def send_tcp_fuzzed_reply(pkt): ip = IP() tcp = TCP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport send(ip/fuzz(tcp))
def send_tcp_reply(pkt, flag): ip = IP() tcp = TCP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src tcp.ack = pkt[TCP].ack tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport tcp.flags = flag print("[UDP] Sending TCP reply to %s" % ip.dst) data = "Tcp reply" send(ip / tcp / data)
def packetHandler(self, hdr, data): e = Ethernet(data) eoff = e.get_header_size() print "===============================================================" print "Eth:\n\thdrsize:%s\n\tsourceaddr:%s\n\tdestaddr:%s\n\tethtype:%s" % (eoff, num_from_barray(e.get_ether_shost()), num_from_barray(e.get_ether_dhost()), e.get_ether_type()) if e.get_ether_type() == IP.ethertype: ipdata = data[eoff:] i = IP(ipdata) ioff = i.get_header_size() print "\tproto:IP\n\t\tipversion:%s\n\t\thdrsize:%s\n\t\ttos:%s\n\t\tipsize:%s\n\t\tid:%s\n\t\tdf:%s\n\t\tmf:%s\n\t\toffset:%s\n\t\tttl:%s\n\t\tproto:%s\n\t\tsum:%s\n\t\tsrc:%s\n\t\tdst:%s" % (i.get_ip_v(), i.get_header_size(), i.get_ip_tos(), i.get_ip_len(), i.get_ip_id(), i.get_ip_df(), i.get_ip_mf(), i.get_ip_off(), i.get_ip_ttl(), i.get_ip_p(), i.get_ip_sum(), num_from_barray(i.get_ip_src().split('.')), num_from_barray(i.get_ip_dst().split('.'))) if i.get_ip_p() == UDP.protocol: udpdata = ipdata[ioff:] u = UDP(udpdata) print "\t\tproto:UDP\n\t\t\tsrcport:%s\n\t\t\tdstport:%s\n\t\t\tsize:%s\n\t\t\tcksum:%s" % (u.get_uh_sport(), u.get_uh_dport(), u.get_uh_ulen(), u.get_uh_sum()) elif i.get_ip_p() == TCP.protocol: tcpdata = ipdata[ioff:] t = TCP(tcpdata) print "\t\tproto:TCP\n\t\t\tsrcport:%s\n\t\t\tdstport:%s\n\t\t\tseq:%s\n\t\t\tack:%s\n\t\t\tflags:%s\n\t\t\twinsize:%s\n\t\t\tcksum:%s\n\t\t\turg:%s\n\t\t\topts:%s" % (t.get_th_sport(), t.get_th_dport(), t.get_th_seq(), t.get_th_ack(), t.get_th_flags(), t.get_th_win(), t.get_th_sum(), t.get_URG(), '0')#t.get_options() elif i.get_ip_p() == ICMP.protocol: icmpdata = ipdata[ioff:] ic = ICMP(icmpdata) print "\t\tproto:ICMP\n\t\t\ttype:%s\n\t\t\tcode:%s\n\t\t\tcksum:%s\n\t\t\tid:%s\n\t\t\tseq:%s\n\t\t\tgwaddr:%s\n\t\t\tmask:%s" % (ic.get_icmp_type(), ic.get_icmp_code(), ic.get_icmp_cksum(), ic.get_icmp_id(), ic.get_icmp_seq(), ic.get_icmp_gwaddr(), ic.get_icmp_mask()) else: print "\t\tunknown child protocol" elif e.get_ether_type() == ARP.ethertype: adata = data[eoff:] a = ARP(adata) print "\tproto:ARP\n\t\thrd:%s\n\t\tpro:%s\n\t\thlen:%s\n\t\tplen:%s\n\t\top:%s\n\t\tsha:%s\n\t\tspa:%s\n\t\ttha:%s\n\t\ttpa:%s" % (a.get_ar_hrd(), a.get_ar_pro(), a.get_ar_hln(), a.get_ar_pln(), a.get_ar_op(), num_from_barray(a.get_ar_sha()), num_from_barray(a.get_ar_spa()), num_from_barray(a.get_ar_tha()), num_from_barray(a.get_ar_tpa())) else: print "\tunknown child protocol" print "==============================================================="
def setUp(self): # TCP - sport: 60655, dport: 80, sec: 0, HLen: 40, Flags: 0x02, win_size: 5840 # cksum: 0x64cb, Options: 0x20 self.frame = '\xec\xef\x00\x50\xa8\xbd\xea\x4c\x00\x00\x00\x00\xa0\x02\x16\xd0' \ '\x64\xcb\x00\x00\x02\x04\x05\xb4\x04\x02\x08\x0a\x00\xdc\xd6\x12' \ '\x00\x00\x00\x00\x01\x03\x03\x06' self.tcp = TCP(self.frame)
