def tryInterfaces(self, ifaces):
try:
from scapy.all import sr1 ## we want this check to be blocking
except:
log.msg("This test requires scapy: www.secdev.org/projects/scapy")
raise SystemExit
ifup = {}
while ifaces:
for ifname, ifaddr in ifaces:
log.debug("Currently testing network capabilities of interface"
+ "%s by sending a packet to our address %s"
% (ifname, ifaddr))
try:
pkt = IP(dst=ifaddr)/ICMP()
ans, unans = sr(pkt, iface=ifname, timeout=self.timeout)
except Exception, e:
raise PermissionsError if e.find("Errno 1") else log.err(e)
else:
## xxx i think this logic might be wrong
log.debug("Interface test packet\n%s\n\n%s"
% (pkt.summary(), pkt.show2()))
if ans.summary():
log.info("Received answer for test packet on interface"
+"%s :\n%s" % (ifname, ans.summary()))
ifup.update(ifname, ifaddr)
else:
log.info("Our interface test packet was unanswered:\n%s"
% unans.summary())
def generate_packet(dest_addr, dest_port, src_port=app.config['SRC_PORT'],
proto='tcp', ip_id=app.config['IP_ID']):
'Craft and send requested probe packet'
if proto == 'tcp':
transport = TCP
elif proto == 'udp':
transport = UDP
else:
raise ValueError('Invalid IP protocol specified (must be one of '
'"tcp" or "udp")')
src_addr = app.config.get('SRC_ADDR', None)
dest_port = int(dest_port)
src_port = int(src_port)
ip_id = int(ip_id)
payload_text = app.config.get('PACKET_CONTENT')
protocol = transport(dport=dest_port, sport=src_port)
packet = IP(dst=dest_addr, src=src_addr, id=ip_id)/protocol/payload_text
app.logger.debug('generated probe packet with Scapy: %s', packet.summary())
send(packet)
app.logger.debug('finished sending crafted probe packet')
return packet
def cb(qh, nfmsg, nfad, data):
"""
int nfq_callback(struct nfq_q_handle *qh,
struct nfgenmsg *nfmsg,
struct nfq_data *nfad, void *data);
"""
payload = NFQ.cb_get_payload(nfad)
packet_id = NFQ.cb_get_packet_id(nfad)
ip = IP(payload)
LOG.info("ID %d: %s", packet_id, ip.summary())
sleep(SLEEP_SECS)
NFQ.cb_set_verdict(qh, packet_id, NFQ.NF_ACCEPT)
return 1
def cb(qh, nfmsg, nfad, data):
"""
int nfq_callback(struct nfq_q_handle *qh,
struct nfgenmsg *nfmsg,
struct nfq_data *nfad, void *data);
"""
print "===CB==="
LOG.info("CB called with data=%s", data)
payload = NFQ.cb_get_payload(nfad)
packet_id = NFQ.cb_get_packet_id(nfad)
hexdump(payload)
ip = IP(payload)
LOG.info("ID %d: %s", packet_id, ip.summary())
NFQ.cb_set_verdict(qh, packet_id, NFQ.NF_ACCEPT)
return 1
def sendToNet(self, packet):
print "packet", repr(packet)
scp = IP(packet)
checksum = crc32(packet) & 0xffffffff
checksumStr = "%08x" % checksum
hexRepr = " ".join(map(lambda x: "%02x" % ord(x), packet[4:])) + " " + " ".join(map(lambda x: checksumStr[x:x+2], range(0, len(checksumStr), 2)))
print " ?>", scp.summary(), " -- hex len", len(hexRepr), "checksum 0x%08x" % checksum
i = ""
while i.lower() not in ("a", "d"):
i = raw_input(" ?? (A)ccept/(D)rop? ")
if i == "a":
# accept the packet!
print " >> Moved one packet to printer"
self.toPrinter(hexRepr)
self.reader.output(hexRepr.replace(" ", ""))
else:
print " -- Dropped"
def sendToNet(self, packet):
print "packet", repr(packet)
scp = IP(packet)
checksum = crc32(packet) & 0xffffffff
checksumStr = "%08x" % checksum
hexRepr = " ".join(map(lambda x: "%02x" % ord(x),
packet[4:])) + " " + " ".join(
map(lambda x: checksumStr[x:x + 2],
range(0, len(checksumStr), 2)))
print " ?>", scp.summary(), " -- hex len", len(
hexRepr), "checksum 0x%08x" % checksum
i = ""
while i.lower() not in ("a", "d"):
i = raw_input(" ?? (A)ccept/(D)rop? ")
if i == "a":
# accept the packet!
print " >> Moved one packet to printer"
self.toPrinter(hexRepr)
self.reader.output(hexRepr.replace(" ", ""))
else:
print " -- Dropped"
