 (octaves of mac address)
    arp.set_ar_pln(4)  # should be 4 (octaves of i.p. address)
    #arp.set_ar_spa(string2tuple("10.0.0.253")) # Set source I.P. in arp reply.
    #arp.set_ar_tpa(string2tuple("10.0.0.254")) # Set target I.P. in arp reply.
    #arp.set_ar_tha([0xFF,0xFF,0xFF,0xFF,0xFF,0xFF]) # Target of the packet, could be broadcast
    #arp.set_ar_sha(forged_mac) # Source of the packet (this is our own MAC, so they can reply to us)

    eth.contains(
        arp
    )  # Encapsulate the arp packet, wrap the ethernet layer 1 packet around it.