Rooba
/
scapy
mirror of https://github.com/secdev/scapy.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- HSRP early support 

- Cisco CSSP Skinny early support
- added Little Endian IntEnumField
- added filter() method to PacketList
- some voip_play() work
- loop parameter value in send*() is used as the time to sleep between 2 loops
This commit is contained in:
pbi 2004-10-18 11:42:50 +00:00
parent 3f15346f81
commit 87b2bf7841
1 changed files with 246 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

253
scapy.py
View File

@ -21,6 +21,14 @@
#
# $Log: scapy.py,v $
# Revision 0.9.17.19 2004/10/18 13:42:50 pbi
# - HSRP early support
# - Cisco CSSP Skinny early support
# - added Little Endian IntEnumField
# - added filter() method to PacketList
# - some voip_play() work
# - loop parameter value in send*() is used as the time to sleep between 2 loops
#
# Revision 0.9.17.18 2004/09/21 21:45:20 pbi
# - added recv() method to PcapReader to emulate a SuperSocket
# - added "offline" parameter to sniff() to use sniff on pcap files
@ -479,7 +487,7 @@
from __future__ import generators
RCSID="$Id: scapy.py,v 0.9.17.18 2004/09/21 21:45:20 pbi Exp $"
RCSID="$Id: scapy.py,v 0.9.17.19 2004/10/18 13:42:50 pbi Exp $"
VERSION = RCSID.split()[2]+"beta"
@ -633,6 +641,7 @@ import socket, sys, getopt, string, struct, time, random, os, traceback
import cPickle, types, gzip, re
from select import select
from fcntl import ioctl
import fcntl
try:
import pcap
@ -1258,6 +1267,9 @@ class SndRcvAns:
return make_lined_table(self.res, *args, **kargs)
def make_tex_table(self, *args, **kargs):
return make_tex_table(self.res, *args, **kargs)
def filter(self, func):
return PacketList(filter(func,self.res),
name="filtered %s"%self.listname)
class PacketList:
res = []
@ -1289,6 +1301,9 @@ class PacketList:
def nsummary(self):
for i in range(len(self.res)):
print "%04i %s" % (i,self.res[i].summary())
def filter(self, func):
return PacketList(filter(func,self.res),
name="filtered %s"%self.listname)
@ -1718,6 +1733,10 @@ class IntEnumField(EnumField):
def __init__(self, name, default, enum):
EnumField.__init__(self, name, default, enum, "I")
class LEIntEnumField(EnumField):
def __init__(self, name, default, enum):
EnumField.__init__(self, name, default, enum, "@I")
class FlagsField(BitField):
def __init__(self, name, default, size, names):
@ -3173,6 +3192,26 @@ class PrismHeader(Packet):
]
class HSRP(Packet):
name = "HSRP"
fields_desc = [
ByteField("version", 0),
ByteEnumField("opcode", 0, { 0:"Hello"}),
ByteEnumField("state", 16, { 16:"Active"}),
ByteField("hellotime", 3),
ByteField("holdtime", 10),
ByteField("priority", 120),
ByteField("group", 1),
ByteField("reserved", 0),
StrFixedLenField("auth","cisco",8),
IPField("virtualIP","192.168.1.1") ]
class NTP(Packet):
# RFC 1769
name = "NTP"
@ -3373,9 +3412,157 @@ class IKETransform(Packet):
XIntField("durationl",0x00007080L),
]
# Cisco Skinny protocol
# shamelessly ripped from Ethereal dissector
skinny_messages = {
# Station -> Callmanager
0x0000: "KeepAliveMessage",
0x0001: "RegisterMessage",
0x0002: "IpPortMessage",
0x0003: "KeypadButtonMessage",
0x0004: "EnblocCallMessage",
0x0005: "StimulusMessage",
0x0006: "OffHookMessage",
0x0007: "OnHookMessage",
0x0008: "HookFlashMessage",
0x0009: "ForwardStatReqMessage",
0x000A: "SpeedDialStatReqMessage",
