Python scapy.layers.inet.IP Examples
The following are 30
code examples of scapy.layers.inet.IP().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.layers.inet
, or try the search function
.
Example #1
Source File: native.py From scapy with GNU General Public License v2.0 | 7 votes |
def recv_raw(self, x=MTU): try: data, address = self.ins.recvfrom(x) except io.BlockingIOError: return None, None, None from scapy.layers.inet import IP from scapy.layers.inet6 import IPv6 if self.ipv6: # AF_INET6 does not return the IPv6 header. Let's build it # (host, port, flowinfo, scopeid) host, _, flowinfo, _ = address header = raw(IPv6(src=host, dst=self.host_ip6, fl=flowinfo, nh=self.proto, # fixed for AF_INET6 plen=len(data))) return IPv6, header + data, time.time() else: return IP, data, time.time()
Example #2
Source File: queso.py From CyberScan with GNU General Public License v3.0 | 7 votes |
def queso_sig(target, dport=80, timeout=3): p = queso_kdb.get_base() ret = [] for flags in ["S", "SA", "F", "FA", "SF", "P", "SEC"]: ans, unans = sr(IP(dst=target)/TCP(dport=dport,flags=flags,seq=RandInt()), timeout=timeout, verbose=0) if len(ans) == 0: rs = "- - - -" else: s,r = ans[0] rs = "%i" % (r.seq != 0) if not r.ack: r += " 0" elif r.ack-s.seq > 666: rs += " R" % 0 else: rs += " +%i" % (r.ack-s.seq) rs += " %X" % r.window rs += " %x" % r.payload.flags ret.append(rs) return ret
Example #3
Source File: Generator.py From ID2T with MIT License | 7 votes |
def generate_tcp_packet(ip_src: str = "192.168.64.32", ip_dst: str = "192.168.64.48", mac_src: str = "56:6D:D9:BC:70:1C", ttl: int = 64, mac_dst: str = "F4:2B:95:B3:0E:1A", port_src: int = 1337, port_dst: int = 6442, tcpflags: str = "S", payload: str = ""): """ Builds a TCP packet with the values specified by the caller. :param ip_src: the source IP address of the IP header :param ip_dst the destination IP address of the IP header :param mac_src: the source MAC address of the MAC header :param ttl: the ttl value of the packet :param mac_dst: the destination MAC address of the MAC header :param port_src: the source port of the TCP header :param port_dst: the destination port of the TCP header :param tcpflags: the TCP flags of the TCP header :param payload: the payload of the packet :return: the corresponding TCP packet """ ether = Ether(src=mac_src, dst=mac_dst) ip = IP(src=ip_src, dst=ip_dst, ttl=ttl) tcp = TCP(sport=port_src, dport=port_dst, flags=tcpflags) packet = ether / ip / tcp / Raw(load=payload) return packet
Example #4
Source File: dhcp.py From CVE-2016-6366 with MIT License | 6 votes |
def make_reply(self, req): mac = req.src if type(self.pool) is list: if not self.leases.has_key(mac): self.leases[mac] = self.pool.pop() ip = self.leases[mac] else: ip = self.pool repb = req.getlayer(BOOTP).copy() repb.op="BOOTREPLY" repb.yiaddr = ip repb.siaddr = self.gw repb.ciaddr = self.gw repb.giaddr = self.gw del(repb.payload) rep=Ether(dst=mac)/IP(dst=ip)/UDP(sport=req.dport,dport=req.sport)/repb return rep
Example #5
Source File: dhcpcap.py From dhcpcanon with MIT License | 6 votes |
def handle_ack(self, pkt, time_sent_request): """.""" logger.debug("Handling ACK.") logger.debug('Modifying obj DHCPCAP, setting server data.') self.server_mac = pkt[Ether].src self.server_ip = pkt[IP].src self.server_port = pkt[UDP].sport event = DHCP_EVENTS['IP_ACQUIRE'] # FIXME:0 check the fields match the previously offered ones? # FIXME:50 create a new object also on renewing/rebinding # or only set_times? lease = self.handle_offer_ack(pkt, time_sent_request) lease.set_times(time_sent_request) if self.lease is not None: if (self.lease.address != lease.address or self.lease.subnet_mask != lease.subnet_mask or self.lease.router != lease.router): event = DHCP_EVENTS['IP_CHANGE'] else: event = DHCP_EVENTS['RENEW'] logger.debug('Modifying obj DHCPCAP, setting lease, client ip, event.') self.lease = lease self.client_ip = self.lease.address self.event = event return event