#!/usr/bin/python3
# Scapy is a python library that allows us to design, manipulate, intercept and process packets
# Scapy sets header fields by default.
# Have to be root to run this.
from scapy.all import IP, ICMP, sr1, ls
ip_layer = IP(src="192.168.0.1", dst="www.google.com")
#print(ip_layer.show())
icmp_req = ICMP()
# Help to list (ls) details about the layer.
print(ls(ip_layer))
print(ip_layer.show())
print(ip_layer.summary())
print(icmp_req.show())
# Add the layers together with /
packet = ip_layer / icmp_req
#print(packet.show())
received_packet = sr1(packet)
if received_packet:
print(received_packet.show())
from scapy.all import ICMP
from scapy.all import IP
from scapy.all import sr1
from scapy.all import ls
if __name__ == "__main__":
dest_ip = "www.google.com"
ip_layer = IP(dst=dest_ip)
print(ls(ip_layer)) # displaying complete layer info
# accessing the fields
print("Destination = ", ip_layer.dst)
print("Summary = ", ip_layer.summary())
def process(payload):
data = payload.get_data()
p = IP(data)
print p.summary()
payload.set_verdict(nfqueue.NF_ACCEPT)
class Pro_pkt:
def __init__(self, iface='lo', pkt=None):
self.iface = iface
self.pkt = pkt
self.new_header_hash = '0' * 64
self.pb = process_block.Pro_block()
def print_pkt(self, packet):
(hexdump(packet))
def construct_pkt(self, sport=0, dport=0, block=None):
self.pkt = IP() / UDP(sport=sport, dport=dport) / block
return self.pkt
def is_file_exists(self, filename, port=2231):
if not os.path.exists(filename):
block = self.pb.create_genesis_block()
return self.construct_pkt(port, 3231, block)
else:
return None
def construct_pkt_with_pre_header_hash(self, sport, dport, \
pre_header_hash):
new_block = self.pb.create_new_block(pre_header_hash)
self.new_header_hash = self.pb.new_header_hash
return self.construct_pkt(sport, dport, new_block)
def send_pkt(self):
send(self.pkt, iface=self.iface)
if type(self.pkt) == list:
for pkt in self.pkt:
print(pkt.summary())
else:
print("send pkt: ", self.pkt.summary())
def broadcast_pkt(self, sport=0, dport_list=[], block=None):
if dport_list:
self.construct_pkt(sport, dport_list, block)
self.send_pkt()
else:
print("dport list is none\n")
def recv_pkt(self, filter_rule=None, pkt_count=1):
self.pkt = sniff(iface = self.iface, filter = filter_rule, \
count = pkt_count)
print("recv pkt: ", self.pkt[0].summary())
return self.pkt
def wr_pkt(self, mode='node', port=2231):
file_name = ''.join([dir_prefix, mode, '_', str(port), '.pcap'])
try:
pktdump = PcapWriter(file_name, append=True, sync=True)
pktdump.write(self.pkt)
except:
raise Exception
def rd_one_pkt(self, mode='node', port=2231):
file_name = ''.join([dir_prefix, mode, '_', str(port), '.pcap'])
pkt = self.is_file_exists(file_name, port)
if pkt:
self.pkt = pkt
self.wr_pkt(port=port)
print("return genesis block")
return pkt
try:
print("return from file")
return rdpcap(file_name)[-1]
except:
raise Exception
def rd_all_pkts(self, mode='node', port=2231):
file_name = ''.join([dir_prefix, mode, '_', str(port), '.pcap'])
try:
return rdpcap(file_name)
except:
raise Exception
def copy_from_port(self, sport=0, dport=0):
re_pkt = self.rd_all_pkts(port=sport)
for pkt in re_pkt:
pkt.sport = dport
self.pkt = pkt
self.wr_pkt(port=dport)
