Python scapy.all.UDP Examples
The following are 30
code examples of scapy.all.UDP().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
scapy.all
, or try the search function
.
.
Example #1
| Source File: test_pcap.py From beagle with MIT License | 8 votes |
|
def test_single_dns_resp_packet():
packets = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1"))
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 1
assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab"
assert events[0]["dst_mac"] == "12:12:12:12:12:12"
assert events[0]["src_ip"] == "127.0.0.1"
assert events[0]["dst_ip"] == "192.168.1.1"
assert events[0]["sport"] == 80
assert events[0]["dport"] == 53
assert events[0]["qname"] == "google.com."
assert events[0]["qanswer"] == "123.0.0.1"
assert events[0]["qtype"] == "A"
assert events[0]["event_type"] == "DNS"
Example #2
| Source File: test_pcap.py From beagle with MIT License | 8 votes |
|
def test_multiple_packets():
packets = [
# HTTP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"),
# DNS Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")),
# TCP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=80, dport=5355),
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 3
assert [e["event_type"] for e in events] == ["HTTPRequest", "DNS", "TCP"]
Example #3
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 6 votes |
|
def send_dhcp_reply(p, basep):
resp = Ether(dst=basep.src)/IPv6(src=config.selfaddr, dst=basep[IPv6].src)/UDP(sport=547, dport=546) #base packet
resp /= DHCP6_Reply(trid=p.trid)
#resp /= DHCP6OptPref(prefval = 255)
resp /= DHCP6OptClientId(duid=p[DHCP6OptClientId].duid)
resp /= DHCP6OptServerId(duid=config.selfduid)
resp /= DHCP6OptDNSServers(dnsservers=[config.selfaddr])
if config.localdomain:
resp /= DHCP6OptDNSDomains(dnsdomains=[config.localdomain])
try:
opt = p[DHCP6OptIAAddress]
resp /= DHCP6OptIA_NA(ianaopts=[opt], T1=200, T2=250, iaid=p[DHCP6OptIA_NA].iaid)
sendp(resp, iface=config.default_if, verbose=False)
except IndexError:
# Some hosts don't send back this layer for some reason, ignore those
if config.debug or config.verbose:
print('Ignoring DHCPv6 packet from %s: Missing DHCP6OptIAAddress layer' % basep.src)
Example #4
| Source File: mitm6.py From mitm6 with GNU General Public License v2.0 | 6 votes |
|
def send_dhcp_advertise(p, basep, target):
global ipv6noaddrc
resp = Ether(dst=basep.src)/IPv6(src=config.selfaddr, dst=basep[IPv6].src)/UDP(sport=547, dport=546) #base packet
resp /= DHCP6_Advertise(trid=p.trid)
#resp /= DHCP6OptPref(prefval = 255)
resp /= DHCP6OptClientId(duid=p[DHCP6OptClientId].duid)
resp /= DHCP6OptServerId(duid=config.selfduid)
resp /= DHCP6OptDNSServers(dnsservers=[config.selfaddr])
if config.localdomain:
resp /= DHCP6OptDNSDomains(dnsdomains=[config.localdomain])
if target.ipv4 != '':
addr = config.ipv6prefix + target.ipv4.replace('.', ':')
else:
addr = config.ipv6prefix + '%d:%d' % (config.ipv6noaddr, config.ipv6noaddrc)
config.ipv6noaddrc += 1
opt = DHCP6OptIAAddress(preflft=300, validlft=300, addr=addr)
resp /= DHCP6OptIA_NA(ianaopts=[opt], T1=200, T2=250, iaid=p[DHCP6OptIA_NA].iaid)
sendp(resp, iface=config.default_if, verbose=False)
Example #5
| Source File: test_amplifier_detector.py From cotopaxi with GNU General Public License v2.0 | 6 votes |
|
def test_reflector_sniffer_pos(self):
args = ["8.8.8.8", "-I", "0"]
options = amplifier_parse_args(args)
sniffer = ReflectorSniffer(options)
