Home Explore Help
Sign In
SPIN
/
ID2T-toolkit
6
5
Fork 2
Files Issues 20 Pull Requests 0 Wiki
Browse Source

refactor imports in Attack/PortscanAttack.py

refactor whitspaces in Attack/PortscanAttack.py
deep refactoring Attack/PortscanAttack.py
Jens Keim 6 years ago
parent
408e6fab95
commit
8edab8b466
1 changed files with 91 additions and 87 deletions
Split View Show Diff Stats
  1. 91 87
      code/Attack/PortscanAttack.py

+ 91 - 87
code/Attack/PortscanAttack.py
View File 

@@ -1,25 +1,23 @@
 
 import csv
 
 import logging
 
-from random import shuffle, randint, choice
 
+import random as rnd
 
 
-from lea import Lea
 
-from scapy.layers.inet import IP, Ether, TCP
 
+import lea
 
+import scapy.layers.inet as inet
 
 
-from Attack import BaseAttack
 
-from Attack.AttackParameters import Parameter as Param
 
-from Attack.AttackParameters import ParameterTypes
 
+import Attack.AttackParameters as atkParam
 
+import Attack.BaseAttack as BaseAttack
 
 import ID2TLib.Utility as Util
 
 
 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
 
+
 
 # noinspection PyPep8
 
 
 
 class PortscanAttack(BaseAttack.BaseAttack):
 
-
 
     def __init__(self):
 
         """
 
         Creates a new instance of the PortscanAttack.
 
-
 
         """
 
         # Initialize attack
 
         super(PortscanAttack, self).__init__("Portscan Attack", "Injects a nmap 'regular scan'",
 
@@ -27,20 +25,20 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
 
         # Define allowed parameters and their type
 
         self.supported_params.update({
 
-            Param.IP_SOURCE: ParameterTypes.TYPE_IP_ADDRESS,
 
-            Param.IP_DESTINATION: ParameterTypes.TYPE_IP_ADDRESS,
 
-            Param.PORT_SOURCE: ParameterTypes.TYPE_PORT,
 
-            Param.PORT_DESTINATION: ParameterTypes.TYPE_PORT,
 
-            Param.PORT_OPEN: ParameterTypes.TYPE_PORT,
 
-            Param.MAC_SOURCE: ParameterTypes.TYPE_MAC_ADDRESS,
 
-            Param.MAC_DESTINATION: ParameterTypes.TYPE_MAC_ADDRESS,
 
-            Param.INJECT_AT_TIMESTAMP: ParameterTypes.TYPE_FLOAT,
 
-            Param.INJECT_AFTER_PACKET: ParameterTypes.TYPE_PACKET_POSITION,
 
-            Param.PORT_DEST_SHUFFLE: ParameterTypes.TYPE_BOOLEAN,
 
-            Param.PORT_DEST_ORDER_DESC: ParameterTypes.TYPE_BOOLEAN,
 
-            Param.IP_SOURCE_RANDOMIZE: ParameterTypes.TYPE_BOOLEAN,
 
-            Param.PACKETS_PER_SECOND: ParameterTypes.TYPE_FLOAT,
 
-            Param.PORT_SOURCE_RANDOMIZE: ParameterTypes.TYPE_BOOLEAN
 
+            atkParam.Parameter.IP_SOURCE: atkParam.ParameterTypes.TYPE_IP_ADDRESS,
 
+            atkParam.Parameter.IP_DESTINATION: atkParam.ParameterTypes.TYPE_IP_ADDRESS,
 
+            atkParam.Parameter.PORT_SOURCE: atkParam.ParameterTypes.TYPE_PORT,
 
+            atkParam.Parameter.PORT_DESTINATION: atkParam.ParameterTypes.TYPE_PORT,
 
+            atkParam.Parameter.PORT_OPEN: atkParam.ParameterTypes.TYPE_PORT,
 
+            atkParam.Parameter.MAC_SOURCE: atkParam.ParameterTypes.TYPE_MAC_ADDRESS,
 
+            atkParam.Parameter.MAC_DESTINATION: atkParam.ParameterTypes.TYPE_MAC_ADDRESS,
 
+            atkParam.Parameter.INJECT_AT_TIMESTAMP: atkParam.ParameterTypes.TYPE_FLOAT,
 
+            atkParam.Parameter.INJECT_AFTER_PACKET: atkParam.ParameterTypes.TYPE_PACKET_POSITION,
 