class TestTCP(unittest.TestCase): def setUp(self): # TCP - sport: 60655, dport: 80, sec: 0, HLen: 40, Flags: 0x02, win_size: 5840 # cksum: 0x64cb, Options: 0x20 self.frame = '\xec\xef\x00\x50\xa8\xbd\xea\x4c\x00\x00\x00\x00\xa0\x02\x16\xd0' \ '\x64\xcb\x00\x00\x02\x04\x05\xb4\x04\x02\x08\x0a\x00\xdc\xd6\x12' \ '\x00\x00\x00\x00\x01\x03\x03\x06' self.tcp = TCP(self.frame) def test_01(self): 'Test TCP get_packet' self.assertEqual(self.tcp.get_packet(), self.frame) def test_02(self): 'Test TCP getters' self.assertEqual(self.tcp.get_th_sport(), 60655) self.assertEqual(self.tcp.get_th_dport(), 80) self.assertEqual(self.tcp.get_th_off()*4, 40) # *4 because are words self.assertEqual(self.tcp.get_th_flags(), 0x02) self.assertEqual(self.tcp.get_th_win(), 5840) self.assertEqual(self.tcp.get_th_sum(), 0x64cb) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_RST(), 0) def test_03(self): 'Test TCP port setters' self.tcp.set_th_sport(54321) self.assertEqual(self.tcp.get_th_sport(), 54321) self.tcp.set_th_dport(81) self.assertEqual(self.tcp.get_th_dport(), 81) def test_04(self): 'Test TCP offset setters' # test that set_th_off doesnt affect to flags flags = int('10101010',2) self.tcp.set_th_flags( flags ) self.assertEqual(self.tcp.get_th_flags(), flags) self.tcp.set_th_off(4) self.assertEqual(self.tcp.get_th_off(), 4) self.assertEqual(self.tcp.get_th_flags(), flags) def test_05(self): 'Test TCP win setters' self.tcp.set_th_win(12345) self.assertEqual(self.tcp.get_th_win(), 12345) def test_06(self): 'Test TCP checksum setters' self.tcp.set_th_sum(0xFEFE) self.assertEqual(self.tcp.get_th_sum(), 0xFEFE) def test_07(self): 'Test TCP flags setters' self.tcp.set_th_flags(0x03) # SYN+FIN self.assertEqual(self.tcp.get_th_flags(), 0x03) self.tcp.set_ACK() self.assertEqual(self.tcp.get_ACK(), 1) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_FIN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.assertEqual(self.tcp.get_th_flags(), 19) def test_08(self): 'Test TCP reset_flags' # Test 1 self.tcp.set_th_flags(19) # ACK+SYN+FIN self.assertEqual(self.tcp.get_th_flags(), 19) self.assertEqual(self.tcp.get_ACK(), 1) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_FIN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.tcp.reset_flags(0x02) self.assertEqual(self.tcp.get_th_flags(), 17) # Test 2 flags = int('10011', 2) # 19 = ACK+SYN+FIN self.tcp.set_th_flags(flags) self.assertEqual(self.tcp.get_th_flags(), 19) # 010011 # 000010 # ------ # 010001 = 17 self.tcp.reset_flags(int('000010',2)) self.assertEqual(self.tcp.get_th_flags(), 17) # Test 3 flags = int('10011', 2) # 19 = ACK+SYN+FIN self.tcp.set_th_flags(flags) self.assertEqual(self.tcp.get_th_flags(), 19) # 010011 # 010001 # ------ # 000010 = 2 self.tcp.reset_flags(int('010001',2)) self.assertEqual(self.tcp.get_th_flags(), 2) def test_09(self): 'Test TCP set_flags' flags = int('10101010',2) # 0xAA self.tcp.set_flags(flags) self.assertEqual(self.tcp.get_FIN(), 0) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.assertEqual(self.tcp.get_PSH(), 1) self.assertEqual(self.tcp.get_ACK(), 0) self.assertEqual(self.tcp.get_URG(), 1) self.assertEqual(self.tcp.get_ECE(), 0) self.assertEqual(self.tcp.get_CWR(), 1) self.assertEqual(self.tcp.get_th_flags(), 0xAA )
class TestTCP(unittest.TestCase): def setUp(self): # TCP - sport: 60655, dport: 80, sec: 0, HLen: 40, Flags: 0x02, win_size: 5840 # cksum: 0x64cb, Options: 0x20 self.frame = b'\xec\xef\x00\x50\xa8\xbd\xea\x4c\x00\x00\x00\x00\xa0\x02\x16\xd0' \ b'\x64\xcb\x00\x00\x02\x04\x05\xb4\x04\x02\x08\x0a\x00\xdc\xd6\x12' \ b'\x00\x00\x00\x00\x01\x03\x03\x06' self.tcp = TCP(self.frame) def test_01(self): 'Test TCP get_packet' self.assertEqual(self.tcp.get_packet(), self.frame) def test_02(self): 'Test TCP getters' self.assertEqual(self.tcp.get_th_sport(), 60655) self.assertEqual(self.tcp.get_th_dport(), 80) self.assertEqual(self.tcp.get_th_off() * 4, 40) # *4 because are words self.assertEqual(self.tcp.get_th_flags(), 0x02) self.assertEqual(self.tcp.get_th_win(), 5840) self.assertEqual(self.tcp.get_th_sum(), 0x64cb) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_RST(), 0) def test_03(self): 'Test TCP port