packet = IP() / UDP()
result = sniffer.filter_action(packet)
self.assertMultiLineEqual(
result,
"TARGET: 8.8.8.8 | TO TARGET packets: 0, bytes: 0 | FROM "
"TARGET packets: 0, bytes: 0 | AMPLIF FACTOR: 0.00%",
)
packet = IP(src="1.1.1.1", dst="8.8.8.8") / UDP(dport=1000, sport=2000)
result = sniffer.filter_action(packet)
self.assertIn("-100.00%", result)
self.assertIn(" 28 ", result)
packet = IP(src="8.8.8.8", dst="1.1.1.1") / UDP(dport=1000, sport=2000)
result = sniffer.filter_action(packet)
self.assertIn(" 28 ", result)
self.assertIn(" 0.00%", result)
Example #6
| Source File: dns_spoof.py From hacking_tools with MIT License | 6 votes |
|
def spoof_packet(packet):
options = get_arguments()
dns_packet = scapy.IP(packet.get_payload())
if dns_packet.haslayer(scapy.DNSRR):
qname = dns_packet[scapy.DNSQR].qname
if options.website in qname:
dns_responce = scapy.DNSRR(rrname=qname, rdata=options.ip)
dns_packet[scapy.DNS].an = dns_responce
dns_packet[scapy.DNS].ancount = 1
del dns_packet[scapy.IP].len
del dns_packet[scapy.IP].chksum
del dns_packet[scapy.UDP].len
del dns_packet[scapy.UDP].chksum
packet.set_payload(str(dns_packet))
packet.accept()
Example #7
| Source File: test_pcap.py From beagle with MIT License | 6 votes |
|
def test_single_udp_packet():
packets = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=5355)
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 1
assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab"
assert events[0]["dst_mac"] == "12:12:12:12:12:12"
assert events[0]["src_ip"] == "127.0.0.1"
assert events[0]["dst_ip"] == "192.168.1.1"
assert events[0]["sport"] == 80
assert events[0]["dport"] == 5355
assert events[0]["event_type"] == "UDP"
Example #8
| Source File: test_pcap.py From beagle with MIT License | 6 votes |
|
def test_single_dns_query_packet():
packets = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"))
]
events = list(packets_to_datasource_events(packets).events())
assert len(events) == 1
assert events[0]["src_mac"] == "ab:ab:ab:ab:ab:ab"
assert events[0]["dst_mac"] == "12:12:12:12:12:12"
assert events[0]["src_ip"] == "127.0.0.1"
assert events[0]["dst_ip"] == "192.168.1.1"
assert events[0]["sport"] == 80
assert events[0]["dport"] == 53
assert events[0]["qname"] == "google.com."
assert events[0]["qtype"] == "A"
assert events[0]["event_type"] == "DNS"
Example #9
| Source File: test_networkx.py From beagle with MIT License | 6 votes |
|
def test_from_datasources():
packets_1 = [
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com")
]
packets_2 = [
# HTTP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=12345, dport=80)
/ HTTP()
/ HTTPRequest(Method="GET", Path="/foo", Host="https://google.com"),
# DNS Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ UDP(sport=80, dport=53)
/ DNS(rd=1, qd=DNSQR(qtype="A", qname="google.com"), an=DNSRR(rdata="123.0.0.1")),
# TCP Packet
Ether(src="ab:ab:ab:ab:ab:ab", dst="12:12:12:12:12:12")
/ IP(src="127.0.0.1", dst="192.168.1.1")
/ TCP(sport=80, dport=5355),
]
nx = NetworkX.from_datasources(
[packets_to_datasource_events(packets) for packets in [packets_1, packets_2]]
)
# Make the graph
nx.graph()
assert not nx.is_empty()
Example #10
| Source File: cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 6 votes |
|
def sr1_file(test_params, test_filename, display_packet=False):
"""Read test message from given file, sends this message to server and parses response."""
