def _process_dns(self, pkt):
domain = pkt[sc.DNS].qd.qname
device_mac = pkt[sc.Ether].dst
# No DNS requests from this host
if device_mac == self._host_state.host_mac:
return
# Remove trailing dot from domain
if domain.endswith('.'):
domain = domain[0:-1]
ip_set = set()
for ix in range(pkt[sc.DNS].ancount):
# Extracts A-records
if pkt[sc.DNSRR][ix].type == 1:
# Extracts IPv4 addr in A-record
ip = pkt[sc.DNSRR][ix].rdata
if utils.is_ipv4_addr(ip):
ip_set.add(ip)
with self._host_state.lock:
self._host_state.pending_dns_responses.append({
'domain': domain,
'ip_set': ip_set
})
def start(webserver_context):
# Read from home directory the user_key. If non-existent, get one from
# cloud.
config_dict = utils.get_user_config()
utils.log('[MAIN] Starting.')
# Set up environment
state = HostState()
state.user_key = config_dict['user_key']
state.secret_salt = config_dict['secret_salt']
state.host_mac = utils.get_my_mac()
state.gateway_ip, _, state.host_ip = utils.get_default_route()
webserver_context['host_state'] = state
assert utils.is_ipv4_addr(state.gateway_ip)
assert utils.is_ipv4_addr(state.host_ip)
state.packet_processor = PacketProcessor(state)
utils.log('Initialized:', state.__dict__)
# Continously discover devices
arp_scan_thread = ArpScan(state)
arp_scan_thread.start()
# Continuously gather SSDP data
netdisco_thread = NetdiscoWrapper(state)
netdisco_thread.start()
# Continuously capture packets
packet_capture_thread = PacketCapture(state)
packet_capture_thread.start()
# Continously spoof ARP
if '--no_spoofing' not in sys.argv:
arp_spoof_thread = ArpSpoof(state)
arp_spoof_thread.start()
# Continuously upload data
data_upload_thread = DataUploader(state)
data_upload_thread.start()
def _process_dns(self, pkt):
src_mac = pkt[sc.Ether].src
dst_mac = pkt[sc.Ether].dst
src_ip = pkt[sc.IP].src
dst_ip = pkt[sc.IP].dst
# Find device ID
if pkt[sc.DNS].qr == 0:
# DNS request
if dst_mac == self._host_state.host_mac:
device_mac = src_mac
resolver_ip = dst_ip
else:
return
else:
# DNS response
if src_mac == self._host_state.host_mac:
device_mac = dst_mac
resolver_ip = src_ip
else:
return
device_id = utils.get_device_id(device_mac, self._host_state)
# Parse domain
try:
domain = pkt[sc.DNSQR].qname.lower()
except AttributeError:
return
# Remove trailing dot from domain
if domain[-1] == '.':
domain = domain[0:-1]
# Parse DNS response
ip_set = set()
if sc.DNSRR in pkt and pkt[sc.DNS].an:
for ix in range(pkt[sc.DNS].ancount):
# Extracts A-records
if pkt[sc.DNSRR][ix].type == 1:
# Extracts IPv4 addr in A-record
ip = pkt[sc.DNSRR][ix].rdata
if utils.is_ipv4_addr(ip):
ip_set.add(ip)
with self._host_state.lock:
domain = str(domain)
dns_key = (device_id, domain, resolver_ip, 0)
current_ip_set = self._host_state \
.pending_dns_dict.setdefault(dns_key, set())
ip_set = ip_set | current_ip_set
self._host_state.pending_dns_dict[dns_key] = ip_set
def ip_query(ip):
if ip is None or not utils.is_ipv4_addr(ip):
return error_tip(u'ip地址为空或者格式错误')
params = {'key': file_utils.get_app_key(u'ip_key'), 'ip': ip}
url = 'http://apis.juhe.cn/ip/ip2addr?{}'.format(
utils.dict_to_get_params(params))
try:
res = requests.get(url)
data = json.loads(res.text)['result']
res_item = {
'title': data['area'],
'subtitle': data['location'],
'url': '',
'arg': data['area'],
'icon': 'img/ip.png',
'valid': True
}
return [res_item]
except Exception, e:
print e
return []
def main():
# Read from home directory the user_key. If non-existent, get one from
# cloud.
config_dict = utils.get_user_config()
# Where user would see report
url = server_config.REPORT_URL.format(user_key=config_dict['user_key'])
# Open a web browser only if non-root
if not is_root() and LAUNCH_WEB_BROWSER_UPON_START:
if 'no_browser' not in sys.argv:
webbrowser.open_new_tab(url)
os_platform = sys.platform
# Run as root
if os_platform.startswith('linux'):
elevate(graphical=False)
else:
elevate()
assert is_root()
utils.log('[MAIN] Starting.')
