def run(self):
sh = shell.Shell()
while self.running:
# Get the list of targets (only those ones availables on our interface)
arp = sh.arp("-nai %s" %self.iface.name)[0]
for l in arp.split("\n"):
if not l:
continue
# Get the details of the hosts
data = l.split()
ip = data[1][1:-1] # Remove parenthesis
mac= data[3]
if ip not in self.scanlist or not utils.is_mac(mac):
continue # Skip this host (incomplete or not in scanlist)
# Check if the host is already in the list
targ = self.targetlist.get_bymac(mac)
if not targ:
self.targetlist.append(target.Target(ip, mac))
else:
targ.seen()
# Don't continue if the thread was requested to terminate it's activity
if not self.running:
break
def gateway(self):
"""
Returns the network gateway, None if not found.
"""
# Execute netstat to get the routing table
netst = shell.Shell().netstat("-nr")[0]
netst = netst[2:].split("\n")
for l in netst:
# Look for a valid Route "U", and a gateway "G"
if "UG" in l:
return l.split()[1]
return None
def arp_read(addr):
"""
Reads the arp cache for a concrete address mac or ip address and returns the other one(*).
Returns None if addr is not in the cache.
(*)if addr is IP -> returns its MAC/ if addr is MAC -> returns its IP.
"""
cache = shell.Shell().arp("-na")[0]
cache = cache.split("\n")
for l in cache:
if re.search(addr, l):
if is_ip(addr):
return l.split()[3]
if is_mac(addr):
return l.split()[1][1:-1] # Skip parentheses
else:
raise ValueError(
"addr must be either a valid IP or MAC address")
return None
def update_network(self):
"""
Update the network details
"""
if self.opt.core.use_mac:
cfg = utils.get_iface(self.opt.core.iface)
if cfg["inet"] is None:
raise exceptions.EthercutException(
"Couldn't determine %s IP address, make sure it " +
"is connected and propertly configured")
# Save the original mac to restore it later
self.original_mac = cfg["hw"]
self.ui.msg("Changing MAC address to: %s" %
CStr(self.opt.core.use_mac).yellow)
shell.Shell().change_mac(self.opt.core.iface,
self.opt.core.use_mac)
self.iface = link.Link(self.opt.core.iface)
# Network
self.network = network.Network(self.iface.ip, self.iface.netmask)
# Try to find the network gateway
gwip = self.opt.core.gateway or self.network.gateway
gwhw = utils.arp_read(gwip)
if gwip is None or gwhw is None:
raise exceptions.EthercutException(
"Ethercut wasn't able to find the network gateway, " +
"please check your network configuration")
self.gateway = target.Target(gwip, gwhw)
self.ui.msg("[%s] %s" % (CStr("IFACE").cyan, self.iface))
self.ui.msg("[%s] %s" % (CStr("GATEWAY").cyan, repr(self.gateway)))
# Update the context
ctx.iface = self.iface
ctx.network = self.network
ctx.gateway = self.gateway
def darwin_check_forward():
shell.Shell().execute("sysctl net.inet.ip.forwarding ")[0].split(" ")[1]
def darwin_disable_forward():
shell.Shell().execute("sysctl -w net.inet.ip.forwarding=0")
def get_iface(iface):
"""
Returns a dictionary containing relevant information about a given intreface parsing the
output of ifconfig.
Information will be stored as a dictionary as follows:
{"iface": {"hw": "00:00:00:00:00:00", "inet": "192.168.2.37", ...}}
hw: hardware address
inet: IPv4 address
bcast: broadcast address
netmask: network mask
inet6: IPv6 address
mtu: maximum transmission unit
NOTE: Currently only handles Linux ifconfig output
"""
# Run ifconfig
ifcnf = shell.Shell().ifconfig(iface)
if not ifcnf[0]:
raise ValueError("%s" % ifcnf[1])
cnf = ifcnf[0].split("\n")
ret = {
"hw": None,
"inet": None,
"bcast": None,
"netmask": None,
"inet6": None,
"mtu": None
}
if const.LINUX:
for line in cnf:
m = re.search("HWaddr[\s]+([0-9A-Fa-f]{1,2}\:){5}[0-9A-Fa-f]{1,2}",
line)
if m:
ret["hw"] = m.group().split()[1]
m = re.search("inet addr:[\s]*([0-9]{1,3}.){3}[0-9]{1,3}", line)
if m:
ret["inet"] = m.group()[10:].strip()
m = re.search("Bcast:[\s]*([0-9]{1,3}.){3}[0-9]{1,3}", line)
if m:
ret["bcast"] = m.group()[6:].strip()
m = re.search("Mask:[\s]*([0-9]{1,3}.){3}[0-9]{1,3}", line)
if m:
ret["netmask"] = m.group()[5:].strip()
m = re.search("inet6 addr:[\s]*[0-9a-fA-F:]+/[0-9]+", line)
if m:
ret["inet6"] = m.group()[11:].strip()
m = re.search("MTU:[\s]*[0-9]+", line)
if m:
ret["mtu"] = m.group()[4:].strip()
elif const.DARWIN:
for line in cnf:
m = re.search("ether[\s]+([0-9A-Fa-f]{1,2}\:){5}[0-9A-Fa-f]{1,2}",
line)
if m:
ret["hw"] = m.group().split()[1]
m = re.search("inet[\s]([0-9]{1,3}.){3}[0-9]{1,3}", line)
if m:
ret["inet"] = m.group().split()[1].strip()
m = re.search("broadcast[\s]([0-9]{1,3}.){3}[0-9]{1,3}", line)
if m:
ret["bcast"] = m.group().split()[1].strip()
m = re.search("netmask[\s]0x[0-9a-f]{8}", line)
if m:
# In OSX, the netmask is in hex format, we need to change it to a dotted address
netmask = int(m.group().split()[1].strip(), 0)
ret["netmask"] = ntoa(netmask)
m = re.search("inet6[\s][0-9a-fA-F:]+/[0-9]+", line)
if m:
ret["inet6"] = m.group().split()[1].strip()
m = re.search("mtu[\s][0-9]+", line)
if m:
ret["mtu"] = m.group().split()[1].strip()
return ret