with open(test_filename, "rb") as file_handle:
test_packet = file_handle.read()
if display_packet:
# print("Protocol: {}".format(proto_mapping(test_params.protocol)))
try:
if test_params.protocol in PROTOCOL_TESTERS:
out_packet = PROTOCOL_TESTERS[test_params.protocol].request_parser(
test_packet
)
out_packet.show()
print_verbose(test_params, 60 * "-")
except (TypeError, struct.error, RuntimeError, ValueError, Scapy_Exception):
pass
test_result = None
if test_params.protocol in [Protocol.SSDP]:
test_result = ssdp_send_query(test_params, test_packet)
elif test_params.protocol in protocols_using(UDP):
test_result = udp_sr1(test_params, test_packet)
elif test_params.protocol in protocols_using(TCP):
test_result = tcp_sr1(test_params, test_packet)
return test_result
Example #11
| Source File: ebcLib.py From SMBetray with GNU General Public License v3.0 | 6 votes |
|
def __init__(self, client_ip = "", server_ip = "", client_port = 0, server_port = 0, protocol = "TCP", interface = ""): self.client_ip = client_ip self.server_ip = server_ip self.client_port = client_port self.server_port = server_port self.protocol = protocol.lower() self.interface = interface # This returns just the source address & port in a string format # so that it can be hashed and tied back to the connectionManager. # The protocol, source address, and port are the only shared pieces of information # that both the MiTMModule socket and nfqueue intercept have access to, so # nfqueue hashes this info together and uses that hash as the key in the # connectionMnaager. Once the MiTMModule recieves the intercepted connection, # it will hash the proto/source ip/port to pull back the whole Connection # object from the connectionManager - and thus - have the destination ip and port # to then behave like a fully transparent TCP/UDP MiTM server.
Example #12
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 6 votes |
|
def proto_mapping_request(protocol):
"""Provide mapping of enum values to implementation classes."""
return {
Protocol.ALL: IP,
Protocol.UDP: UDP,
Protocol.TCP: TCP,
Protocol.CoAP: CoAP,
Protocol.mDNS: DNS,
Protocol.MQTT: MQTT,
Protocol.DTLS: DTLS,
Protocol.QUIC: UDP,
Protocol.RTSP: HTTPRequest,
Protocol.SSDP: HTTPRequest,
Protocol.HTCPCP: HTTPRequest,
Protocol.HTTP: HTTPRequest,
}[protocol]
Example #13
| Source File: quic_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def transport_protocol():
"""Provides Scapy class of transport protocol used by this tester (usually TCP or UDP)"""
return UDP
Example #14
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def get_random_high_port():
"""Return random value for private (ephemeral or high) TCP or UDP port."""
return random.randint(NET_MIN_HIGH_PORT, NET_MAX_PORT)
Example #15
| Source File: quic_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def protocol_full_name():
"""Provides full (not abbreviated) name of protocol"""
return "Quick UDP Internet Connections"
Example #16
| Source File: coap_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def coap_scrap_response(resp_packet):
"""Parse response packet and scraps CoAP response from stdout."""
parsed_response = ""
if resp_packet.haslayer(IP):
del resp_packet[IP].chksum
del resp_packet[IP].id
if resp_packet.haslayer(UDP):
del resp_packet[UDP].chksum
save_stdout, sys.stdout = sys.stdout, StringIO()
coap = CoAP(resp_packet[UDP].load)
coap.show()
sys.stdout, save_stdout = save_stdout, sys.stdout
parsed_response = save_stdout.getvalue()
return parsed_response
Example #17
| Source File: client_proto_fuzzer.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def udp_server(test_params, payloads):
"""Start UDP server used for testing clients."""
print (
"Starting UDP server on IP {} port {}".format(
test_params.src_endpoint.ip_addr, test_params.src_endpoint.port
)
)
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((test_params.src_endpoint.ip_addr, test_params.src_endpoint.port))
try:
for payload in payloads:
# print_verbose(test_params, "Next payload is: {}".format(payload.payload_file))
with open(payload.payload_file, "rb") as payload_file:
message = payload_file.read()
(_, addr) = sock.recvfrom(INPUT_BUFFER_SIZE)
test_params.test_stats.packets_received += 1
print_verbose(test_params, "Received packet from: {}".format(addr))
sock.sendto(message, addr)
test_params.test_stats.packets_sent += 1
if payload.name:
if payload.cve_id:
print (
"Payload for vulnerability {} / {} sent.".format(
payload.name, payload.cve_id
)
)
else:
print ("Payload for vulnerability {} sent.".format(payload.name))
else:
print ("Payload {} sent!".format(payload.payload_file))
print ("[.] Finished {} (all payloads sent).".format(test_params.test_name))
except KeyboardInterrupt:
print ("\nExiting...")