Example #6
Source File: dhcp.py From CyberScan with GNU General Public License v3.0 | 6 votes |
def make_reply(self, req): mac = req.src if type(self.pool) is list: if not self.leases.has_key(mac): self.leases[mac] = self.pool.pop() ip = self.leases[mac] else: ip = self.pool repb = req.getlayer(BOOTP).copy() repb.op="BOOTREPLY" repb.yiaddr = ip repb.siaddr = self.gw repb.ciaddr = self.gw repb.giaddr = self.gw del(repb.payload) rep=Ether(dst=mac)/IP(dst=ip)/UDP(sport=req.dport,dport=req.sport)/repb return rep
Example #7
Source File: tint.py From scapy-fakeap with GNU General Public License v2.0 | 6 votes |
def __init__(self, ap, name="fakeap"): threading.Thread.__init__(self) if len(name) > IFNAMSIZ: raise Exception("Tun interface name cannot be larger than " + str(IFNAMSIZ)) self.name = name self.setDaemon(True) self.ap = ap # Virtual interface self.fd = open('/dev/net/tun', 'r+b') ifr_flags = IFF_TUN | IFF_NO_PI # Tun device without packet information ifreq = struct.pack('16sH', name, ifr_flags) fcntl.ioctl(self.fd, TUNSETIFF, ifreq) # Syscall to create interface # Assign IP and bring interface up set_ip_address(name, self.ap.ip) print("Created TUN interface %s at %s. Bind it to your services if needed." % (name, self.ap.ip))
Example #8
Source File: voip.py From smod-1 with GNU General Public License v2.0 | 6 votes |
def voip_play1(s1,list=None,**kargs): dsp,rd = os.popen2("sox -t .ul - -t ossdsp /dev/dsp") def play(pkt): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: dsp.write(pkt.getlayer(conf.raw_layer).load[12:]) try: if list is None: sniff(store=0, prn=play, **kargs) else: for p in list: play(p) finally: dsp.close() rd.close()
Example #9
Source File: voip.py From smod-1 with GNU General Public License v2.0 | 6 votes |
def voip_play2(s1,**kargs): dsp,rd = os.popen2("sox -t .ul -c 2 - -t ossdsp /dev/dsp") def play(pkt,last=[]): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: if not last: last.append(pkt) return load=last.pop() x1 = load.load[12:] # c1.write(load.load[12:]) if load.getlayer(IP).src == ip.src: x2 = "" # c2.write("\x00"*len(load.load[12:])) last.append(pkt) else: x2 = pkt.load[:12] # c2.write(pkt.load[12:]) dsp.write(merge(x1,x2)) sniff(store=0, prn=play, **kargs)
Example #10
Source File: queso.py From smod-1 with GNU General Public License v2.0 | 6 votes |
def queso_sig(target, dport=80, timeout=3): p = queso_kdb.get_base() ret = [] for flags in ["S", "SA", "F", "FA", "SF", "P", "SEC"]: ans, unans = sr(IP(dst=target)/TCP(dport=dport,flags=flags,seq=RandInt()), timeout=timeout, verbose=0) if len(ans) == 0: rs = "- - - -" else: s,r = ans[0] rs = "%i" % (r.seq != 0) if not r.ack: r += " 0" elif r.ack-s.seq > 666: rs += " R" % 0 else: rs += " +%i" % (r.ack-s.seq) rs += " %X" % r.window rs += " %x" % r.payload.flags ret.append(rs) return ret
Example #11
Source File: dns.py From smod-1 with GNU General Public License v2.0 | 6 votes |
def dyndns_add(nameserver, name, rdata, type="A", ttl=10): """Send a DNS add message to a nameserver for "name" to have a new "rdata" dyndns_add(nameserver, name, rdata, type="A", ttl=10) -> result code (0=ok) example: dyndns_add("ns1.toto.com", "dyn.toto.com", "127.0.0.1") RFC2136 """ zone = name[name.find(".")+1:] r=sr1(IP(dst=nameserver)/UDP()/DNS(opcode=5, qd=[DNSQR(qname=zone, qtype="SOA")], ns=[DNSRR(rrname=name, type="A", ttl=ttl, rdata=rdata)]), verbose=0, timeout=5) if r and r.haslayer(DNS): return r.getlayer(DNS).rcode else: return -1
Example #12
Source File: dhcp.py From smod-1 with GNU General Public License v2.0 | 6 votes |
