Python scapy.all.IPv6() Examples
The following are 26
code examples of scapy.all.IPv6().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.all
, or try the search function
.
.
Example #1
| Source File: tcpkiller.py From pina-colada with MIT License | 6 votes |
|
def callback(self, packet):
flags = packet.sprintf("%TCP.flags%")
proto = IP
if IPv6 in packet:
proto = IPv6
if flags == "A" and not self.ignore_packet(packet, proto):
src_mac = packet[Ether].src
dst_mac = packet[Ether].dst
src_ip = packet[proto].src
dst_ip = packet[proto].dst
src_port = packet[TCP].sport
dst_port = packet[TCP].dport
seq = packet[TCP].seq
ack = packet[TCP].ack
if self.verbose:
print("RST from %s:%s (%s) --> %s:%s (%s) w/ %s" % (src_ip, src_port, src_mac, dst_ip, dst_port, dst_mac, ack))
if self.noisy:
self.send(self.build_packet(src_mac, dst_mac, src_ip, dst_ip, src_port, dst_port, seq, proto))
self.send(self.build_packet(dst_mac, src_mac, dst_ip, src_ip, dst_port, src_port, ack, proto))
Example #2
| Source File: dnsmasploit.py From raw-packet with MIT License | 6 votes |
|
def dhcpv6_callback(pkt):
global dhcpv6_server_mac
global dhcpv6_server_ipv6_link
global dhcpv6_server_duid
if pkt.haslayer(DHCP6_Advertise) or pkt.haslayer(DHCP6_Reply):
if pkt[DHCP6OptServerId].duid is None:
return False
else:
dhcpv6_server_mac = pkt[Ether].src
dhcpv6_server_ipv6_link = pkt[IPv6].src
dhcpv6_server_duid = pkt[DHCP6OptServerId].duid
return True
else:
return False
Example #3
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 6 votes |
|
def parsepacket(p):
if DHCP6_Solicit in p:
target = get_target(p)
if should_spoof_dhcpv6(target.host):
send_dhcp_advertise(p[DHCP6_Solicit], p, target)
if DHCP6_Request in p:
target = get_target(p)
if p[DHCP6OptServerId].duid == config.selfduid and should_spoof_dhcpv6(target.host):
send_dhcp_reply(p[DHCP6_Request], p)
print('IPv6 address %s is now assigned to %s' % (p[DHCP6OptIA_NA].ianaopts[0].addr, pcdict[p.src]))
if DHCP6_Renew in p:
target = get_target(p)
if p[DHCP6OptServerId].duid == config.selfduid and should_spoof_dhcpv6(target.host):
send_dhcp_reply(p[DHCP6_Renew],p)
print('Renew reply sent to %s' % p[DHCP6OptIA_NA].ianaopts[0].addr)
if ARP in p:
arpp = p[ARP]
if arpp.op is 2:
#Arp is-at package, update internal arp table
arptable[arpp.hwsrc] = arpp.psrc
if DNS in p:
if p.dst == config.selfmac:
send_dns_reply(p)
Example #4
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 6 votes |
|
def send_dhcp_reply(p, basep):
resp = Ether(dst=basep.src)/IPv6(src=config.selfaddr, dst=basep[IPv6].src)/UDP(sport=547, dport=546) #base packet
resp /= DHCP6_Reply(trid=p.trid)
#resp /= DHCP6OptPref(prefval = 255)
resp /= DHCP6OptClientId(duid=p[DHCP6OptClientId].duid)
resp /= DHCP6OptServerId(duid=config.selfduid)
resp /= DHCP6OptDNSServers(dnsservers=[config.selfaddr])
if config.localdomain:
resp /= DHCP6OptDNSDomains(dnsdomains=[config.localdomain])
try:
opt = p[DHCP6OptIAAddress]
resp /= DHCP6OptIA_NA(ianaopts=[opt], T1=200, T2=250, iaid=p[DHCP6OptIA_NA].iaid)
sendp(resp, iface=config.default_if, verbose=False)
except IndexError:
# Some hosts don't send back this layer for some reason, ignore those
if config.debug or config.verbose:
print('Ignoring DHCPv6 packet from %s: Missing DHCP6OptIAAddress layer' % basep.src)
Example #5
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 6 votes |
|
def send_dhcp_advertise(p, basep, target):
global ipv6noaddrc
resp = Ether(dst=basep.src)/IPv6(src=config.selfaddr, dst=basep[IPv6].src)/UDP(sport=547, dport=546) #base packet
resp /= DHCP6_Advertise(trid=p.trid)
#resp /= DHCP6OptPref(prefval = 255)
resp /= DHCP6OptClientId(duid=p[DHCP6OptClientId].duid)
resp /= DHCP6OptServerId(duid=config.selfduid)
resp /= DHCP6OptDNSServers(dnsservers=[config.selfaddr])
if config.localdomain:
resp /= DHCP6OptDNSDomains(dnsdomains=[config.localdomain])
if target.ipv4 != '':
addr = config.ipv6prefix + target.ipv4.replace('.', ':')
else:
addr = config.ipv6prefix + '%d:%d' % (config.ipv6noaddr, config.ipv6noaddrc)
config.ipv6noaddrc += 1
opt = DHCP6OptIAAddress(preflft=300, validlft=300, addr=addr)
resp /= DHCP6OptIA_NA(ianaopts=[opt], T1=200, T2=250, iaid=p[DHCP6OptIA_NA].iaid)
sendp(resp, iface=config.default_if, verbose=False)
Example #6
| Source File: metric.py From transperf with Apache License 2.0 | 6 votes |
|
def visit_packet(self, time, packet):
if (IP not in packet and IPv6 not in packet) or TCP not in packet:
return
iph = packet[IP] if IP in packet else packet[IPv6]
tcph = packet[TCP]
if iph.src == self._rcv_ip:
return
port = tcph.sport
if port not in self._packet_size:
return
# TODO(arjunroy) IPv4 = total len, IPv6 = payload len. Is it important?
packet_len = packet.len if IP in packet else packet.plen
sizes = self._packet_size[port]
if packet_len in sizes:
sizes[packet_len] += 1
else:
sizes[packet_len] = 1
Example #7
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 5 votes |
|
def send_ra():
# Send a Router Advertisement with the "managed" and "other" flag set, which should cause clients to use DHCPv6 and ask us for addresses
p = Ether(dst='33:33:00:00:00:01')/IPv6(dst='ff02::1')/ICMPv6ND_RA(M=1, O=1)
sendp(p, iface=config.default_if, verbose=False)
# Whether packet capturing should stop
Example #8
| Source File: tcpkiller.py From pina-colada with MIT License | 5 votes |
|
def build_packet(self, src_mac, dst_mac, src_ip, dst_ip, src_port, dst_port, seq, proto):
eth = Ether(src=src_mac, dst=dst_mac, type=0x800)
if proto == IP:
ip = IP(src=src_ip, dst=dst_ip)
elif proto == IPv6:
ip = IPv6(src=src_ip, dst=dst_ip)
else:
return str(eth) #if unknown L2 protocol, send back dud ether packet
tcp = TCP(sport=src_port, dport=dst_port, seq=seq, flags="R")
return str(eth/ip/tcp)
Example #9
| Source File: cmd_nc.py From habu with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def which_source_for(ip):
try:
return IP(dst=ip).src
except Exception:
pass
return IPv6(dst=ip).src
Example #10
| Source File: gen.py From transperf with Apache License 2.0 | 5 votes |
|
def visit_packet(self, time, packet):
"""Generates the time sequence data.
See the outparser.Visitor interface.
"""
if (IP not in packet and IPv6 not in packet) or TCP not in packet:
return
iph = packet[IP] if IP in packet else packet[IPv6]
tcph = packet[TCP]
port = tcph.dport if iph.src == self._rcv_ip else tcph.sport
# Ignore unknown ports and reset packets.
if port not in self._ports or tcph.flags & 0x4:
return
# If it has been more than one millisecond since we
# have created the current row, dump the row.
prev_time = self._row[0]
if time - prev_time > 0.001:
self._dump_row()
# Store the time with the resolution of 1ms.
self._row[0] = int(time * 1000) / 1000.0
if iph.src == self._rcv_ip:
self._process_rcv(iph, tcph)
else:
self._process_snd(iph, tcph)
Example #11
| Source File: metric.py From transperf with Apache License 2.0 | 5 votes |
|
def visit_packet(self, time, packet):
if (IP not in packet and IPv6 not in packet) or TCP not in packet:
return
iph = packet[IP] if IP in packet else packet[IPv6]
tcph = packet[TCP]
if iph.src == self._rcv_ip:
self._ack(time, tcph)
Example #12
| Source File: metric.py From transperf with Apache License 2.0 | 5 votes |
|
def visit_packet(self, time, packet):
if (IP not in packet and IPv6 not in packet) or TCP not in packet:
return
iph = packet[IP] if IP in packet else packet[IPv6]
tcph = packet[TCP]
if iph.src == self._rcv_ip:
self._handle_rcv(time, tcph)
else:
self._handle_snd(time, tcph)
Example #13
| Source File: metric.py From transperf with Apache License 2.0 | 5 votes |
|
def visit_packet(self, time, packet):
"""Generate statistics for each port.
