def packet_factory(packet): inj = libnet.context(LINK, "wlp3s0") srcip = socket.inet_ntoa(inj.get_ipaddr4()) tcptag = inj.build_tcp(dp=packet['TCP_SPORT'], sp=packet['TCP_DPORT'], control=TH_RST, seq=packet['TCP_ACK_NUM'], ack=packet['TCP_SEQ_NUM'] + 1) iptag = inj.build_ipv4(prot=IPPROTO_TCP, dst=socket.inet_aton(packet['IP_SRC']), src=socket.inet_aton(packet['IP_DST'])) ethtag = inj.build_ethernet(dst=inj.hex_aton(packet['ETH_SHOST']), src=inj.hex_aton(packet['ETH_DHOST'])) inj.write() del inj return
def pkt_builder(self, packet): self.wire = libnet.context(LINK, self.iface) tcptag = self.wire.build_tcp( dp = packet['TCP_SPORT'], sp = packet['TCP_DPORT'], control = TH_RST, seq = packet['TCP_ACK_NUM'], ack = packet['TCP_SEQ_NUM']+1, payload = self.unique_id ) iptag = self.wire.build_ipv4( prot = IPPROTO_TCP, dst = socket.inet_aton(packet['IP_SRC']), src = socket.inet_aton(packet['IP_DST']) ) ethtag = self.wire.build_ethernet( dst = self.wire.hex_aton(packet['ETH_SHOST']), src = self.wire.hex_aton(packet['ETH_DHOST']) )
# Check if the dstination IP and network interface if not (options.dstip and options.netif): print "\nError: Options -i interface and -d host are mandatories.\n" parser.print_help() sys.exit(0) #Test if ICMP Type is REQUEST or REPLY if options.iechorep: itype = ICMP_ECHOREPLY else: itype = ICMP_ECHO #Initialize libnet context inj = libnet.context(RAW4, options.netif) if not inj: print "\nInitialization failed! Please check if you have rights or if you have entered a valid network interface or valid dst IP\n." parser.print_help() sys.exit(0) if options.srcip == 0: options.srcip = inj.get_ipaddr4() else: options.srcip = inj.name2addr4(options.srcip, RESOLVE) # With PyLibnet you have to start to building packets from the upper layer. In this case ICMP icmptag = inj.build_icmpv4_echo(type=itype, code=1, seq=1, payload=options.payload) options.dstip = inj.name2addr4(options.dstip, RESOLVE)
#!/usr/bin/python import sys import libnet from libnet.constants import * # params:1 - The injection type, 2 - Device name l = libnet.context(LINK, 'eth0') # Let's get the network byte ordered representation of this IP dst_ip = l.name2addr4('10.0.0.9', DONT_RESOLVE) dst = 'ffffffffffff' dst_mac = dst.decode("hex") src = '001d92e08f26' src_mac = src.decode("hex") arp_tag = l.autobuild_arp( 1, src_mac, dst_ip, dst_mac, dst_ip, ) eth_tag = l.autobuild_ethernet( dst_mac, 0x0806, ) # Now let's write the packet and check for an error # tcp syn google.com import time
""" Created on Tue Nov 20 09:06:42 2012 @author: Leniy #伪造dns请求 """ #!/usr/bin/python import sys import libnet from libnet.constants import * l = libnet.context( RAW4, # The injection type 'eth0' # Device name ) dst_ip = l.name2addr4( '10.0.0.197', # Let's get the network byte ordered representation of this IP DONT_RESOLVE ) src_ip = l.name2addr4( '10.0.0.31', # Let's get the network byte ordered representation of this IP DONT_RESOLVE ) #query import struct query=struct.pack('b3sb4sb3sbbbbb',3,'www',4,'sina',3,'com',0,0,1,0,1)
l.extend(['in-addr', 'arpa']) return toquery(l, TYPE.PTR, query_class) if __name__ == '__main__': # Parse the arguments parser = argparse.ArgumentParser(description='Creates and injects a UDP-based DNSV4 IN A query.') parser.add_argument('-i', metavar='interface', required=True, help='the injection interface.') parser.add_argument('-d', metavar='destination', required=True, help='the destination to resolve') parser.add_argument('-n', metavar='nameserver', required=True, help='DNS server.') parser.add_argument('-q', metavar='query_type', required=False, help='DNS query type (e.g. A, MX, NS, etc.).', default='A', choices=filter(lambda n: not(n.startswith('__')), dir(TYPE))) parser.add_argument('-c', metavar='query_class', required=False, help='DNS query type (e.g. A, MX, NS, etc.).', default='IN', choices=filter(lambda n: not(n.startswith('__')), dir(CLASS))) args = parser.parse_args(sys.argv[1:]) c = libnet.context(device=args.i, injection_type=RAW4) print 'Building DNS getheader:' dns_ptag = c.build_dnsv4(id=3,flags=256,num_q=1,num_anws_rr=0,num_auth_rr=0,num_addi_rr=0,payload=build_query(args.d, eval('TYPE.%s' % args.q), eval('CLASS.%s' % args.c))) print c.getheader(dns_ptag) print 'Building UDP getheader:' udp_ptag = c.build_udp(dp=53) print c.getheader(udp_ptag) print 'Building IPv4 getheader:' ipv4_ptag = c.build_ipv4(dst=c.name2addr4('4.2.2.1', DONT_RESOLVE), prot=17) print c.getheader(ipv4_ptag) print 'Sending packet:' print c.getpacket() c.write()
# Controls # Check if the dstination IP and network interface if not (options.dstip and options.netif): print "\nError: Options -i interface and -d host are mandatories.\n" parser.print_help() sys.exit(0) #Test if ICMP Type is REQUEST or REPLY if options.iechorep: itype = ICMP_ECHOREPLY else: itype = ICMP_ECHO #Initialize libnet context inj = libnet.context(RAW4, options.netif) if not inj: print "\nInitialization failed! Please check if you have rights or if you have entered a valid network interface or valid dst IP\n." parser.print_help() sys.exit(0) if options.srcip == 0: options.srcip = inj.get_ipaddr4() else: options.srcip = inj.name2addr4(options.srcip, RESOLVE) # With PyLibnet you have to start to building packets from the upper layer. In this case ICMP icmptag = inj.build_icmpv4_echo(type=itype, code=1, seq=1,
""" Created on Tue Nov 20 09:06:42 2012 @author: Leniy #伪造dns请求 """ #!/usr/bin/python import sys import libnet from libnet.constants import * l = libnet.context( RAW4, # The injection type 'eth0' # Device name ) dst_ip = l.name2addr4( '10.0.0.197', # Let's get the network byte ordered representation of this IP DONT_RESOLVE) src_ip = l.name2addr4( '10.0.0.31', # Let's get the network byte ordered representation of this IP DONT_RESOLVE) #query import struct query = struct.pack('b3sb4sb3sbbbbb', 3, 'www', 4, 'sina', 3, 'com', 0, 0, 1, 0, 1) dns_tag = l.build_dnsv4(