def make_reply(self, req): mac = req.src if type(self.pool) is list: if not self.leases.has_key(mac): self.leases[mac] = self.pool.pop() ip = self.leases[mac] else: ip = self.pool repb = req.getlayer(BOOTP).copy() repb.op="BOOTREPLY" repb.yiaddr = ip repb.siaddr = self.gw repb.ciaddr = self.gw repb.giaddr = self.gw del(repb.payload) rep=Ether(dst=mac)/IP(dst=ip)/UDP(sport=req.dport,dport=req.sport)/repb return rep
Example #13
Source File: voip.py From CVE-2016-6366 with MIT License | 6 votes |
def voip_play1(s1,list=None,**kargs): dsp,rd = os.popen2("sox -t .ul - -t ossdsp /dev/dsp") def play(pkt): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: dsp.write(pkt.getlayer(Raw).load[12:]) try: if list is None: sniff(store=0, prn=play, **kargs) else: for p in list: play(p) finally: dsp.close() rd.close()
Example #14
Source File: voip.py From CVE-2016-6366 with MIT License | 6 votes |
def voip_play2(s1,**kargs): dsp,rd = os.popen2("sox -t .ul -c 2 - -t ossdsp /dev/dsp") def play(pkt,last=[]): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: if not last: last.append(pkt) return load=last.pop() x1 = load.load[12:] # c1.write(load.load[12:]) if load.getlayer(IP).src == ip.src: x2 = "" # c2.write("\x00"*len(load.load[12:])) last.append(pkt) else: x2 = pkt.load[:12] # c2.write(pkt.load[12:]) dsp.write(merge(x1,x2)) sniff(store=0, prn=play, **kargs)
Example #15
Source File: queso.py From CVE-2016-6366 with MIT License | 6 votes |
def queso_sig(target, dport=80, timeout=3): p = queso_kdb.get_base() ret = [] for flags in ["S", "SA", "F", "FA", "SF", "P", "SEC"]: ans, unans = sr(IP(dst=target)/TCP(dport=dport,flags=flags,seq=RandInt()), timeout=timeout, verbose=0) if len(ans) == 0: rs = "- - - -" else: s,r = ans[0] rs = "%i" % (r.seq != 0) if not r.ack: r += " 0" elif r.ack-s.seq > 666: rs += " R" % 0 else: rs += " +%i" % (r.ack-s.seq) rs += " %X" % r.window rs += " %x" % r.payload.flags ret.append(rs) return ret
Example #16
Source File: voip.py From CyberScan with GNU General Public License v3.0 | 6 votes |
def voip_play1(s1,list=None,**kargs): dsp,rd = os.popen2("sox -t .ul - -t ossdsp /dev/dsp") def play(pkt): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: dsp.write(pkt.getlayer(Raw).load[12:]) try: if list is None: sniff(store=0, prn=play, **kargs) else: for p in list: play(p) finally: dsp.close() rd.close()
Example #17
Source File: mptcp_scanner.py From mptcp-abuse with GNU General Public License v2.0 | 6 votes |
def makeMPCapableSyn(sourceAddr,dport,dstAddr, sport=None, initTCPSeq=None, \ sendKey=None): if sport is None: sport = randintb(16) if initTCPSeq is None: initTCPSeq = randintb(32) if sendKey is None: sendKey = randintb(32) #TODO: make more elegant type handling for IPADDR dstAddr = str(dstAddr) pkt = (IP(version=4L,src=sourceAddr,dst=dstAddr)/ \ TCP(sport=sport,dport=dport,flags="S",seq=initTCPSeq, \ options=[TCPOption_MP(mptcp=MPTCP_CapableSYN( checksum_req=1, snd_key=sendKey))])) return pkt
Example #18
Source File: mptcp_scanner.py From mptcp-abuse with GNU General Public License v2.0 | 6 votes |
def makeJoinSyn(sourceAddr,dport,dstAddr, sport=None, initTCPSeq=None, \ mptcpAddrId=None,isBackupFlow=False, \ rcvToken=None,sendNonce=None): if sport is None: sport = randintb(16) if sendNonce is None: sendNonce = randintb(32) if initTCPSeq is None: initTCPSeq = randintb(32) if rcvToken is None: rcvToken = randintb(32) if sendNonce is None: sendNonce = randintb(32) if mptcpAddrId is None: mptcpAddrId = randintb(8) #TODO: make more elegant type handling for IPADDR dstAddr = str(dstAddr) pkt = (IP(version=4L,src=sourceAddr,dst=dstAddr)/ \ TCP(sport=sport,dport=dport,flags="S",seq=initTCPSeq, \ options=[TCPOption_MP(mptcp=MPTCP_JoinSYN( addr_id=mptcpAddrId, backup_flow=isBackupFlow, rcv_token=rcvToken, snd_nonce=sendNonce,))])) return pkt