See the outparser.Visitor interface.
"""
if (IP not in packet and IPv6 not in packet) or TCP not in packet:
return
iph = packet[IP] if IP in packet else packet[IPv6]
tcph = packet[TCP]
if iph.src == self._rcv_ip:
return
port = tcph.sport
if port not in self._stats:
return
max_seq = self._max_seq[port]
if IP in packet:
data_len = iph.len - 4 * iph.ihl - 4 * tcph.dataofs
else:
if iph.nh != 6:
LOG.info('IPv6 pachet has extension headers, skipping.')
return
data_len = iph.plen - 4 * tcph.dataofs
next_seq = tcp.add_seq(tcph.seq, data_len - 1)
if max_seq == -1 or tcp.after(tcph.seq, max_seq):
self._max_seq[port] = next_seq
is_retx = 0
else:
is_retx = 1
tx, retx = self._stats[port]
self._stats[port] = (tx + data_len, retx + is_retx * data_len)
Example #14
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def ssdp_send_query(test_params, query):
"""Send SSDP query to normal and multicast address."""
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
if test_params.ip_version == 4:
sock.sendto(
query.encode(), (SSDP_MULTICAST_IPV4, test_params.dst_endpoint.port)
)
sent_time = test_params.report_sent_packet()
sock.settimeout(test_params.timeout_sec)
try:
while True:
data, addr = sock.recvfrom(INPUT_BUFFER_SIZE)
print_verbose(
test_params,
"Received response from {} - content:\n{}\n-----".format(
addr, data
),
)
if (
test_params.dst_endpoint.ip_addr,
test_params.dst_endpoint.port,
) == addr:
print_verbose(
test_params, "This is the response that we was waiting for!"
)
test_params.report_received_packet(sent_time)
return data
else:
print_verbose(
test_params, "Received response from another host (not target)!"
)
except socket.timeout:
print_verbose(test_params, "Received no response!")
elif test_params.ip_version == 6:
print ("IPv6 is not supported for SSDP")
return None
Example #15
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def get_local_ipv6_address():
"""Return IPv6 address of local node."""
sock = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)
sock.connect(("::1", 80))
local_ip = sock.getsockname()[0]
sock.close()
return local_ip
Example #16
| Source File: misc_thread.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def run(self):
"""Sends Multicast Listener Discovery Queries to all nodes on the network.
Received Multicast Listener Reports are processed by a SniffThread.
"""
while True:
send(IPv6(dst=self._MULTICAST_DEST, hlim=self._HOP_LIMIT) / IPv6ExtHdrHopByHop(options=RouterAlert()) / ICMPv6MLQuery(), iface=self.interface)
time.sleep(self._SLEEP)
Example #17
| Source File: misc_thread.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def run(self):
"""Sends ICMPv6 echo request packets marked with the data upribox to the
IPv6 all nodes multicast address.
Received echo replies are processed by a SniffThread.
"""
while True:
send(IPv6(dst=self._MULTICAST_DEST) / ICMPv6EchoRequest(data=self._DATA), iface=self.interface)
time.sleep(self._SLEEP)
Example #18
| Source File: daemon_process.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def _return_to_normal(self):
"""This method is called when the daemon is stopping.
Apate tells the clients the real gateway via neighbor advertisements.
"""
# spoof clients with nd advertisements
with self.sleeper:
# check if the impersonation of the DNS server is necessary
tgt = (self.ipv6.gateway, self.ipv6.dns_servers[0]) if util.is_spoof_dns(self.ipv6) else (self.ipv6.gateway,)
for source in tgt:
sendp(Ether(dst=ETHER_BROADCAST) / IPv6(src=source, dst=MulticastPingDiscoveryThread._MULTICAST_DEST) /
ICMPv6ND_NA(tgt=source, R=1, S=0, O=1) / ICMPv6NDOptDstLLAddr(lladdr=self.ipv6.gate_mac))
Example #19
| Source File: daemon_process.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def _return_to_normal(self):
"""This method is called when the daemon is stopping.
First, sends a GARP broadcast request to all clients to tell them the real gateway.
Then ARP replies for existing clients are sent to the gateway.
If IPv6 is enabled, Apate tells the clients the real gateway via neighbor advertisements.
