def attacker_mode(victim_ip): arp_thread = threading.Thread(target=listen_data) arp_thread.daemon = True arp_thread.start() response_arp = NetworkManager.SecureArp() packet = ARP(op=ARP.is_at, hwsrc=MY_MAC, psrc=victim_ip, hwdst='cc:cc:cc:cc:cc:cc', pdst="192.168.1.64") response_arp.pkt = packet response_arp.sig = response_arp.sig_size * "A" print("Sending Malicious ARP Update:") response_arp.pkt.show() sock = NetworkManager.Socket('192.168.1.64', NetworkManager.ARP_PORT, server=False) sock.send_message(response_arp.serialize(), ('192.168.1.64', NetworkManager.ARP_PORT)) # NetworkManager.broadcast_packet(response_arp.serialize(), NetworkManager.ARP_PORT) while True: pass '''
def host_mode(query_ip, verify_on): # Assuming host's IP and public key already registered with CA # Send query, if any. Otherwise, listen on port to respond # Read keys from file and initialize keys object - (pub,priv) keys = read_keys(MY_IP) nonce = None sock = NetworkManager.Socket(MY_IP, NetworkManager.ARP_PORT, server=True) start_time = None if query_ip: arp_query = NetworkManager.SecureArp() nonce = arp_query.create_query(MY_MAC, MY_IP, query_ip) if not nonce: print("Error: Couldnt create ARP query for ip %s" % str(query_ip)) else: start_time = time.time() debug("Broadcasting ARP query") NetworkManager.broadcast_packet(arp_query.serialize(), NetworkManager.ARP_PORT) key_manager = KeyManager.KeyManager() arp_thread = threading.Thread(target=listen_data) arp_thread.daemon = True arp_thread.start() print("[*] Listening for ARP messages") while True: # if query, respond to it. If response, validate and add to table data, addr = sock.udp_recv_message(NetworkManager.ARP_SIZE, wait=True) #debug("Received " + str(len(data)) + " bytes") if data and addr[0] != MY_IP: response_arp = NetworkManager.SecureArp(raw=data) query_ip = response_arp.get_query_ip() if query_ip: print("[*] Received Query from %s" % str(addr)) response_arp.pkt.show() if query_ip == MY_IP: response_arp.create_response(MY_MAC, MY_IP, keys) print("Sending Response:") response_arp.pkt.show() d = (addr[0], NetworkManager.ARP_PORT) sock.send_message(response_arp.serialize(), dest=d) else: # check cache for key, or send query if not there debug(addr) sender_ip = addr[0] key = None if key_manager.has(sender_ip): key = key_manager.get(sender_ip) else: key = get_public_key(sock, sender_ip) if not key: print("Detected Invalid Response from CA: bad sig!") continue if verify_on: # check cache for key or query CA if nonce and response_arp.validate_sig(nonce, key): print("[*] Received Valid Response:") response_arp.pkt.show() nonce = None # Update ARP table handle_arp_request(response_arp.pkt) print "[*] ARPSec time spent:", str( time.time() - start_time), "seconds" else: print("[*] Received Invalid Response from %s" % str(addr)) print( "[*] Cannot send a message because ARP response could not be verified" ) print "[*] ARPSec time spent:", str( time.time() - start_time), "seconds" return else: # Update ARP table print("[*] WARNING: Update ARP Table insecrely") handle_arp_request(response_arp.pkt) print "[*] Regular ARP time spent:", str( time.time() - start_time), "seconds" if arp_table.has(response_arp.pkt.psrc): print "[*] Sending data to", addr[ 0], "using MAC", arp_table.get(response_arp.pkt.psrc) send_data_link("Password=CSE534", arp_table.get(response_arp.pkt.psrc))