0x000B: "LineStatReqMessage",
0x000C: "ConfigStatReqMessage",
0x000D: "TimeDateReqMessage",
0x000E: "ButtonTemplateReqMessage",
0x000F: "VersionReqMessage",
0x0010: "CapabilitiesResMessage",
0x0011: "MediaPortListMessage",
0x0012: "ServerReqMessage",
0x0020: "AlarmMessage",
0x0021: "MulticastMediaReceptionAck",
0x0022: "OpenReceiveChannelAck",
0x0023: "ConnectionStatisticsRes",
0x0024: "OffHookWithCgpnMessage",
0x0025: "SoftKeySetReqMessage",
0x0026: "SoftKeyEventMessage",
0x0027: "UnregisterMessage",
0x0028: "SoftKeyTemplateReqMessage",
0x0029: "RegisterTokenReq",
0x002A: "MediaTransmissionFailure",
0x002B: "HeadsetStatusMessage",
0x002C: "MediaResourceNotification",
0x002D: "RegisterAvailableLinesMessage",
0x002E: "DeviceToUserDataMessage",
0x002F: "DeviceToUserDataResponseMessage",
0x0030: "UpdateCapabilitiesMessage",
0x0031: "OpenMultiMediaReceiveChannelAckMessage",
0x0032: "ClearConferenceMessage",
0x0033: "ServiceURLStatReqMessage",
0x0034: "FeatureStatReqMessage",
0x0035: "CreateConferenceResMessage",
0x0036: "DeleteConferenceResMessage",
0x0037: "ModifyConferenceResMessage",
0x0038: "AddParticipantResMessage",
0x0039: "AuditConferenceResMessage",
0x0040: "AuditParticipantResMessage",
0x0041: "DeviceToUserDataVersion1Message",
# Callmanager -> Station */
0x0081: "RegisterAckMessage",
0x0082: "StartToneMessage",
0x0083: "StopToneMessage",
0x0085: "SetRingerMessage",
0x0086: "SetLampMessage",
0x0087: "SetHkFDetectMessage",
0x0088: "SetSpeakerModeMessage",
0x0089: "SetMicroModeMessage",
0x008A: "StartMediaTransmission",
0x008B: "StopMediaTransmission",
0x008C: "StartMediaReception",
0x008D: "StopMediaReception",
0x008F: "CallInfoMessage",
0x0090: "ForwardStatMessage",
0x0091: "SpeedDialStatMessage",
0x0092: "LineStatMessage",
0x0093: "ConfigStatMessage",
0x0094: "DefineTimeDate",
0x0095: "StartSessionTransmission",
0x0096: "StopSessionTransmission",
0x0097: "ButtonTemplateMessage",
0x0098: "VersionMessage",
0x0099: "DisplayTextMessage",
0x009A: "ClearDisplay",
0x009B: "CapabilitiesReqMessage",
0x009C: "EnunciatorCommandMessage",
0x009D: "RegisterRejectMessage",
0x009E: "ServerResMessage",
0x009F: "Reset",
0x0100: "KeepAliveAckMessage",
0x0101: "StartMulticastMediaReception",
0x0102: "StartMulticastMediaTransmission",
0x0103: "StopMulticastMediaReception",
0x0104: "StopMulticastMediaTransmission",
0x0105: "OpenReceiveChannel",
0x0106: "CloseReceiveChannel",
0x0107: "ConnectionStatisticsReq",
0x0108: "SoftKeyTemplateResMessage",
0x0109: "SoftKeySetResMessage",
0x0110: "SelectSoftKeysMessage",
0x0111: "CallStateMessage",
0x0112: "DisplayPromptStatusMessage",
0x0113: "ClearPromptStatusMessage",
0x0114: "DisplayNotifyMessage",
0x0115: "ClearNotifyMessage",
0x0116: "ActivateCallPlaneMessage",
0x0117: "DeactivateCallPlaneMessage",
0x0118: "UnregisterAckMessage",
0x0119: "BackSpaceReqMessage",
0x011A: "RegisterTokenAck",
0x011B: "RegisterTokenReject",
0x0042: "DeviceToUserDataResponseVersion1Message",
0x011C: "StartMediaFailureDetection",
0x011D: "DialedNumberMessage",
0x011E: "UserToDeviceDataMessage",
0x011F: "FeatureStatMessage",
0x0120: "DisplayPriNotifyMessage",
0x0121: "ClearPriNotifyMessage",
0x0122: "StartAnnouncementMessage",
0x0123: "StopAnnouncementMessage",
0x0124: "AnnouncementFinishMessage",
0x0127: "NotifyDtmfToneMessage",