Example #19
Source File: voip.py From mptcp-abuse with GNU General Public License v2.0 | 6 votes |
def voip_play2(s1,**kargs): dsp,rd = os.popen2("sox -t .ul -c 2 - -t ossdsp /dev/dsp") def play(pkt,last=[]): if not pkt: return if not pkt.haslayer(UDP): return ip=pkt.getlayer(IP) if s1 in [ip.src, ip.dst]: if not last: last.append(pkt) return load=last.pop() x1 = load.load[12:] # c1.write(load.load[12:]) if load.getlayer(IP).src == ip.src: x2 = "" # c2.write("\x00"*len(load.load[12:])) last.append(pkt) else: x2 = pkt.load[:12] # c2.write(pkt.load[12:]) dsp.write(merge(x1,x2)) sniff(store=0, prn=play, **kargs)
Example #20
Source File: queso.py From mptcp-abuse with GNU General Public License v2.0 | 6 votes |
def queso_sig(target, dport=80, timeout=3): p = queso_kdb.get_base() ret = [] for flags in ["S", "SA", "F", "FA", "SF", "P", "SEC"]: ans, unans = sr(IP(dst=target)/TCP(dport=dport,flags=flags,seq=RandInt()), timeout=timeout, verbose=0) if len(ans) == 0: rs = "- - - -" else: s,r = ans[0] rs = "%i" % (r.seq != 0) if not r.ack: r += " 0" elif r.ack-s.seq > 666: rs += " R" % 0 else: rs += " +%i" % (r.ack-s.seq) rs += " %X" % r.window rs += " %x" % r.payload.flags ret.append(rs) return ret
Example #21
Source File: dhcp.py From mptcp-abuse with GNU General Public License v2.0 | 6 votes |
def make_reply(self, req): mac = req.src if type(self.pool) is list: if not self.leases.has_key(mac): self.leases[mac] = self.pool.pop() ip = self.leases[mac] else: ip = self.pool repb = req.getlayer(BOOTP).copy() repb.op="BOOTREPLY" repb.yiaddr = ip repb.siaddr = self.gw repb.ciaddr = self.gw repb.giaddr = self.gw del(repb.payload) rep=Ether(dst=mac)/IP(dst=ip)/UDP(sport=req.dport,dport=req.sport)/repb return rep
Example #22
Source File: utils.py From scapy with GNU General Public License v2.0 | 6 votes |
def chexdump(x, dump=False): """Build a per byte hexadecimal representation Example: >>> chexdump(IP()) 0x45, 0x00, 0x00, 0x14, 0x00, 0x01, 0x00, 0x00, 0x40, 0x00, 0x7c, 0xe7, 0x7f, 0x00, 0x00, 0x01, 0x7f, 0x00, 0x00, 0x01 # noqa: E501 :param x: a Packet :param dump: print the view if False :return: a String only if dump=True """ x = bytes_encode(x) s = ", ".join("%#04x" % orb(x) for x in x) if dump: return s else: print(s)
Example #23
Source File: dns.py From scapy with GNU General Public License v2.0 | 6 votes |
def dyndns_add(nameserver, name, rdata, type="A", ttl=10): """Send a DNS add message to a nameserver for "name" to have a new "rdata" dyndns_add(nameserver, name, rdata, type="A", ttl=10) -> result code (0=ok) example: dyndns_add("ns1.toto.com", "dyn.toto.com", "127.0.0.1") RFC2136 """ zone = name[name.find(".") + 1:] r = sr1(IP(dst=nameserver) / UDP() / DNS(opcode=5, qd=[DNSQR(qname=zone, qtype="SOA")], # noqa: E501 ns=[DNSRR(rrname=name, type="A", ttl=ttl, rdata=rdata)]), verbose=0, timeout=5) if r and r.haslayer(DNS): return r.getlayer(DNS).rcode else: return -1
Example #24
Source File: dns.py From scapy with GNU General Public License v2.0 | 6 votes |
def dyndns_del(nameserver, name, type="ALL", ttl=10): """Send a DNS delete message to a nameserver for "name" dyndns_del(nameserver, name, type="ANY", ttl=10) -> result code (0=ok) example: dyndns_del("ns1.toto.com", "dyn.toto.com") RFC2136 """ zone = name[name.find(".") + 1:] r = sr1(IP(dst=nameserver) / UDP() / DNS(opcode=5, qd=[DNSQR(qname=zone, qtype="SOA")], # noqa: E501 ns=[DNSRR(rrname=name, type=type, rclass="ANY", ttl=0, rdata="")]), # noqa: E501 verbose=0, timeout=5) if r and r.haslayer(DNS): return r.getlayer(DNS).rcode else: return -1
Example #25
Source File: tftp.py From scapy with GNU General Public License v2.0 | 6 votes |