finally:
test_params.print_client_stats()
Example #18
| Source File: mqttsn_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def mqttsn_request(test_params, out_packet):
"""Send MQTT-SN request to broker and waiting for response."""
try:
for i in range(1 + test_params.nr_retries):
in_data = udp_sr1(test_params, str(out_packet))
if in_data is None:
continue
for response_packet in in_data:
if response_packet.haslayer(UDP):
response_hex = response_packet[UDP].load.encode("hex")
if response_hex == MQTTSN_GATEWAY_INFO:
print_verbose(
test_params,
"MQTT-SN ping {}: received Gateway Info".format(i + 1),
)
return True
# mqtt = MQTT(response_packet[UDP].load)
# mqtt.show()
# show_verbose(test_params, in_packet)
# if (
# in_packet[MQTT].type in CONTROL_PACKET_TYPE
# and CONTROL_PACKET_TYPE[in_packet[MQTT].type] == "CONNACK"
# ):
# print_verbose(
# test_params,
# "MQTT ping {}: in_packet[MQTTConnack].retcode: {}".format(
# i + 1, RETURN_CODE[in_packet[MQTTConnack].retcode]
# ),
# )
# return True
except struct.error as struct_error:
print_verbose(test_params, struct_error.message)
except (socket.timeout, socket.error) as error:
print_verbose(test_params, error)
return False
Example #19
| Source File: mqttsn_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def transport_protocol():
"""Provide Scapy class of transport protocol used by this tester (usually TCP or UDP)."""
return UDP
Example #20
| Source File: quic_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def transport_protocol():
"""Provide Scapy class of transport protocol used by this tester (usually TCP or UDP)."""
return UDP
Example #21
| Source File: 18_5_modify_ip_in_a_packet.py From Python-Network-Programming with MIT License | 5 votes |
|
def send_packet(protocol=None, src_ip=None, src_port=None, flags=None, dst_ip=None, dst_port=None, iface=None):
"""Modify and send an IP packet."""
if protocol == 'tcp':
packet = IP(src=src_ip, dst=dst_ip)/TCP(flags=flags, sport=src_port, dport=dst_port)
elif protocol == 'udp':
if flags: raise Exception(" Flags are not supported for udp")
packet = IP(src=src_ip, dst=dst_ip)/UDP(sport=src_port, dport=dst_port)
else:
raise Exception("Unknown protocol %s" % protocol)
send(packet, iface=iface)
Example #22
| Source File: cmd_dhcp_discover.py From habu with BSD 3-Clause "New" or "Revised" License | 5 votes |
|
def cmd_dhcp_discover(iface, timeout, verbose):
"""Send a DHCP request and show what devices has replied.
Note: Using '-v' you can see all the options (like DNS servers) included on the responses.
\b
# habu.dhcp_discover
Ether / IP / UDP 192.168.0.1:bootps > 192.168.0.5:bootpc / BOOTP / DHCP
"""
conf.verb = False
if iface:
iface = search_iface(iface)
if iface:
conf.iface = iface['name']
else:
logging.error('Interface {} not found. Use habu.interfaces to show valid network interfaces'.format(iface))
return False
conf.checkIPaddr = False
hw = get_if_raw_hwaddr(conf.iface)
ether = Ether(dst="ff:ff:ff:ff:ff:ff")
ip = IP(src="0.0.0.0",dst="255.255.255.255")
udp = UDP(sport=68,dport=67)
bootp = BOOTP(chaddr=hw)
dhcp = DHCP(options=[("message-type","discover"),"end"])
dhcp_discover = ether / ip / udp / bootp / dhcp
ans, unans = srp(dhcp_discover, multi=True, timeout=5) # Press CTRL-C after several seconds
for _, pkt in ans:
if verbose:
print(pkt.show())
else:
print(pkt.summary())
Example #23
| Source File: dns.py From kube-hunter with Apache License 2.0 | 5 votes |
|
def get_kube_dns_ip_mac(self):
config = get_config()
kubedns_svc_ip = self.extract_nameserver_ip()