0x0128: "SendDtmfToneMessage",
0x0129: "SubscribeDtmfPayloadReqMessage",
0x012A: "SubscribeDtmfPayloadResMessage",
0x012B: "SubscribeDtmfPayloadErrMessage",
0x012C: "UnSubscribeDtmfPayloadReqMessage",
0x012D: "UnSubscribeDtmfPayloadResMessage",
0x012E: "UnSubscribeDtmfPayloadErrMessage",
0x012F: "ServiceURLStatMessage",
0x0130: "CallSelectStatMessage",
0x0131: "OpenMultiMediaChannelMessage",
0x0132: "StartMultiMediaTransmission",
0x0133: "StopMultiMediaTransmission",
0x0134: "MiscellaneousCommandMessage",
0x0135: "FlowControlCommandMessage",
0x0136: "CloseMultiMediaReceiveChannel",
0x0137: "CreateConferenceReqMessage",
0x0138: "DeleteConferenceReqMessage",
0x0139: "ModifyConferenceReqMessage",
0x013A: "AddParticipantReqMessage",
0x013B: "DropParticipantReqMessage",
0x013C: "AuditConferenceReqMessage",
0x013D: "AuditParticipantReqMessage",
0x013F: "UserToDeviceDataVersion1Message",
}
class Skinny(Packet):
name="Skinny"
fields_desc = [ LEIntField("len",0),
LEIntField("res",0),
LEIntEnumField("msg",0,skinny_messages) ]
@ -3424,6 +3611,7 @@ layer_bonds = [ ( Dot3, LLC, { } ),
( IP, UDP, { "proto" : socket.IPPROTO_UDP } ),
( UDP, DNS, { "dport" : 53 } ),
( UDP, ISAKMP, { "sport" : 500, "dport" : 500 } ),
( UDP, HSRP, { "sport" : 1985, "dport" : 1985} ),
( UDP, NTP, { "sport" : 123, "dport" : 123 } ),
( UDP, BOOTP, { "sport" : 68, "dport" : 67 } ),
( UDP, BOOTP, { "sport" : 67, "dport" : 68 } ),
@ -3452,6 +3640,8 @@ layer_bonds = [ ( Dot3, LLC, { } ),
( Dot11ProbeResp, Dot11Elt, {} ),
( Dot11Auth, Dot11Elt, {} ),
( Dot11Elt, Dot11Elt, {} ),
( TCP, Skinny, { "dport": 2000 } ),
( TCP, Skinny, { "sport": 2000 } ),
]
for l in layer_bonds:
@ -3962,6 +4152,7 @@ def __gen_send(s, x, inter=0, loop=0, verbose=None, *args, **kargs):
time.sleep(inter)
if not loop:
break
time.sleep(loop)
except KeyboardInterrupt:
pass
s.close()
@ -5263,12 +5454,60 @@ for am in AM_classes:
## Testing stuff ##
###################
ss
def voip_play(**kargs):
dsp,rd = os.popen2("sox -t .ul - -t ossdsp /dev/dsp")
def play(pkt, dsp=dsp):
dsp.write(pkt.load[12:])
def merge(x,y):
if len(x) > len(y):
y += "\x00"*(len(x)-len(y))
elif len(x) < len(y):
x += "\x00"*(len(y)-len(x))
m = ""
for i in range(len(x)/ss):
m += x[ss*i:ss*(i+1)]+y[ss*i:ss*(i+1)]
return m
# return "".join(map(str.__add__, x, y))
# FIFO="/tmp/conv1.%i.%%i" % os.getpid()
# FIFO1=FIFO % 1
# FIFO2=FIFO % 2
#
# os.mkfifo(FIFO1)
# os.mkfifo(FIFO2)
# os.system("strace -o /tmp/sss soxmix -t .ul %s -t .ul %s -t ossdsp /dev/dsp &" % (FIFO1,FIFO2))
#
# c1=open(FIFO1,"w", 4096)
# c2=open(FIFO2,"w", 4096)
# fcntl.fcntl(c1.fileno(),fcntl.F_SETFL, os.O_NONBLOCK)
# fcntl.fcntl(c2.fileno(),fcntl.F_SETFL, os.O_NONBLOCK)
def voip_play(s1,**kargs):
dsp,rd = os.popen2("sox -t .ul -c 2 - -t ossdsp /dev/dsp")
def play(pkt,last=[]):
if not pkt:
return
if not pkt.haslayer(UDP):
return
ip=pkt.getlayer(IP)
if s1 in [ip.src, ip.dst]:
if not last:
last.append(pkt)
return
load=last.pop()
x1 = load.load[12:]
# c1.write(load.load[12:])
if load.getlayer(IP).src == ip.src:
x2 = ""
# c2.write("\x00"*len(load.load[12:]))
last.append(pkt)
else:
x2 = pkt.load[:12]
# c2.write(pkt.load[12:])
dsp.write(merge(x1,x2))
sniff(store=0, prn=play, **kargs)
# os.unlink(FIFO1)
# os.unlink(FIFO2)
def IPID_count(lst, funcID=lambda x:x[1].id, funcpres=lambda x:x[1].summary()):