def __init__(self, logger, interface, pidfile, stdout, stderr):
"""Initialises several things needed to define the daemons behaviour.
Args:
logger (logging.Logger): Used for logging messages.
interface (str): The network interface which should be used. (e.g. eth0)
pidfile (str): Path of the pidfile, used by the daemon.
stdout (str): Path of stdout, used by the daemon.
stderr (str): Path of stderr, used by the daemon.
Raises:
DaemonError: Signalises the failure of the daemon.
"""
super(self.__class__, self).__init__(logger, interface, pidfile, stdout, stderr)
self.sniffthread = HolisticSniffThread(self.interface, self.gateway, self.mac, self.gate_mac)
self.sniffthread.daemon = True
class HolisticDaemonApp(_DaemonApp):
"""Implements the abstract class _DaemonApp and also implements the holistic spoofing mode of Apate.
The holistic spoofing mode requires less resources than the selective spoofing mode,
e.g.: redis-server is not needed. This mode is suitable for small networks (e.g. /24).
"""
__SLEEP = 20
"""int: Defines the time to sleep after packets are sent before they are sent anew."""
def __init__(self, logger, interface, pidfile, stdout, stderr, dns_file):
"""Initialises several things needed to define the daemons behaviour.
Args:
logger (logging.Logger): Used for logging messages.
interface (str): The network interface which should be used. (e.g. eth0)
pidfile (str): Path of the pidfile, used by the daemon.
stdout (str): Path of stdout, used by the daemon.
stderr (str): Path of stderr, used by the daemon.
dns_file (str): Path of file containing the nameservers.
Raises:
DaemonError: Signalises the failure of the daemon.
"""
super(self.__class__, self).__init__(logger, interface, pidfile,
stdout, stderr, dns_file)
self.sniffthread = HolisticSniffThread(self.interface, self.ipv4,
logger)
self.sniffthread.daemon = True
def _return_to_normal(self):
"""This method is called when the daemon is stopping.
First, sends a GARP broadcast request to all clients to tell them the real gateway.
Then an ARP request is sent to every client, so that they answer the real gateway and update its ARP cache.
"""
# clients gratutious arp
sendp(
Ether(dst=ETHER_BROADCAST) / ARP(op=1,
psrc=self.ipv4.gateway,
pdst=self.ipv4.gateway,
hwdst=ETHER_BROADCAST,
hwsrc=self.ipv4.gate_mac))
# to clients so that they send and arp reply to the gateway
# sendp(Ether(dst=ETHER_BROADCAST) / ARP(op=1, psrc=self.gateway, pdst=str(self.network), hwsrc=self.gate_mac))
def exit(self, signal_number, stack_frame):
"""This method is called from the python-daemon when the daemon is stopping.
Threads are stopped and clients are despoofed via _return_to_normal().
"""
self._return_to_normal()
raise SystemExit()
def run(self):
"""Starts the thread, which is sniffing incoming ARP packets and sends out packets to spoof
all clients on the network and the gateway. This packets are sent every __SLEEP seconds.
Note:
First, a ARP request packet is generated for every possible client of the network.
This packets are directed at the gateway and update existing entries of the gateway's ARP table.
So the gateway is not flooded with entries for non-existing clients.
Second, a GARP broadcast request packet is generated to spoof every client on the network.
"""
# start sniffing thread
self.sniffthread.start()
# generates a packet for each possible client of the network
# these packets update existing entries in the arp table of the gateway
# packets = [Ether(dst=self.gate_mac) / ARP(op=1, psrc=str(x), pdst=str(x)) for x in self.ip_range]
# gratuitous arp to clients
# updates the gateway entry of the clients arp table
packets = [
Ether(dst=ETHER_BROADCAST) / ARP(op=1,
psrc=self.ipv4.gateway,
pdst=self.ipv4.gateway,
hwdst=ETHER_BROADCAST)
]
while True:
sendp(packets)
time.sleep(self.__SLEEP)
class HolisticDaemonApp(_DaemonApp):
"""Implements the abstract class _DaemonApp and also implements the holistic spoofing mode of Apate.
The holistic spoofing mode requires less resources than the selective spoofing mode,
e.g.: redis-server is not needed. This mode is suitable for small networks (e.g. /24).
"""
__SLEEP = 20
"""int: Defines the time to sleep after packets are sent before they are sent anew."""
def __init__(self, logger, interface, pidfile, stdout, stderr):
"""Initialises several things needed to define the daemons behaviour.
Args:
logger (logging.Logger): Used for logging messages.
interface (str): The network interface which should be used. (e.g. eth0)
pidfile (str): Path of the pidfile, used by the daemon.
stdout (str): Path of stdout, used by the daemon.
stderr (str): Path of stderr, used by the daemon.
Raises:
DaemonError: Signalises the failure of the daemon.
"""
super(self.__class__, self).__init__(logger, interface, pidfile, stdout, stderr)
self.sniffthread = HolisticSniffThread(self.interface, self.gateway, self.mac, self.gate_mac)
self.sniffthread.daemon = True
def _return_to_normal(self):
"""This method is called when the daemon is stopping.
First, sends a GARP broadcast request to all clients to tell them the real gateway.
Then an ARP request is sent to every client, so that they answer the real gateway and update its ARP cache.
"""
# clients gratutious arp
sendp(
Ether(dst=ETHER_BROADCAST) / ARP(op=1, psrc=self.gateway, pdst=self.gateway, hwdst=ETHER_BROADCAST,
hwsrc=self.gate_mac))
# to clients so that they send and arp reply to the gateway
sendp(Ether(dst=ETHER_BROADCAST) / ARP(op=1, psrc=self.gateway, pdst=str(self.network), hwsrc=self.gate_mac))
def exit(self, signal_number, stack_frame):
"""This method is called from the python-daemon when the daemon is stopping.
Threads are stopped and clients are despoofed via _return_to_normal().
"""
self._return_to_normal()
raise SystemExit()
def run(self):
"""Starts the thread, which is sniffing incoming ARP packets and sends out packets to spoof
all clients on the network and the gateway. This packets are sent every __SLEEP seconds.
Note:
First, a ARP request packet is generated for every possible client of the network.
This packets are directed at the gateway and update existing entries of the gateway's ARP table.
So the gateway is not flooded with entries for non-existing clients.
Second, a GARP broadcast request packet is generated to spoof every client on the network.
"""
# start sniffing thread
self.sniffthread.start()
# generates a packet for each possible client of the network
# these packets update existing entries in the arp table of the gateway
packets = [Ether(dst=self.gate_mac) / ARP(op=1, psrc=str(x), pdst=str(x)) for x in self.ip_range]
# gratuitous arp to clients
# updates the gateway entry of the clients arp table
packets.append(Ether(dst=ETHER_BROADCAST) / ARP(op=1, psrc=self.gateway, pdst=self.gateway,
hwdst=ETHER_BROADCAST))
while True:
sendp(packets)
time.sleep(self.__SLEEP)