def BEGIN(self): self.data = [self.origdata[i * self.blocksize:(i + 1) * self.blocksize] for i in range(len(self.origdata) // self.blocksize + 1)] self.my_tid = self.sport or RandShort()._fix() bind_bottom_up(UDP, TFTP, dport=self.my_tid) self.server_tid = None self.l3 = IP(dst=self.server) / UDP(sport=self.my_tid, dport=self.port) / TFTP() # noqa: E501 self.last_packet = self.l3 / TFTP_WRQ(filename=self.filename, mode="octet") # noqa: E501 self.send(self.last_packet) self.res = "" self.awaiting = 0 raise self.WAITING_ACK() # WAITING_ACK
Example #26
Source File: tftp.py From scapy with GNU General Public License v2.0 | 6 votes |
def ack_WRQ(self, pkt): ip = pkt[IP] self.ip = ip.dst self.dst = ip.src self.filename = pkt[TFTP_WRQ].filename options = pkt.getlayer(TFTP_Options) self.l3 = IP(src=ip.dst, dst=ip.src) / UDP(sport=self.my_tid, dport=pkt.sport) / TFTP() # noqa: E501 if options is None: self.last_packet = self.l3 / TFTP_ACK(block=0) self.send(self.last_packet) else: opt = [x for x in options.options if x.oname.upper() == b"BLKSIZE"] if opt: self.blksize = int(opt[0].value) self.debug(2, "Negotiated new blksize at %i" % self.blksize) self.last_packet = self.l3 / TFTP_OACK() / TFTP_Options(options=opt) # noqa: E501 self.send(self.last_packet)
Example #27
Source File: dhcp.py From scapy with GNU General Public License v2.0 | 6 votes |
def make_reply(self, req): mac = req[Ether].src if isinstance(self.pool, list): if mac not in self.leases: self.leases[mac] = self.pool.pop() ip = self.leases[mac] else: ip = self.pool repb = req.getlayer(BOOTP).copy() repb.op = "BOOTREPLY" repb.yiaddr = ip repb.siaddr = self.gw repb.ciaddr = self.gw repb.giaddr = self.gw del(repb.payload) rep = Ether(dst=mac) / IP(dst=ip) / UDP(sport=req.dport, dport=req.sport) / repb # noqa: E501 return rep
Example #28
Source File: dhcp.py From mptcp-abuse with GNU General Public License v2.0 | 5 votes |
def print_reply(self, req, reply): print "Reply %s to %s" % (reply.getlayer(IP).dst,reply.dst)
Example #29
Source File: dhcp.py From mptcp-abuse with GNU General Public License v2.0 | 5 votes |
def dhcp_request(iface=None,**kargs): if conf.checkIPaddr != 0: warning("conf.checkIPaddr is not 0, I may not be able to match the answer") if iface is None: iface = conf.iface fam,hw = get_if_raw_hwaddr(iface) return srp1(Ether(dst="ff:ff:ff:ff:ff:ff")/IP(src="0.0.0.0",dst="255.255.255.255")/UDP(sport=68,dport=67) /BOOTP(chaddr=hw)/DHCP(options=[("message-type","discover"),"end"]),iface=iface,**kargs)
Example #30
Source File: MemcrashedSpooferAttack.py From ID2T with MIT License | 5 votes |
def init_param(self, param: str) -> bool: """ Initialize a parameter with its default values specified in this attack. :param param: parameter, which should be initialized :return: True if initialization was successful, False if not """ value = None # By default, the most used IP is the attacker if param == self.IP_SOURCE: value = self.statistics.get_most_used_ip_address() elif param == self.MAC_SOURCE: ip_src = self.get_param_value(self.IP_SOURCE) if ip_src is None: return False value = self.get_mac_address(ip_src) # Target (i.e. amplifier) is a random public IP elif param == self.IP_DESTINATION: value = self.generate_random_ipv4_address('A') elif param == self.MAC_DESTINATION: value = self.generate_random_mac_address() # IP of the victim which is supposed to get hit by the amplified attack elif param == self.IP_VICTIM: value = self.generate_random_ipv4_address('A') elif param == self.PACKETS_PER_SECOND: value = self.statistics.get_most_used_pps() elif param == self.ATTACK_DURATION: value = rnd.randint(5, 30) elif param == self.INJECT_AFTER_PACKET: value = rnd.randint(0, self.statistics.get_packet_count()) if value is None: return False return self.add_param_value(param, value)