Skip to content

New features #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 24 commits into from
Jun 30, 2024
Merged

New features #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
d578ab8
feat: sniffer_ip_header_decode.py code
DhanushNehru Jun 21, 2024
594f7d0
feat: scanner_with_icmp.py
DhanushNehru Jun 21, 2024
fbb786d
feat: scanner.py scans network for active hosts
DhanushNehru Jun 21, 2024
ff1b225
A simple sniffer package
DhanushNehru Jun 25, 2024
9ff362b
Mail sniffer using BPF filters to drill down specific packets
DhanushNehru Jun 25, 2024
ca47316
'Youtube Playlist Info Scraper' added.
M786453 Jun 25, 2024
3f54aee
README.md of 'Youtube Playlist Info Scraper' updated
M786453 Jun 25, 2024
f84a12d
Code for ARP spoofing
DhanushNehru Jun 25, 2024
b2e9937
Merge pull request #242 from M786453/master
DhanushNehru Jun 25, 2024
3437b38
Create Rock Paper Scissors - New Version
Sam-mhd Jun 27, 2024
e8c69a2
Add files via upload
Sam-mhd Jun 27, 2024
7da4be3
Create README.txt
Aziz-Naidja Jun 27, 2024
7820e51
Delete Rock Paper Scissors -New/README.md
Aziz-Naidja Jun 27, 2024
40fb4a3
Create README.md
Aziz-Naidja Jun 27, 2024
2e8ca0a
Score Tracking
NicoIvander Jun 27, 2024
c2d142c
Rock, Paper, Scissors, Lizard, Spock: Customizable Rounds
Aziz-Naidja Jun 27, 2024
f58f567
Update README.md
Aziz-Naidja Jun 27, 2024
e3736f1
Update README.md
Aziz-Naidja Jun 27, 2024
6cdda9a
Update README.md
Aziz-Naidja Jun 27, 2024
6adfd09
Update README.md
Aziz-Naidja Jun 27, 2024
e967746
Initializing new project
NicoIvander Jun 28, 2024
fe8a562
arper setup
DhanushNehru Jun 28, 2024
6589c3a
improve play again confirmation logic
Jun 29, 2024
8e548c5
Merge branch 'DhanushNehru:master' into new_features
bbob122 Jun 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions Black Hat Python/chapter_03/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,35 @@ Open another terminal pick a host to ping.
ping google.com
```
Then you should see some garbled output

### sniffer_ip_header_decode.py

```bash
sudo sniffer_ip_header_decode.py
```
Open another terminal pick a host to ping.
```bash
ping google.com
```
We would be able to see only the response and only for the ICMP protocol

### sniffer_with_icmp.py

```bash
sudo python3 sniffer_with_icmp.py
```
Open another terminal pick a host to ping.
```bash
ping google.com
```

The output actually indicates that the ping (ICMP Echo) responses are being correctly received and decoded

### scanner.py

This code scans a specified subnet for active hosts by sending UDP datagrams and listening for ICMP "port unreachable" responses to identify which hosts are up. It prints the IP addresses of responsive hosts within the given subnet
```bash
sudo python3 scanner.py 192.168.1.0