# getting actual pod ip of kube-dns service, by comparing the src mac of a dns response and arp scanning.
dns_info_res = srp1(
Ether() / IP(dst=kubedns_svc_ip) / UDP(dport=53) / DNS(rd=1, qd=DNSQR()),
verbose=0,
timeout=config.network_timeout,
)
kubedns_pod_mac = dns_info_res.src
self_ip = dns_info_res[IP].dst
arp_responses, _ = srp(
Ether(dst="ff:ff:ff:ff:ff:ff") / ARP(op=1, pdst=f"{self_ip}/24"), timeout=config.network_timeout, verbose=0,
)
for _, response in arp_responses:
if response[Ether].src == kubedns_pod_mac:
return response[ARP].psrc, response.src
Example #24
| Source File: mdns_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def transport_protocol():
"""Provide Scapy class of transport protocol used by this tester (usually TCP or UDP)."""
return UDP
Example #25
| Source File: common_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def udp_sr1_file(test_params, test_filename):
"""Read UDP test message from given file, sends this message to server and parses response."""
with open(test_filename, "rb") as file_handle:
test_data = file_handle.read()
return udp_sr1(test_params, test_data)
Example #26
| Source File: ssdp_utils.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def transport_protocol():
"""Provide Scapy class of transport protocol used by this tester (usually TCP or UDP)."""
return UDP
Example #27
| Source File: cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def protocol_enabled(protocol, proto_mask):
"""Check whether protocol is enabled for test using given protocol mask."""
if proto_mask == Protocol.ALL:
return True
if proto_mask == protocol:
return True
if proto_mask == Protocol.TCP and protocol in protocols_using(Protocol.TCP):
return True
if proto_mask == Protocol.UDP and protocol in protocols_using(Protocol.UDP):
return True
return False
# Number of characters in line of separator
Example #28
| Source File: client_vuln_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def main(args):
"""Start client vulnerability testing based on command line parameters."""
bypass_list(args)
tester = CotopaxiClientTester("vulnerability testing")
selected_vulns = select_vulnerabilities(tester, args)
test_vulns = []
if selected_vulns == ["ALL"]:
for vuln_name in VULNS:
vuln = VULNS[vuln_name]
if vuln.protocol == tester.test_params.protocol:
vuln.payload_file = "cotopaxi/vulnerabilities/" + vuln.payload_file
test_vulns.append(vuln)
else:
for vuln_name in VULNS:
vuln = VULNS[vuln_name]
if vuln_name in selected_vulns:
vuln.payload_file = "cotopaxi/vulnerabilities/" + vuln.payload_file
test_vulns.append(vuln)
print ("Loaded {} vulnerabilities for test".format(len(test_vulns)))
if tester.test_params.protocol in protocols_using(UDP):
udp_server(tester.test_params, test_vulns)
elif tester.test_params.protocol in protocols_using(TCP):
tcp_server(tester.test_params, test_vulns)
else:
print (
"Protocol {} is not supported by this tool!".format(
tester.test_params.protocol
)
)
Example #29
| Source File: test_cotopaxi_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def test_protocols_using_pos(self):
udp_protos = protocols_using(UDP)
self.assertGreaterEqual(len(udp_protos), 4)
self.assertTrue(Protocol.CoAP in udp_protos)
self.assertTrue(Protocol.RTSP not in udp_protos)
for proto in udp_protos:
self.assertIsInstance(proto, Protocol)
tcp_protos = protocols_using(TCP)
self.assertGreaterEqual(len(tcp_protos), 4)
for proto in tcp_protos:
self.assertIsInstance(proto, Protocol)
self.assertTrue(Protocol.RTSP in tcp_protos)
self.assertTrue(Protocol.CoAP not in tcp_protos)
Example #30
| Source File: test_protocol_tester.py From cotopaxi with GNU General Public License v2.0 | 5 votes |
|
def test_tester_protocol_pos(self):
protocol = self.tester.transport_protocol()
self.assertTrue(protocol in [None, TCP, UDP])
