forked from mariusv/Gray-Hacker-and-PenTesting
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Mari Wahl
committed
Dec 22, 2014
1 parent
b65ef8b
commit 4d4b0dc
Showing
9 changed files
with
318 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
import netaddr | ||
import socket | ||
|
||
subnet = '192.168.1.0/24' | ||
|
||
for ip in netaddr.IPNetwork(subnet): | ||
s = socket.socket() | ||
print ip | ||
s.connect((ip, 25)) | ||
# send email packets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
import netaddr | ||
|
||
ip = '192.168.1.114' | ||
if ip in netaddr.IPNetwork('192.168.1.0/24'): | ||
print('OK!') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
''' A class for the ICMP header''' | ||
|
||
import ctypes | ||
|
||
|
||
|
||
class ICMP(ctypes.Structure): | ||
|
||
_fields_ = [ | ||
('type', ctypes.c_ubyte), | ||
('code', ctypes.c_ubyte), | ||
('checksum', ctypes.c_ushort), | ||
('unused', ctypes.c_ushort), | ||
('next_hop_mtu',ctypes.c_ushort) | ||
] | ||
|
||
def __new__(self, socket_buffer): | ||
return self.from_buffer_copy(socket_buffer) | ||
|
||
def __init__(self, socket_buffer): | ||
pass | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
''' A class for the IP header''' | ||
|
||
import os | ||
import struct | ||
import socket | ||
import ctypes | ||
|
||
|
||
class IP(ctypes.Structure): | ||
_fields_ = [ | ||
('ihl', ctypes.c_ubyte, 4), | ||
('version', ctypes.c_ubyte, 4), | ||
('tos', ctypes.c_ubyte), | ||
('len', ctypes.c_ushort), | ||
('id', ctypes.c_ushort), | ||
('offset', ctypes.c_ushort), | ||
('ttl', ctypes.c_ubyte), | ||
('protocol_num',ctypes.c_ubyte), | ||
('sum', ctypes.c_ushort), | ||
('src', ctypes.c_ulong), | ||
('dst', ctypes.c_ulong) | ||
] | ||
|
||
def __new__(self, socket_buffer=None): | ||
return self.from_buffer_copy(socket_buffer) | ||
|
||
def __init__(self, socket_buffer=None): | ||
|
||
# map protocol constants to their names | ||
self.protocol_map = {1:'ICMP', 6:'TCP', 17:'UDP'} | ||
|
||
# human readable IP addresses | ||
self.src_address = socket.inet_ntoa(struct.pack('<L', self.src)) | ||
self.dst_address = socket.inet_ntoa(struct.pack('<L', self.dst)) | ||
|
||
# human readable protocol | ||
try: | ||
self.protocol = self.protocol_map[self.protocol_num] | ||
except: | ||
self.protocol = str(self.protocol_num) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
|
||
import socket | ||
import os | ||
import struct | ||
import ctypes | ||
from ICMPHeader import ICMP | ||
|
||
# host to listen on | ||
HOST = '192.168.1.114' | ||
|
||
|
||
def main(): | ||
socket_protocol = socket.IPPROTO_ICMP | ||
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) | ||
sniffer.bind(( HOST, 0 )) | ||
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) | ||
|
||
# continually read in packets and parse their information | ||
while 1: | ||
# read in a packet and pass the first 20 bytes to initialize the IP structure | ||
raw_buffer = sniffer.recvfrom(65565)[0] | ||
|
||
#take first 20 characters for the ip header | ||
ip_header = raw_buffer[0:20] | ||
|
||
#unpack them | ||
iph = struct.unpack('!BBHHHBBH4s4s' , ip_header) | ||
|
||
version_ihl = iph[0] | ||
version = version_ihl >> 4 | ||
ihl = version_ihl & 0xF | ||
iph_length = ihl * 4 | ||
ttl = iph[5] | ||
protocol = iph[6] | ||
s_addr = socket.inet_ntoa(iph[8]); | ||
d_addr = socket.inet_ntoa(iph[9]); | ||
|
||
print 'IP -> Version:' + str(version) + ', Header Length:' + str(ihl) + \ | ||
', TTL:' + str(ttl) + ', Protocol:' + str(protocol) + ', Source:'\ | ||
+ str(s_addr) + ', Destination:' + str(d_addr) | ||
|
||
# create our ICMP structure | ||
buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)] | ||
icmp_header = ICMP(buf) | ||
|
||
print "ICMP -> Type:%d, Code:%d" %(icmp_header.type, icmp_header.code) + '\n' | ||
|
||
|
||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
''' A Basic Sniffer''' | ||
|
||
import socket | ||
