def attacker_mode(victim_ip):
arp_thread = threading.Thread(target=listen_data)
arp_thread.daemon = True
arp_thread.start()
response_arp = NetworkManager.SecureArp()
packet = ARP(op=ARP.is_at,
hwsrc=MY_MAC,
psrc=victim_ip,
hwdst='cc:cc:cc:cc:cc:cc',
pdst="192.168.1.64")
response_arp.pkt = packet
response_arp.sig = response_arp.sig_size * "A"
print("Sending Malicious ARP Update:")
response_arp.pkt.show()
sock = NetworkManager.Socket('192.168.1.64',
NetworkManager.ARP_PORT,
server=False)
sock.send_message(response_arp.serialize(),
('192.168.1.64', NetworkManager.ARP_PORT))
# NetworkManager.broadcast_packet(response_arp.serialize(), NetworkManager.ARP_PORT)
while True:
pass
'''
def host_mode(query_ip, verify_on):
# Assuming host's IP and public key already registered with CA
# Send query, if any. Otherwise, listen on port to respond
# Read keys from file and initialize keys object - (pub,priv)
keys = read_keys(MY_IP)
nonce = None
sock = NetworkManager.Socket(MY_IP, NetworkManager.ARP_PORT, server=True)
start_time = None
if query_ip:
arp_query = NetworkManager.SecureArp()
nonce = arp_query.create_query(MY_MAC, MY_IP, query_ip)
if not nonce:
print("Error: Couldnt create ARP query for ip %s" % str(query_ip))
else:
start_time = time.time()
debug("Broadcasting ARP query")
NetworkManager.broadcast_packet(arp_query.serialize(),
NetworkManager.ARP_PORT)
key_manager = KeyManager.KeyManager()
arp_thread = threading.Thread(target=listen_data)
arp_thread.daemon = True
arp_thread.start()
print("[*] Listening for ARP messages")
while True:
# if query, respond to it. If response, validate and add to table
data, addr = sock.udp_recv_message(NetworkManager.ARP_SIZE, wait=True)
#debug("Received " + str(len(data)) + " bytes")
if data and addr[0] != MY_IP:
response_arp = NetworkManager.SecureArp(raw=data)
query_ip = response_arp.get_query_ip()
if query_ip:
print("[*] Received Query from %s" % str(addr))
response_arp.pkt.show()
if query_ip == MY_IP:
response_arp.create_response(MY_MAC, MY_IP, keys)
print("Sending Response:")
response_arp.pkt.show()
d = (addr[0], NetworkManager.ARP_PORT)
sock.send_message(response_arp.serialize(), dest=d)
else:
# check cache for key, or send query if not there
debug(addr)
sender_ip = addr[0]
key = None
if key_manager.has(sender_ip):
key = key_manager.get(sender_ip)
else:
key = get_public_key(sock, sender_ip)
if not key:
print("Detected Invalid Response from CA: bad sig!")
continue
if verify_on:
# check cache for key or query CA
if nonce and response_arp.validate_sig(nonce, key):
print("[*] Received Valid Response:")
response_arp.pkt.show()
nonce = None
# Update ARP table
handle_arp_request(response_arp.pkt)
print "[*] ARPSec time spent:", str(
time.time() - start_time), "seconds"
else:
print("[*] Received Invalid Response from %s" %
str(addr))
print(
"[*] Cannot send a message because ARP response could not be verified"
)
print "[*] ARPSec time spent:", str(
time.time() - start_time), "seconds"
return
else:
# Update ARP table
print("[*] WARNING: Update ARP Table insecrely")
handle_arp_request(response_arp.pkt)
print "[*] Regular ARP time spent:", str(
time.time() - start_time), "seconds"
if arp_table.has(response_arp.pkt.psrc):
print "[*] Sending data to", addr[
0], "using MAC", arp_table.get(response_arp.pkt.psrc)
send_data_link("Password=CSE534",
arp_table.get(response_arp.pkt.psrc))
