Browse Source

debug server takes input to send packets back to genie

master
Beau Kujath 2 years ago
parent
commit
6c1261d994
  1. 98
      debugServer/sniffer.py

98
debugServer/sniffer.py

@ -8,6 +8,7 @@ import os
recv_count = 0 recv_count = 0
server_port = 50508
@ -17,18 +18,15 @@ class Sniffer(Thread):
super().__init__() super().__init__()
self.daemon = True self.daemon = True
self.vpn_addr = None
self.current_phase = 1
self.spoof_count = 0
self.spoof_port = 0
self.recv_count = 0 self.recv_count = 0
self.socket = None self.socket = None
self.iface = iface self.iface = iface
self.stop_sniffer = Event() self.stop_sniffer = Event()
self.debug_src = ""
self.debug_sport = 0
def run(self): def run(self):
self.socket = conf.L2listen( self.socket = conf.L2listen(
type=ETH_P_ALL, type=ETH_P_ALL,
@ -46,37 +44,10 @@ class Sniffer(Thread):
self.stop_sniffer.set() self.stop_sniffer.set()
super().join(timeout) super().join(timeout)
def get_vpn_addr(self):
return self.vpn_addr
def set_phase(self, phase):
self.current_phase = phase
def check_for_req(self, packet):
ip_layer = packet.getlayer(IP)
# for phase 1 (on ubuntu 19) we wanna look for a reset
# with source of private vpn address and dest of gateway
if self.current_phase == 1:
if "10." in ip_layer.src:
if ip_layer.src == self.vpn_addr:
print("multiple matches for: " + str(self.vpn_addr))
# could make the scan stop after this point but
# only takes a second or two to finish up
print("Victim private ip is: " + str(ip_layer.src))
self.vpn_addr = ip_layer.src
def handle_debug_packet(self, payload): def handle_debug_packet(self, payload):
some_packet = IP(bytes(payload)) some_packet = IP(bytes(payload))
print("some genie debug packet..")
print("genie debug packet..")
some_packet.show() some_packet.show()
@ -90,7 +61,7 @@ class Sniffer(Thread):
tcp_sport = packet[TCP].sport tcp_sport = packet[TCP].sport
tcp_dport = packet[TCP].dport tcp_dport = packet[TCP].dport
if tcp_dport == 50508:
if tcp_dport == server_port:
print("sniffed a debug packet..") print("sniffed a debug packet..")
#packet.show() #packet.show()
@ -98,11 +69,30 @@ class Sniffer(Thread):
some_payload = packet[TCP].payload some_payload = packet[TCP].payload
self.handle_debug_packet(some_payload) self.handle_debug_packet(some_payload)
self.debug_src = packet[IP].src
self.debug_sport = tcp_sport
self.recv_count += 1 self.recv_count += 1
if (tcp_sport != 2222 and tcp_dport != 2222) or (tcp_sport != 22 and tcp_dport != 22):
self.check_for_req(packet)
def send_debug_packet(sniffer):
debug_port = sniffer.debug_sport
debug_ip = sniffer.debug_src
if debug_port == 0 or debug_ip == '':
print("There was no debug source connection to send to")
return
print("sending debug packet to " + str(debug_ip) + ":" + str(debug_port))
packet = IP(dst=debug_ip) / TCP(dport=debug_port, sport=server_port, flags='R')
send(packet, iface="ens18")
print("sent debug packet: ")
packet.show()
def main(): def main():
@ -110,9 +100,37 @@ def main():
sniffer = Sniffer(iface='ens18') sniffer = Sniffer(iface='ens18')
print('starting sniffer..') print('starting sniffer..')
sniffer.start() sniffer.start()
time.sleep(3)
done = False
while not(done):
print("Enter action to take..")
print("1. Keep sniffing")
print("2. Send packet back")
print("3. Quit")
answer = input("Enter answer: ")
if answer == "1":
print("sleeping for sniffer..")
time.sleep(5)
elif answer == "2":
send_debug_packet(sniffer)
elif answer == "3":
print("ending the sniffer")
done = True
print("user answer was: " + str(answer))
print("\n")
time.sleep(1)
time.sleep(30)
print("\n\nFinished sniffing for debug packets")
if __name__ == '__main__': if __name__ == '__main__':

Loading…
Cancel
Save