+            atkParam.Parameter.PORT_DEST_SHUFFLE: atkParam.ParameterTypes.TYPE_BOOLEAN,
 
+            atkParam.Parameter.PORT_DEST_ORDER_DESC: atkParam.ParameterTypes.TYPE_BOOLEAN,
 
+            atkParam.Parameter.IP_SOURCE_RANDOMIZE: atkParam.ParameterTypes.TYPE_BOOLEAN,
 
+            atkParam.Parameter.PACKETS_PER_SECOND: atkParam.ParameterTypes.TYPE_FLOAT,
 
+            atkParam.Parameter.PORT_SOURCE_RANDOMIZE: atkParam.ParameterTypes.TYPE_BOOLEAN
 
         })
 
 
     def init_params(self):
 
@@ -48,39 +46,38 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
         Initialize the parameters of this attack using the user supplied command line parameters.
 
         Use the provided statistics to calculate default parameters and to process user
 
         supplied queries.
 
-
 
-        :param statistics: Reference to a statistics object.
 
         """
 
         # PARAMETERS: initialize with default values
 
         # (values are overwritten if user specifies them)
 
         most_used_ip_address = self.statistics.get_most_used_ip_address()
 
 
-        self.add_param_value(Param.IP_SOURCE, most_used_ip_address)
 
-        self.add_param_value(Param.IP_SOURCE_RANDOMIZE, 'False')
 
-        self.add_param_value(Param.MAC_SOURCE, self.statistics.get_mac_address(most_used_ip_address))
 
+        self.add_param_value(atkParam.Parameter.IP_SOURCE, most_used_ip_address)
 
+        self.add_param_value(atkParam.Parameter.IP_SOURCE_RANDOMIZE, 'False')
 
+        self.add_param_value(atkParam.Parameter.MAC_SOURCE, self.statistics.get_mac_address(most_used_ip_address))
 
 
         random_ip_address = self.statistics.get_random_ip_address()
 
         # ip-dst should be valid and not equal to ip.src
 
-        while not self.is_valid_ip_address(random_ip_address) or random_ip_address==most_used_ip_address:
 
+        while not self.is_valid_ip_address(random_ip_address) or random_ip_address == most_used_ip_address:
 
             random_ip_address = self.statistics.get_random_ip_address()
 
 
-        self.add_param_value(Param.IP_DESTINATION, random_ip_address)
 
+        self.add_param_value(atkParam.Parameter.IP_DESTINATION, random_ip_address)
 
         destination_mac = self.statistics.get_mac_address(random_ip_address)
 
         if isinstance(destination_mac, list) and len(destination_mac) == 0:
 
             destination_mac = self.generate_random_mac_address()
 
-        self.add_param_value(Param.MAC_DESTINATION, destination_mac)
 
-        self.add_param_value(Param.PORT_DESTINATION, self.get_ports_from_nmap_service_dst(1000))
 
-        self.add_param_value(Param.PORT_OPEN, '1')
 
-        self.add_param_value(Param.PORT_DEST_SHUFFLE, 'False')
 
-        self.add_param_value(Param.PORT_DEST_ORDER_DESC, 'False')
 
-        self.add_param_value(Param.PORT_SOURCE, randint(1024, 65535))
 
-        self.add_param_value(Param.PORT_SOURCE_RANDOMIZE, 'False')
 
-        self.add_param_value(Param.PACKETS_PER_SECOND,
 
+        self.add_param_value(atkParam.Parameter.MAC_DESTINATION, destination_mac)
 
+        self.add_param_value(atkParam.Parameter.PORT_DESTINATION, self.get_ports_from_nmap_service_dst(1000))
 
+        self.add_param_value(atkParam.Parameter.PORT_OPEN, '1')
 
+        self.add_param_value(atkParam.Parameter.PORT_DEST_SHUFFLE, 'False')
 
+        self.add_param_value(atkParam.Parameter.PORT_DEST_ORDER_DESC, 'False')
 
+        self.add_param_value(atkParam.Parameter.PORT_SOURCE, rnd.randint(1024, 65535))
 
+        self.add_param_value(atkParam.Parameter.PORT_SOURCE_RANDOMIZE, 'False')
 
+        self.add_param_value(atkParam.Parameter.PACKETS_PER_SECOND,
 
                              (self.statistics.get_pps_sent(most_used_ip_address) +
 
                               self.statistics.get_pps_received(most_used_ip_address)) / 2)
 
-        self.add_param_value(Param.INJECT_AFTER_PACKET, randint(0, self.statistics.get_packet_count()))
 
+        self.add_param_value(atkParam.Parameter.INJECT_AFTER_PACKET, rnd.randint(0, self.statistics.get_packet_count()))
 
 
-    def get_ports_from_nmap_service_dst(self, ports_num):
 
+    @staticmethod
 
+    def get_ports_from_nmap_service_dst(ports_num):
 
         """
 
         Read the most ports_num frequently open ports from nmap-service-tcp file to be used in the port scan.
 
