def get_srv_map(cls): if not hasattr(cls,'TCP_SERVICES'): try: from scapy.all import TCP_SERVICES cls.TCP_SERVICES = dict((k,'%d'%TCP_SERVICES[k]) for k in TCP_SERVICES.keys()) except ImportError: cls.TCP_SERVICES = {} return cls.TCP_SERVICES
def main(rhost, rport): """ Completes the three way handshake, the determines what service is available on that port, if any """ try: rport = int(rport) except ValueError: print("{} does not appear to be a valid number.".format(rport)) print("Please change the destination port value and try again.") return source_port = randint(1024, 65535) # Packet[1] SYN ip = IP(dst=rhost, ttl=128, len=48) tcp = TCP(sport=source_port, dport=rport, flags='S', options=[('MSS', 1460), ('NOP', ()), ('NOP', ()), ('SAckOK', '')]) syn = ip / tcp # Packet[2] SYN-ACK syn_ack = sr1(syn) replyflag = syn_ack.sprintf("%TCP.flags%") print("Received TCP Reply flag {}".format(replyflag)) # Packet[3] ACK if (replyflag == 'SA'): SEQ = syn_ack[TCP].ack ACK = syn_ack[TCP].seq + 1 source_port = syn_ack.dport ## The OS may change source_port tcp = TCP(dport=rport, flags='A', seq=SEQ, ack=ACK, sport=source_port) send(ip / tcp) # Equivalent to the C language function getservbyport() TCP_REVERSE = dict((TCP_SERVICES[k], k) for k in TCP_SERVICES.keys()) print("Port {} is {}".format(rport, TCP_REVERSE[rport]))
#!/usr/bin/env python # encoding: utf-8 from scapy.all import config from scapy.all import IP,TCP,IPv6,Padding from scapy.all import TCP_SERVICES,UDP_SERVICES TCP_PORTS={TCP_SERVICES[service]:service for service in TCP_SERVICES.keys()} UDP_PORTS={UDP_SERVICES[service]:service for service in UDP_SERVICES.keys()} import socket def _search_3way_handshake_of_tcp_stream(tcp_stream): """Search TCP 3 Way Handshake in TCP Stream.(returns first seen)""" handshakes_init = [] #get a "SYN" for synpacket in tcp_stream.filter(lambda p: p[TCP].flags & 0x02): S = synpacket #get the coresponding "SYN ACK" synackpackets = tcp_stream.filter( lambda p: p[TCP].flags & 0x12 and p[TCP].ack == S.seq + 1 ) for synackpacket in synackpackets: SA = synackpacket #get the coresponding "ACK" ackpackets = tcp_stream.filter( lambda p: p[TCP].flags & 0x10 and p[TCP].ack == SA.seq + 1 ) if ackpackets: A = ackpackets[0] return PacketList([S,SA,A],name="TCP3WayHandShake of %s - " % repr(tcp_stream)) _calc_tcp_pay_len = lambda pkt:\ TCP in pkt and type(pkt[TCP].payload) != Padding and \
#!/usr/bin/env python # encoding: utf-8 from scapy.all import config from scapy.all import IP, TCP, IPv6, Padding from scapy.all import TCP_SERVICES, UDP_SERVICES TCP_PORTS = {TCP_SERVICES[service]: service for service in TCP_SERVICES.keys()} UDP_PORTS = {UDP_SERVICES[service]: service for service in UDP_SERVICES.keys()} import socket def _search_3way_handshake_of_tcp_stream(tcp_stream): """Search TCP 3 Way Handshake in TCP Stream.(returns first seen)""" handshakes_init = [] #get a "SYN" for synpacket in tcp_stream.filter(lambda p: p[TCP].flags & 0x02): S = synpacket #get the coresponding "SYN ACK" synackpackets = tcp_stream.filter( lambda p: p[TCP].flags & 0x12 and p[TCP].ack == S.seq + 1) for synackpacket in synackpackets: SA = synackpacket #get the coresponding "ACK" ackpackets = tcp_stream.filter( lambda p: p[TCP].flags & 0x10 and p[TCP].ack == SA.seq + 1) if ackpackets: A = ackpackets[0] return PacketList([S, SA, A], name="TCP3WayHandShake of %s - " % repr(tcp_stream)) _calc_tcp_pay_len = lambda pkt:\