# subnet to target: 192.168.1.0/24
```
149 changes: 149 additions & 0 deletions Black Hat Python/chapter_03/scanner.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,149 @@
import ipaddress
import os
import socket
import struct
import sys
import threading
import time

# Function to get subnet input from user
def get_subnet():
while True:
subnet = input("Enter the subnet to target (e.g., 192.168.1.0/24): ")
try:
# Validate the subnet input
ipaddress.ip_network(subnet)
return subnet
except ValueError:
print("Invalid subnet. Please try again.")

# Magic string we'll check ICMP responses for
MESSAGE = 'PYTHONRULES!'

# Class to handle IP headers
class IP:
def __init__(self, buff=None):
# Unpack the IP header fields from the buffer
header = struct.unpack('<BBHHHBBH4s4s', buff)
self.ver = header[0] >> 4
self.ihl = header[0] & 0xF
self.tos = header[1]
self.len = header[2]
self.id = header[3]
self.offset = header[4]
self.ttl = header[5]
self.protocol_num = header[6]
self.sum = header[7]
self.src = header[8]
self.dst = header[9]

# Convert binary IP addresses to human-readable format
self.src_address = ipaddress.ip_address(self.src)
self.dst_address = ipaddress.ip_address(self.dst)

# Map protocol constants to their names
self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"}
try:
self.protocol = self.protocol_map[self.protocol_num]
except KeyError:
print('No protocol for %s' % self.protocol_num)
self.protocol = str(self.protocol_num)

# Class to handle ICMP headers
class ICMP:
def __init__(self, buff):
# Unpack the ICMP header fields from the buffer
header = struct.unpack('<BBHHH', buff)
self.type = header[0]
self.code = header[1]
self.sum = header[2]
self.id = header[3]
self.seq = header[4]

# Function to send UDP datagrams with our magic message
def udp_sender(subnet):
with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as sender:
# Send datagrams to all hosts in the subnet
for ip in ipaddress.ip_network(subnet).hosts():
sender.sendto(bytes(MESSAGE, 'utf8'), (str(ip), 65212))

# Class to handle the scanning and sniffing process
class Scanner:
def __init__(self, host):
self.host = host
# Choose the correct protocol based on the OS
if os.name == 'nt':
socket_protocol = socket.IPPROTO_IP
else:
socket_protocol = socket.IPPROTO_ICMP

# Create a raw socket
self.socket = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
self.socket.bind((host, 0))
self.socket.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

# Enable promiscuous mode on Windows
if os.name == 'nt':
self.socket.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

def sniff(self, subnet):
# Set to keep track of hosts that are up
hosts_up = set([f'{str(self.host)} *'])
try:
while True:
# Read a packet
raw_buffer = self.socket.recvfrom(65535)[0]

# Create an IP header from the first 20 bytes
ip_header = IP(raw_buffer[0:20])

# If it's ICMP, we want it
if ip_header.protocol == "ICMP":
offset = ip_header.ihl * 4
buf = raw_buffer[offset:offset + 8]
icmp_header = ICMP(buf)

# Check for TYPE 3 and CODE 3
if icmp_header.code == 3 and icmp_header.type == 3:
# Ensure the response is in our target subnet
if ipaddress.ip_address(ip_header.src_address) in ipaddress.IPv4Network(subnet):
# Make sure it has our magic message
if raw_buffer[len(raw_buffer) - len(MESSAGE):] == bytes(MESSAGE, 'utf8'):
if str(ip_header.src_address) not in hosts_up:
hosts_up.add(str(ip_header.src_address))
print(f'Host Up: {ip_header.src_address}')
except KeyboardInterrupt:
# Disable promiscuous mode on Windows
if os.name == 'nt':
self.socket.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)

print('\nUser interrupted.')
if hosts_up:
print(f'\n\nSummary: Hosts up on {subnet}')
for host in sorted(hosts_up):
print(f'{host}')
print('')
sys.exit()

if __name__ == '__main__':
# Get the target subnet from the user
SUBNET = get_subnet()

# Determine the host to bind to
if len(sys.argv) == 2:
host = sys.argv[1]
else:
hostname = socket.gethostname()
host = socket.gethostbyname(hostname)

print("Using host:", host)

# Create a scanner instance
s = Scanner(host)

# Start the UDP sender in a separate thread
t = threading.Thread(target=udp_sender, args=(SUBNET,))
t.start()

# Start sniffing
s.sniff(SUBNET)
72 changes: 72 additions & 0 deletions Black Hat Python/chapter_03/sniffer_ip_header_decode.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
import ipaddress
import os
import socket
import struct
import sys

class IP:
def __init__(self, buff=None):
header = struct.unpack('<BBHHHBBH4s4s', buff)
self.ver = header[0] >> 4
self.ihl = header[0] & 0xF
self.tos = header[1]
self.len = header[2]
self.id = header[3]
self.offset = header[4]
self.ttl = header[5]
self.protocol_num = header[6]
self.sum = header[7]
self.src = header[8]
self.dst = header[9]

# human readable IP addresses
self.src_address = ipaddress.ip_address(self.src)
self.dst_address = ipaddress.ip_address(self.dst)

# map protocol constants to their names
self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"}
try:
self.protocol = self.protocol_map[self.protocol_num]
except Exception as e:
print('%s No protocol for %s' % (e, self.protocol_num))
self.protocol = str(self.protocol_num)

def sniff(host):
# should look familiar from previous example
if os.name == 'nt':
socket_protocol = socket.IPPROTO_IP
else:
socket_protocol = socket.IPPROTO_ICMP

sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
sniffer.bind((host, 0))
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

if os.name == 'nt':
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

try:
while True:
# read a packet
raw_buffer = sniffer.recvfrom(65535)[0]

# create an IP header from the first 20 bytes
ip_header = IP(raw_buffer[0:20])

# print the detected protocol and hosts
print('Protocol: %s %s -> %s' % (ip_header.protocol, ip_header.src_address, ip_header.dst_address))

except KeyboardInterrupt:
# if we're on Windows, turn off promiscuous mode
if os.name == 'nt':
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
sys.exit()

if __name__ == '__main__':
if len(sys.argv) == 2:
host = sys.argv[1]
else:
hostname = socket.gethostname()
host = socket.gethostbyname(hostname)
print("Using host:", host)
sniff(host)
104 changes: 104 additions & 0 deletions Black Hat Python/chapter_03/sniffer_with_icmp.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
import ipaddress
import os
import socket
import struct
import sys

# Define a class to represent the IP header of a packet
class IP:
def __init__(self, buff=None):
# Unpack the IP header fields from the buffer
header = struct.unpack('<BBHHHBBH4s4s', buff)
self.ver = header[0] >> 4
self.ihl = header[0] & 0xF
self.tos = header[1]
self.len = header[2]
self.id = header[3]
self.offset = header[4]
self.ttl = header[5]
self.protocol_num = header[6]
self.sum = header[7]
self.src = header[8]
self.dst = header[9]

# Convert source and destination IP addresses to human-readable format
self.src_address = ipaddress.ip_address(self.src)
self.dst_address = ipaddress.ip_address(self.dst)

# Map protocol numbers to protocol names
self.protocol_map = {1: "ICMP", 6: "TCP", 17: "UDP"}
try:
self.protocol = self.protocol_map[self.protocol_num]
except Exception as e:
print('%s No protocol for %s' % (e, self.protocol_num))
self.protocol = str(self.protocol_num)

# Define a class to represent the ICMP header of a packet
class ICMP:
def __init__(self, buff):
# Unpack the ICMP header fields from the buffer
header = struct.unpack('<BBHHH', buff)
self.type = header[0]
self.code = header[1]
self.sum = header[2]
self.id = header[3]
self.seq = header[4]

# Function to sniff packets on a specified host
def sniff(host):
# Determine the appropriate socket protocol
if os.name == 'nt':
socket_protocol = socket.IPPROTO_IP
else:
socket_protocol = socket.IPPROTO_ICMP

# Create a raw socket and bind it to the host
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
sniffer.bind((host, 0))
sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)

# If running on Windows, set the socket to promiscuous mode
if os.name == 'nt':
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)

try:
while True:
# Read a packet
raw_buffer = sniffer.recvfrom(65535)[0]

# Create an IP header from the first 20 bytes of the packet
ip_header = IP(raw_buffer[0:20])

# If the packet is ICMP, process and print its details
if ip_header.protocol == "ICMP":
print('Protocol: %s %s -> %s' % (
ip_header.protocol,
ip_header.src_address,
ip_header.dst_address))
print(f'Version: {ip_header.ver}')
print(f'Header Length: {ip_header.ihl} TTL: {ip_header.ttl}')

# Calculate the starting point of the ICMP packet
offset = ip_header.ihl * 4
buf = raw_buffer[offset:offset + 8]

# Create an ICMP header from the buffer
icmp_header = ICMP(buf)
print('ICMP -> Type: %s Code: %s\n' % (icmp_header.type, icmp_header.code))
except KeyboardInterrupt:
# If running on Windows, turn off promiscuous mode
if os.name == 'nt':
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_OFF)
sys.exit()

if __name__ == '__main__':
# If a host is specified in command-line arguments, use it
if len(sys.argv) == 2:
host = sys.argv[1]
else:
# Otherwise, get the local machine's IP address
hostname = socket.gethostname()
host = socket.gethostbyname(hostname)
print("Using host:", host)
# Start sniffing packets on the specified host
sniff(host)
22 changes: 22 additions & 0 deletions Black Hat Python/chapter_04/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
### mail_sniffer.py

- Install scapy package
```python
sudo pip3 install scapy
```
- A simple sniffer
```
sudo python3 mail_sniffer.py
```

### mail_sniffer_using_BPF_syntax.py
- If you are on a network where you know you're already on their internal network and you want to compromise some mail server accounts then you could do that by sniffing the network by running the below command
```
sudo python3 mail_sniffer_using_BPF_syntax.py
```

### arper.py
```
python3 arper_1.py <victim_ip> <gateway_ip> <interface>
python3 arper_2.py <victim_ip> <gateway_ip> <interface>
```
Loading