 
@@ -95,50 +92,52 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
             # save ports numbers
 
             ports_dst.append(next(spamreader)[0])
 
         file.close()
 
-        # shuffle ports numbers partially
 
-        if (ports_num == 1000):  # used for port.dst
 
+        # rnd.shuffle ports numbers partially
 
+        if ports_num == 1000:  # used for port.dst
 
+            # FIXME: cleanup
 
             temp_array = [[0 for i in range(10)] for i in range(100)]
 
             port_dst_shuffled = []
 
             for count in range(0, 10):
 
                 temp_array[count] = ports_dst[count * 100:(count + 1) * 100]
 
-                shuffle(temp_array[count])
 
+                rnd.shuffle(temp_array[count])
 
                 port_dst_shuffled += temp_array[count]
 
         else:  # used for port.open
 
-            shuffle(ports_dst)
 
+            rnd.shuffle(ports_dst)
 
             port_dst_shuffled = ports_dst
 
         return port_dst_shuffled
 
 
     def generate_attack_packets(self):
 
-        mac_source = self.get_param_value(Param.MAC_SOURCE)
 
-        mac_destination = self.get_param_value(Param.MAC_DESTINATION)
 
-        pps = self.get_param_value(Param.PACKETS_PER_SECOND)
 
+        mac_source = self.get_param_value(atkParam.Parameter.MAC_SOURCE)
 
+        mac_destination = self.get_param_value(atkParam.Parameter.MAC_DESTINATION)
 
+        pps = self.get_param_value(atkParam.Parameter.PACKETS_PER_SECOND)
 
 
         # Calculate complement packet rates of the background traffic for each interval
 
         complement_interval_pps = self.statistics.calculate_complement_packet_rates(pps)
 
 
         # Determine ports
 
-        dest_ports = self.get_param_value(Param.PORT_DESTINATION)
 
-        if self.get_param_value(Param.PORT_DEST_ORDER_DESC):
 
+        dest_ports = self.get_param_value(atkParam.Parameter.PORT_DESTINATION)
 
+        if self.get_param_value(atkParam.Parameter.PORT_DEST_ORDER_DESC):
 
             dest_ports.reverse()
 
-        elif self.get_param_value(Param.PORT_DEST_SHUFFLE):
 
-            shuffle(dest_ports)
 
-        if self.get_param_value(Param.PORT_SOURCE_RANDOMIZE):
 
-            sport = randint(1, 65535)
 
+        elif self.get_param_value(atkParam.Parameter.PORT_DEST_SHUFFLE):
 
+            rnd.shuffle(dest_ports)
 
+        if self.get_param_value(atkParam.Parameter.PORT_SOURCE_RANDOMIZE):
 
+            # FIXME: why is sport never used?
 
+            sport = rnd.randint(1, 65535)
 
         else:
 
-            sport = self.get_param_value(Param.PORT_SOURCE)
 
+            sport = self.get_param_value(atkParam.Parameter.PORT_SOURCE)
 
 
         # Timestamp
 
-        timestamp_next_pkt = self.get_param_value(Param.INJECT_AT_TIMESTAMP)
 
+        timestamp_next_pkt = self.get_param_value(atkParam.Parameter.INJECT_AT_TIMESTAMP)
 
         # store start time of attack
 
         self.attack_start_utime = timestamp_next_pkt
 
-        timestamp_prv_reply, timestamp_confirm = 0,0
 
+        timestamp_prv_reply, timestamp_confirm = 0, 0
 
 
         # Initialize parameters
 
         self.packets = []
 
-        ip_source = self.get_param_value(Param.IP_SOURCE)
 
+        ip_source = self.get_param_value(atkParam.Parameter.IP_SOURCE)
 
         if isinstance(ip_source, list):
 
             ip_source = ip_source[0]
 