# Set up environment
state = HostState()
state.user_key = config_dict['user_key']
state.secret_salt = config_dict['secret_salt']
state.host_mac = utils.get_my_mac()
state.gateway_ip, _, state.host_ip = utils.get_default_route()
assert utils.is_ipv4_addr(state.gateway_ip)
assert utils.is_ipv4_addr(state.host_ip)
state.packet_processor = PacketProcessor(state)
utils.log('Initialized:', state.__dict__)
# Enable kernal forwarding.
if os_platform.startswith('darwin'):
cmd = ['/usr/sbin/sysctl', '-w', 'net.inet.ip.forwarding=1']
elif os_platform.startswith('linux'):
cmd = ['sysctl', '-w', 'net.ipv4.ip_forward=1']
else:
raise RuntimeError('Unsupported platform.')
assert subprocess.call(cmd) == 0
# Continously discover devices
arp_scan_thread = ArpScan(state)
arp_scan_thread.start()
# Continuously capture packets
packet_capture_thread = PacketCapture(state)
packet_capture_thread.start()
# Continously spoof ARP
arp_spoof_thread = ArpSpoof(state)
arp_spoof_thread.start()
# Continuously upload data
data_upload_thread = DataUploader(state)
data_upload_thread.start()
# UI
try:
ui.start_main_ui(url, state)
except KeyboardInterrupt:
pass
# Disable kernal forwarding.
if os_platform.startswith('darwin'):
cmd = ['/usr/sbin/sysctl', '-w', 'net.inet.ip.forwarding=0']
elif os_platform.startswith('linux'):
cmd = ['sysctl', '-w', 'net.ipv4.ip_forward=0']
assert subprocess.call(cmd) == 0
utils.log('[MAIN] Done.')
def start(webserver_context):
# Read from home directory the user_key. If non-existent, get one from
# cloud.
config_dict = utils.get_user_config()
utils.log('[MAIN] Starting.')
# Set up environment
state = HostState()
state.user_key = config_dict['user_key'].replace('-', '')
state.secret_salt = config_dict['secret_salt']
state.host_mac = utils.get_my_mac()
state.gateway_ip, _, state.host_ip = utils.get_default_route()
webserver_context['host_state'] = state
assert utils.is_ipv4_addr(state.gateway_ip)
assert utils.is_ipv4_addr(state.host_ip)
state.packet_processor = PacketProcessor(state)
utils.log('Initialized:', state.__dict__)
# Continously discover devices
arp_scan_thread = ArpScan(state)
arp_scan_thread.start()
# Continuously gather SSDP data
netdisco_thread = NetdiscoWrapper(state)
netdisco_thread.start()
# Continuously capture packets
packet_capture_thread = PacketCapture(state)
packet_capture_thread.start()
# Continously spoof ARP
if '--no_spoofing' not in sys.argv:
arp_spoof_thread = ArpSpoof(state)
arp_spoof_thread.start()
# Continuously upload data
data_upload_thread = DataUploader(state)
data_upload_thread.start()
# Suppress scapy warnings
try:
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
except Exception:
pass
# Suppress flask messages
try:
logging.getLogger('werkzeug').setLevel(logging.ERROR)
except Exception:
pass
if state.persistent_mode:
# Insert a dash every four characters to make user-key easier to type
pretty_user_key = ''
for (ix, char) in enumerate(state.user_key):
if (ix > 0) and (ix % 4 == 0):
pretty_user_key += '-'
pretty_user_key += char
path = 'persistent/' + pretty_user_key
caution = 'This is your private link. Open it only on trusted computers.' # noqa
else:
path = ''
caution = ''
print('\n' * 100)
print("""
===========================
Princeton IoT Inspector
===========================
View the IoT Inspector report at:
https://inspector.cs.princeton.edu/{0}
{1}
Hit Control + C to terminate this process and stop data collection.
""".format(path, caution))
def start():
"""
Initializes inspector by spawning a number of background threads.