setters' self.tcp.set_th_sport(54321) self.assertEqual(self.tcp.get_th_sport(), 54321) self.tcp.set_th_dport(81) self.assertEqual(self.tcp.get_th_dport(), 81) def test_04(self): 'Test TCP offset setters' # test that set_th_off doesn't affect to flags flags = int('10101010', 2) self.tcp.set_th_flags(flags) self.assertEqual(self.tcp.get_th_flags(), flags) self.tcp.set_th_off(4) self.assertEqual(self.tcp.get_th_off(), 4) self.assertEqual(self.tcp.get_th_flags(), flags) def test_05(self): 'Test TCP win setters' self.tcp.set_th_win(12345) self.assertEqual(self.tcp.get_th_win(), 12345) def test_06(self): 'Test TCP checksum setters' self.tcp.set_th_sum(0xFEFE) self.assertEqual(self.tcp.get_th_sum(), 0xFEFE) def test_07(self): 'Test TCP flags setters' self.tcp.set_th_flags(0x03) # SYN+FIN self.assertEqual(self.tcp.get_th_flags(), 0x03) self.tcp.set_ACK() self.assertEqual(self.tcp.get_ACK(), 1) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_FIN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.assertEqual(self.tcp.get_th_flags(), 19) def test_08(self): 'Test TCP reset_flags' # Test 1 self.tcp.set_th_flags(19) # ACK+SYN+FIN self.assertEqual(self.tcp.get_th_flags(), 19) self.assertEqual(self.tcp.get_ACK(), 1) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_FIN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.tcp.reset_flags(0x02) self.assertEqual(self.tcp.get_th_flags(), 17) # Test 2 flags = int('10011', 2) # 19 = ACK+SYN+FIN self.tcp.set_th_flags(flags) self.assertEqual(self.tcp.get_th_flags(), 19) # 010011 # 000010 # ------ # 010001 = 17 self.tcp.reset_flags(int('000010', 2)) self.assertEqual(self.tcp.get_th_flags(), 17) # Test 3 flags = int('10011', 2) # 19 = ACK+SYN+FIN self.tcp.set_th_flags(flags) self.assertEqual(self.tcp.get_th_flags(), 19) # 010011 # 010001 # ------ # 000010 = 2 self.tcp.reset_flags(int('010001', 2)) self.assertEqual(self.tcp.get_th_flags(), 2) def test_09(self): 'Test TCP set_flags' flags = int('10101010', 2) # 0xAA self.tcp.set_flags(flags) self.assertEqual(self.tcp.get_FIN(), 0) self.assertEqual(self.tcp.get_SYN(), 1) self.assertEqual(self.tcp.get_RST(), 0) self.assertEqual(self.tcp.get_PSH(), 1) self.assertEqual(self.tcp.get_ACK(), 0) self.assertEqual(self.tcp.get_URG(), 1) self.assertEqual(self.tcp.get_ECE(), 0) self.assertEqual(self.tcp.get_CWR(), 1) self.assertEqual(self.tcp.get_th_flags(), 0xAA)
def send_tcp_auto_reply(pkt, flag='PA'): # p = IP()/TCP(flags=flag) # for further use - we can get char of the flags instead of hex # [flags[x] for x in p.sprintf(flag)] if flag == 'SA': #handled 3 ways handshake print("TCP 3 ways handshake send") ip = IP() tcp = TCP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport tcp.ack = pkt[TCP].seq + 1 tcp.seq = pkt[TCP].ack tcp.flags = flag send(ip / tcp) else: print("Send tcp reply") ip = IP() tcp = TCP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src tcp.ack = pkt[TCP].seq tcp.seq = pkt[TCP].ack tcp.sport = pkt[TCP].dport tcp.dport = pkt[TCP].sport tcp.flags = flag data = pkt[TCP].payload send(ip / tcp / data)
buf = [n for n in buf] buf[12] = 80 buf = bytes(buf) tcp = TCP(buf) ip.contains(tcp) tcp.swapSourceAndDestination() return ip, tcp while True: data, addr = server.recvfrom(4096) #print(addr, data) ip = IP(data) ip_len = ip.get_size() tcp = TCP(data[ip_len:]) if tcp.get_th_dport() == 1234: print('state', state) #buf = tcp.get_packet() #print([hex(n)[2:] for n in buf]) print(tcp, tcp.get_th_seq(), tcp.get_th_ack()) if state == 0: ip, tcp = reply(ip, tcp) tcp.set_th_ack(tcp.get_th_seq() + 1) tcp.set_th_seq(0) #print('###', tcp.get_th_seq()) tcp.set_ACK() tcp.calculate_checksum() buf = ip.get_packet() print(tcp, tcp.get_th_seq(), tcp.get_th_ack()) server.sendto(buf, ('127.0.0.1', 0))