import os | ||
|
||
# DEFINE CONSTANTS | ||
# host to listen | ||
HOST = '192.168.1.114' | ||
|
||
|
||
def main(host): | ||
|
||
OS = os.name | ||
|
||
# create a raw socket, binding to the public interface | ||
# windows allow us to sniff all incoming packets regardless of protocol, | ||
# whereas Linux forces us to specify we are sniffing ICMP | ||
if OS == 'nt': | ||
socket_prot = socket.IPPROTO_IP | ||
sniffing(host, 1, socket_prot) | ||
|
||
else: | ||
socket_prot = socket.IPPROTO_ICMP | ||
sniffing(host, 0, socket_prot) | ||
|
||
|
||
|
||
def sniffing(host, win, socket_prot): | ||
while 1: | ||
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_prot) | ||
sniffer.bind((host,0)) | ||
|
||
# include the IP headers in the captured packets | ||
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) | ||
|
||
# if windows, it needs to send an IOCTL to set to promiscuous mode | ||
# we send IOCTL to the network card driver to enable it | ||
# promiscuous mode allows us to sniff all packets that the network card sees | ||
# even those not destined to the host | ||
if win == 1: | ||
sniffer.ioctl(socket.SIO_RCVALL, socket_RCVALL_ON) | ||
|
||
# read in a single packet | ||
print sniffer.recvfrom(65565) | ||
|
||
if win == 1: | ||
sniffer(host, 0, socket_prot) | ||
|
||
|
||
|
||
if __name__ == '__main__': | ||
main(HOST) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
import threading | ||
import time | ||
import socket | ||
import os | ||
import struct | ||
import ctypes | ||
from netaddr import IPNetwork, IPAddress | ||
from ICMPHeader import ICMP | ||
|
||
# host to listen on | ||
HOST = '192.168.1.114' | ||
|
||
|
||
# subnet to target (iterates through all IP address in this subnet) | ||
# our local network | ||
SUBNET = '192.168.1.0/24' | ||
|
||
# define string signature | ||
MESSAGE = 'hellooooo' | ||
|
||
# sprays out the udp datagram | ||
def udp_sender(SUBNET, MESSAGE): | ||
time.sleep(5) | ||
sender = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) | ||
|
||
for ip in IPNetwork(SUBNET): | ||
try: | ||
sender.sendto(MESSAGE, ("%s" % ip, 65212)) | ||
except: | ||
pass | ||
|
||
|
||
# start sending packets: separated threads to make sure that we are not interfering | ||
# with our ability to sniff responses | ||
t = threading.Thread(target=udp_sender, args=(SUBNET, MESSAGE)) | ||
t.start() | ||
|
||
|
||
def main(): | ||
socket_protocol = socket.IPPROTO_ICMP | ||
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) | ||
sniffer.bind(( HOST, 0 )) | ||
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) | ||
|
||
# continually read in packets and parse their information | ||
while 1: | ||
# read in a packet and pass the first 20 bytes to initialize the IP structure | ||
raw_buffer = sniffer.recvfrom(65565)[0] | ||
|
||
#take first 20 characters for the ip header | ||
ip_header = raw_buffer[0:20] | ||
|
||
#unpack them | ||
iph = struct.unpack('!BBHHHBBH4s4s' , ip_header) | ||
|
||
version_ihl = iph[0] | ||
ihl = version_ihl & 0xF | ||
iph_length = ihl * 4 | ||
src_addr = socket.inet_ntoa(iph[8]); | ||
|
||
# create our ICMP structure | ||
buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)] | ||
icmp_header = ICMP(buf) | ||
|
||
# check for the type 3 and code: first check to make sure that the ICMP | ||
# response is coming from within our target subenet | ||
if icmp_header.code == 3 and icmp_header.type == 3: | ||
# make sure host is in our target subnet | ||
if IPAddress(src_addr) in IPNetwork(SUBNET): | ||
# make sure it has magic message | ||
if raw_buffer[len(raw_buffer) - len(MESSAGE):] == MESSAGE: | ||
print("Host up: %s" % src_addr) | ||
|
||
|
||
if __name__ == '__main__': | ||
main() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
#!/usr/bin/env python | ||
|
||
__author__ = "bt3" | ||
|
||
import netaddr | ||
|
||
ip = '192.168.1.114' | ||
if ip in netaddr.IPNetwork('192.168.1.0/24'): | ||
print('OK!') |