Returns the host state once all background threats are started.
"""
# Read from home directory the user_key. If non-existent, get one from
# cloud.
config_dict = utils.get_user_config()
utils.log('[MAIN] Starting.')
# Set up environment
state = HostState()
state.user_key = config_dict['user_key'].replace('-', '')
state.secret_salt = config_dict['secret_salt']
state.host_mac = utils.get_my_mac()
state.gateway_ip, _, state.host_ip = utils.get_default_route()
# Read special command-line arguments
if '--raspberry_pi_mode' in sys.argv:
state.raspberry_pi_mode = True
assert utils.is_ipv4_addr(state.gateway_ip)
assert utils.is_ipv4_addr(state.host_ip)
state.packet_processor = PacketProcessor(state)
utils.log('Initialized:', state.__dict__)
# Continously discover devices
arp_scan_thread = ArpScan(state)
arp_scan_thread.start()
# Continously discover ports via SYN scans
syn_scan_thread = SynScan(state)
syn_scan_thread.start()
# Continuously gather SSDP data
netdisco_thread = NetdiscoWrapper(state)
netdisco_thread.start()
# Continuously capture packets
packet_capture_thread = PacketCapture(state)
packet_capture_thread.start()
# Continously spoof ARP
if '--no_spoofing' not in sys.argv:
arp_spoof_thread = ArpSpoof(state)
arp_spoof_thread.start()
# Continuously upload data
data_upload_thread = DataUploader(state)
data_upload_thread.start()
# Suppress scapy warnings
try:
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
except Exception:
pass
# Suppress flask messages
try:
logging.getLogger('werkzeug').setLevel(logging.ERROR)
except Exception:
pass
# Insert a dash every four characters to make user-key easier to type
pretty_user_key = ''
for (ix, char) in enumerate(state.user_key):
if (ix > 0) and (ix % 4 == 0):
pretty_user_key += '-'
pretty_user_key += char
print('\n' * 100)
os_platform = utils.get_os()
print(WINDOWS_STARTUP_TEXT.format(server_config.BASE_URL, pretty_user_key))
# Open a browser window on Windows 10. Note that a new webpage will be
# opened in a non-privileged mode. TODO: Not sure how to do the same
# for macOS, as the "open" call on macOS will open a browser window
# in privileged mode.
if os_platform == 'windows':
utils.open_browser_on_windows('{0}/user/{1}'.format(
server_config.BASE_URL, pretty_user_key))
return state
def start():
"""
Initializes inspector by spawning a number of background threads.
Returns the host state once all background threats are started.
"""
# Read from home directory the user_key. If non-existent, get one from
# cloud.
config_dict = utils.get_user_config()
utils.log('[MAIN] Starting.')
# Set up environment
state = HostState()
state.user_key = config_dict['user_key'].replace('-', '')
state.secret_salt = config_dict['secret_salt']
state.host_mac = utils.get_my_mac()
state.gateway_ip, _, state.host_ip = utils.get_default_route()
assert utils.is_ipv4_addr(state.gateway_ip)
assert utils.is_ipv4_addr(state.host_ip)
state.packet_processor = PacketProcessor(state)
utils.log('Initialized:', state.__dict__)
# Start web API
webserver.start_thread(state)
# Continously discover devices
arp_scan_thread = ArpScan(state)
arp_scan_thread.start()
# Continously discover ports via SYN scans
syn_scan_thread = SynScan(state)
syn_scan_thread.start()
# # Continuously gather SSDP data
# netdisco_thread = NetdiscoWrapper(state)
# netdisco_thread.start()
# Continuously capture packets
packet_capture_thread = PacketCapture(state)
packet_capture_thread.start()
# Continously spoof ARP
if '--no_spoofing' not in sys.argv:
arp_spoof_thread = ArpSpoof(state)
arp_spoof_thread.start()
# Suppress scapy warnings
try:
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
except Exception:
pass
# Suppress flask messages
try:
logging.getLogger('werkzeug').setLevel(logging.ERROR)
except Exception:
pass
# Insert a dash every four characters to make user-key easier to type
pretty_user_key = ''
for (ix, char) in enumerate(state.user_key):
if (ix > 0) and (ix % 4 == 0):
pretty_user_key += '-'
pretty_user_key += char
print(
'Ready. To test if the API works, visit http://127.0.0.1:46241/get_device_list'
)
return state
