def attacker_mode(victim_ip):
arp_thread = threading.Thread(target=listen_data)
arp_thread.daemon = True
arp_thread.start()
response_arp = NetworkManager.SecureArp()
packet = ARP(op=ARP.is_at,
hwsrc=MY_MAC,
psrc=victim_ip,
hwdst='cc:cc:cc:cc:cc:cc',
pdst="192.168.1.64")
response_arp.pkt = packet
response_arp.sig = response_arp.sig_size * "A"
print("Sending Malicious ARP Update:")
response_arp.pkt.show()
sock = NetworkManager.Socket('192.168.1.64',
NetworkManager.ARP_PORT,
server=False)
sock.send_message(response_arp.serialize(),
('192.168.1.64', NetworkManager.ARP_PORT))
# NetworkManager.broadcast_packet(response_arp.serialize(), NetworkManager.ARP_PORT)
while True:
pass
'''
def ca_mode():
FILEPATH = "DHCP/state.txt"
if not os.path.isfile(FILEPATH):
initialize_keys()
else:
print "File exists"
# Key manager
key_manager = create_key_manager()
monitor = FileMonitor(time.time(), FILEPATH, key_manager)
server_thread = threading.Thread(target=monitor.monitor)
# Dont exit the server thread when the main thread terminates
server_thread.daemon = True
server_thread.start()
ca_sock = NetworkManager.Socket(CA_IP, NetworkManager.CA_PORT, server=True)
my_ip = netifaces.ifaddresses(
get_interface())[netifaces.AF_INET][0]['addr']
# Read keys from file and initialize keys object - (pub,priv)
keys = read_keys(my_ip)
while True:
query_size, addr = ca_sock.udp_recv_message(INT_SIZE, wait=True)
if query_size:
print("[*] Received update from host", str(addr[0]))
monitor.mutex.acquire()
ca_handle_query(monitor.manager, query_size, ca_sock,
keys) # handles query and kills conn
monitor.mutex.release()
def get_public_key(sock, ip):
ca_sock = NetworkManager.Socket(CA_IP, NetworkManager.CA_PORT)
nonce = str(uuid.uuid4())
debug("Generated nonce for CA: " + nonce)
query = {QUERY_TYPE: GET_QUERY_TYPE, IP_QUERY: ip, NONCE: nonce}
ca_sock.send_message(struct.pack("!I", len(query)),
(CA_IP, NetworkManager.CA_PORT))
ca_sock.send_message(str(query), (CA_IP, NetworkManager.CA_PORT))
data, addr = ca_sock.udp_recv_message(INT_SIZE, wait=True)
query_size = int(struct.unpack("!I", data)[0])
data, addr = ca_sock.udp_recv_message(query_size, wait=True)
debug("Received " + str(len(data)) + " bytes")
ca_keys = read_keys(CA_IP)
sig = data[:SIG_SIZE]
public_key = data[SIG_SIZE:]
if not validate_sig(nonce, sig, ca_keys.publicKey.exportKey('DER')):
return None
debug("Validated Sig from CA")
return public_key
def host_mode(query_ip, verify_on):
# Assuming host's IP and public key already registered with CA
# Send query, if any. Otherwise, listen on port to respond
# Read keys from file and initialize keys object - (pub,priv)
keys = read_keys(MY_IP)
nonce = None
sock = NetworkManager.Socket(MY_IP, NetworkManager.ARP_PORT, server=True)
start_time = None
if query_ip:
arp_query = NetworkManager.SecureArp()
nonce = arp_query.create_query(MY_MAC, MY_IP, query_ip)
if not nonce:
print("Error: Couldnt create ARP query for ip %s" % str(query_ip))
else:
start_time = time.time()
debug("Broadcasting ARP query")
NetworkManager.broadcast_packet(arp_query.serialize(),
NetworkManager.ARP_PORT)
key_manager = KeyManager.KeyManager()
arp_thread = threading.Thread(target=listen_data)
arp_thread.daemon = True
arp_thread.start()
print("[*] Listening for ARP messages")
while True:
# if query, respond to it. If response, validate and add to table
data, addr = sock.udp_recv_message(NetworkManager.ARP_SIZE, wait=True)
#debug("Received " + str(len(data)) + " bytes")
if data and addr[0] != MY_IP:
response_arp = NetworkManager.SecureArp(raw=data)
query_ip = response_arp.get_query_ip()
if query_ip:
print("[*] Received Query from %s" % str(addr))
response_arp.pkt.show()
if query_ip == MY_IP:
response_arp.create_response(MY_MAC, MY_IP, keys)
print("Sending Response:")
response_arp.pkt.show()
d = (addr[0], NetworkManager.ARP_PORT)
sock.send_message(response_arp.serialize(), dest=d)
else:
# check cache for key, or send query if not there
debug(addr)
sender_ip = addr[0]
key = None
if key_manager.has(sender_ip):
key = key_manager.get(sender_ip)
else:
key = get_public_key(sock, sender_ip)
if not key:
print("Detected Invalid Response from CA: bad sig!")
continue
if verify_on:
# check cache for key or query CA
if nonce and response_arp.validate_sig(nonce, key):
print("[*] Received Valid Response:")
response_arp.pkt.show()
nonce = None
# Update ARP table
handle_arp_request(response_arp.pkt)
print "[*] ARPSec time spent:", str(
time.time() - start_time), "seconds"
else:
print("[*] Received Invalid Response from %s" %
str(addr))
print(
"[*] Cannot send a message because ARP response could not be verified"
)
print "[*] ARPSec time spent:", str(
time.time() - start_time), "seconds"
return
else:
# Update ARP table
print("[*] WARNING: Update ARP Table insecrely")
handle_arp_request(response_arp.pkt)
print "[*] Regular ARP time spent:", str(
time.time() - start_time), "seconds"
if arp_table.has(response_arp.pkt.psrc):
print "[*] Sending data to", addr[
0], "using MAC", arp_table.get(response_arp.pkt.psrc)
send_data_link("Password=CSE534",
arp_table.get(response_arp.pkt.psrc))