"""
# spoof clients with GARP broadcast request
with self.sleeper:
sendp(
Ether(dst=ETHER_BROADCAST) / ARP(op=1, psrc=self.ipv4.gateway, pdst=self.ipv4.gateway, hwdst=ETHER_BROADCAST,
hwsrc=self.ipv4.gate_mac))
Example #20
| Source File: util.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def is_spoof_dns(ipv6):
"""Checks if it is necessary to additionally spoof the address of the DNS server.
The DNS server needs to be spoofed if it is on the own network and if it is not
the default gateway (this is already used for spoofing).
Args:
ipv6 (namedtuple): Contains various IPv6 information.
ipv6.dns_servers (list): List containing the IP addresses of DNS servers as String.
ipv6.network (netaddr.IPNetwork): IPNetwork object representing the IPv6 network.
ipv6.gateway (str): IPv6 address of the default gateway.
Results:
True if configured DNS server uses a global address and is on own network
or DNS server uses link-local address and is not also the gateway.
"""
return ipv6.dns_servers[0] in ipv6.network or (IPAddress(ipv6.dns_servers[0]).is_link_local()
and ipv6.dns_servers[0] != ipv6.gateway)
# class IPInfo(object):
#
# def __init__(self, ip, netmask, network, gateway, mac, gate_mac, dns_servers, redis):
# self.ip = ip
# self.netmask = netmask
# self.mac = mac
# self.network = network
# self.gateway = gateway
# self.gate_mac = gate_mac
# self.dns_servers = dns_servers
# self.redis = redis
Example #21
| Source File: util.py From upribox with GNU General Public License v3.0 | 5 votes |
|
def get_mac6(ip, interface):
"""Returns the according MAC address for the provided IPv6 address.
Args:
ip (str): IPv6 address used to get MAC address.
interface (str): Interface used to send neighbor solicitation.
Results:
According MAC address as string (11:22:33:44:55:66)
or None if no answer has been received.
"""
ans, unans = srp(Ether(dst=ETHER_BROADCAST) / IPv6(dst=ip) / ICMPv6ND_NS(tgt=ip), timeout=2, iface=interface, inter=0.1, verbose=0)
for snd, rcv in ans:
return rcv.sprintf(r"%Ether.src%")
Example #22
| Source File: cli.py From polymorph with GNU General Public License v2.0 | 5 votes |
|
def postcondition2(packet):
from scapy.all import IPv6
pkt = IPv6(packet.get_payload())
if pkt.haslayer('IPv6'):
del pkt['IPv6'].plen
if pkt.haslayer('TCP'):
del pkt['TCP'].chksum
if pkt.haslayer('ICMP'):
del pkt['ICMP'].chksum
pkt.show2()
packet.raw = bytes(pkt)
return packet
Example #23
| Source File: dnsmasploit.py From raw-packet with MIT License | 5 votes |
|
def get_dhcpv6_server_duid():
if dhcpv6_server_duid is None:
print(Base.c_info + 'Wait for receive DHCPv6 server DUID...')
tm.add_task(recv_dhcpv6_reply)
sleep(3)
send_dhcpv6_solicit()
sleep(10)
count_solicit_reqeusts = 0
while count_solicit_reqeusts < 2:
if dhcpv6_server_duid is None:
send_dhcpv6_solicit()
count_solicit_reqeusts += 1
sleep(5)
else:
break
if dhcpv6_server_duid is None:
print(Base.c_error + 'Can not get DHCPv6 server DUID!')
return False
else:
print(Base.c_success + 'DHCPv6 server MAC: ' + str(dhcpv6_server_mac))
print(Base.c_success + 'DHCPv6 server IPv6 link: ' + str(dhcpv6_server_ipv6_link))
print(Base.c_success + 'DHCPv6 server DUID: ' + str(dhcpv6_server_duid).encode('hex'))
return True
else:
return True
Example #24
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 4 votes |
|
def udp_sr1(test_params, udp_test, dtls_wrap=False):
"""Send UDP test message to server using UDP protocol and parses response."""
response = None
sent_time = test_params.report_sent_packet()
if not dtls_wrap:
if test_params.ip_version == 4:
udp_test_packet = IP() / UDP() / Raw(udp_test)
udp_test_packet[IP].src = test_params.src_endpoint.ip_addr
udp_test_packet[IP].dst = test_params.dst_endpoint.ip_addr
elif test_params.ip_version == 6:
udp_test_packet = IPv6() / UDP() / Raw(udp_test)
udp_test_packet[IPv6].src = test_params.src_endpoint.ipv6_addr
udp_test_packet[IPv6].dst = test_params.dst_endpoint.ip_addr
udp_test_packet[UDP].sport = test_params.src_endpoint.port
udp_test_packet[UDP].dport = test_params.dst_endpoint.port
del udp_test_packet[UDP].chksum
# if test_params.verbose:
# udp_test_packet.show()
if test_params.timeout_sec == 0:
test_params.timeout_sec = 0.0001
response = sr1(
udp_test_packet,
verbose=test_params.verbose,
timeout=test_params.timeout_sec,
retry=test_params.nr_retries,
)
if response:
print_verbose(
test_params, "Received response - size: {}".format(len(response))
)
test_params.report_received_packet(sent_time)
else:
# do_patch()
if test_params.ip_version == 4:
sock = ssl.wrap_socket(socket.socket(socket.AF_INET, socket.SOCK_DGRAM))
sock.connect(
(test_params.dst_endpoint.ip_addr, test_params.dst_endpoint.port)
)
sock.send(udp_test)
response = IP() / UDP() / Raw(sock.recv())
if response:
test_params.report_sent_packet(sent_time)
# sock.close()
return response
Example #25
| Source File: daemon_process.py From upribox with GNU General Public License v3.0 | 4 votes |
|
def run(self):
"""Starts multiple threads sends out packets to spoof
all existing clients on the network and the gateway. This packets are sent every __SLEEP seconds.
The existing clients (device entries) are read from the redis database.
Threads:
A SniffThread, which sniffs for incoming ARP packets and adds new devices to the redis db.
Several HostDiscoveryThread, which are searching for existing devices on the network.
A PubSubThread, which is listening for redis expiry messages.
Note:
First, ARP replies to spoof the gateway entry of existing clients arp cache are generated.
ARP relpies to spoof the entries of the gateway are generated next.
Unlike the holistic mode only packets for existing clients are generated.
"""
try:
for worker in self.threads:
self.threads[worker].start()
# check if the impersonation of the DNS server is necessary
tgt = (self.ipv6.gateway, self.ipv6.dns_servers[0]) if util.is_spoof_dns(self.ipv6) else (self.ipv6.gateway,)
while not self.exit.is_set():
packets = []
for source in tgt:
packets.extend([Ether(dst=dev[1]) / IPv6(src=source, dst=dev[0]) /
ICMPv6ND_NA(tgt=source, R=1, S=1, O=1) / ICMPv6NDOptDstLLAddr(lladdr=self.ipv6.mac)
for dev in self.ipv6.redis.get_devices_values(filter_values=True)])
sendp(packets)
try:
with self.sleeper:
self.sleeper.wait(timeout=self.__SLEEP)
except RuntimeError as e:
# this error is thrown by the with-statement when the thread is stopped
if len(e.args) > 0 and e.args[0] == "cannot release un-acquired lock":
return
else:
raise e
self._return_to_normal()
except Exception as e:
self.logger.error("Process IPv6")
self.logger.exception(e)
Example #26
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 4 votes |
|
def send_dns_reply(p):
if IPv6 in p:
ip = p[IPv6]
resp = Ether(dst=p.src, src=p.dst)/IPv6(dst=ip.src, src=ip.dst)/UDP(dport=ip.sport, sport=ip.dport)
else:
ip = p[IP]
resp = Ether(dst=p.src, src=p.dst)/IP(dst=ip.src, src=ip.dst)/UDP(dport=ip.sport, sport=ip.dport)
dns = p[DNS]
#only reply to IN, and to messages that dont contain answers
if dns.qd.qclass != 1 or dns.qr != 0:
return
#Make sure the requested name is in unicode here
reqname = dns.qd.qname.decode()
#A request
if dns.qd.qtype == 1:
rdata = config.selfipv4
#AAAA request
elif dns.qd.qtype == 28:
rdata = config.selfaddr
#PTR request
elif dns.qd.qtype == 12:
# To reply for PTR requests for our own hostname
# comment the return statement
return
if reqname == config.selfptr:
#We reply with attacker.domain
rdata = 'attacker.%s' % config.localdomain
else:
return
#Not handled
else:
return
if should_spoof_dns(reqname):
resp /= DNS(id=dns.id, qr=1, qd=dns.qd, an=DNSRR(rrname=dns.qd.qname, ttl=100, rdata=rdata, type=dns.qd.qtype))
try:
sendp(resp, iface=config.default_if, verbose=False)
except socket.error as e:
print('Error sending spoofed DNS')
print(e)
if config.debug:
ls(resp)
print('Sent spoofed reply for %s to %s' % (reqname, ip.src))
else:
if config.verbose or config.debug:
print('Ignored query for %s from %s' % (reqname, ip.src))
# Helper function to check whether any element in the list "matches" value