-        ip_destination = self.get_param_value(Param.IP_DESTINATION)
 
+        ip_destination = self.get_param_value(atkParam.Parameter.IP_DESTINATION)
 
         if isinstance(ip_destination, list):
 
             ip_destination = ip_destination[0]
 
 
@@ -146,20 +145,21 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
         self.ip_src_dst_equal_check(ip_source, ip_destination)
 
 
         # Select open ports
 
-        ports_open = self.get_param_value(Param.PORT_OPEN)
 
+        ports_open = self.get_param_value(atkParam.Parameter.PORT_OPEN)
 
         if ports_open == 1:  # user did not specify open ports
 
             # the ports that were already used by ip.dst (direction in) in the background traffic are open ports
 
             ports_used_by_ip_dst = self.statistics.process_db_query(
 
                 "SELECT portNumber FROM ip_ports WHERE portDirection='in' AND ipAddress='" + ip_destination + "'")
 
             if ports_used_by_ip_dst:
 
                 ports_open = ports_used_by_ip_dst
 
-            else: # if no ports were retrieved from database
 
+            else:  # if no ports were retrieved from database
 
                 # Take open ports from nmap-service file
 
-                #ports_temp = self.get_ports_from_nmap_service_dst(100)
 
-                #ports_open = ports_temp[0:randint(1,10)]
 
+                # ports_temp = self.get_ports_from_nmap_service_dst(100)
 
+                # ports_open = ports_temp[0:rnd.randint(1,10)]
 
                 # OR take open ports from the most used ports in traffic statistics
 
                 ports_open = self.statistics.process_db_query(
 
-                    "SELECT portNumber FROM ip_ports GROUP BY portNumber ORDER BY SUM(portCount) DESC LIMIT "+str(randint(1,10)))
 
+                    "SELECT portNumber FROM ip_ports GROUP BY portNumber ORDER BY SUM(portCount) DESC LIMIT " + str(
 
+                        rnd.randint(1, 10)))
 
         # in case of one open port, convert ports_open to array
 
         if not isinstance(ports_open, list):
 
             ports_open = [ports_open]
 
@@ -167,60 +167,64 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
         # Set MSS (Maximum Segment Size) based on MSS distribution of IP address
 
         source_mss_dist = self.statistics.get_mss_distribution(ip_source)
 
         if len(source_mss_dist) > 0:
 
-            source_mss_prob_dict = Lea.fromValFreqsDict(source_mss_dist)
 
+            source_mss_prob_dict = lea.Lea.fromValFreqsDict(source_mss_dist)
 
             source_mss_value = source_mss_prob_dict.random()
 
         else:
 
             source_mss_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(mssValue)"))
 
         destination_mss_dist = self.statistics.get_mss_distribution(ip_destination)
 
         if len(destination_mss_dist) > 0:
 
-            destination_mss_prob_dict = Lea.fromValFreqsDict(destination_mss_dist)
 
+            destination_mss_prob_dict = lea.Lea.fromValFreqsDict(destination_mss_dist)
 
             destination_mss_value = destination_mss_prob_dict.random()
 
         else:
 
-            destination_mss_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(mssValue)"))
 
+            destination_mss_value = Util.handle_most_used_outputs(
 
+                self.statistics.process_db_query("most_used(mssValue)"))
 
 
         # Set TTL based on TTL distribution of IP address
 
         source_ttl_dist = self.statistics.get_ttl_distribution(ip_source)
 
         if len(source_ttl_dist) > 0:
 
-            source_ttl_prob_dict = Lea.fromValFreqsDict(source_ttl_dist)
 
+            source_ttl_prob_dict = lea.Lea.fromValFreqsDict(source_ttl_dist)
 
             source_ttl_value = source_ttl_prob_dict.random()
 
         else:
 
             source_ttl_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(ttlValue)"))
 
         destination_ttl_dist = self.statistics.get_ttl_distribution(ip_destination)
 
         if len(destination_ttl_dist) > 0:
 
-            destination_ttl_prob_dict = Lea.fromValFreqsDict(destination_ttl_dist)
 
+            destination_ttl_prob_dict = lea.Lea.fromValFreqsDict(destination_ttl_dist)
 
             destination_ttl_value = destination_ttl_prob_dict.random()
 
         else:
 
-            destination_ttl_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(ttlValue)"))
 
+            destination_ttl_value = Util.handle_most_used_outputs(
 
+                self.statistics.process_db_query("most_used(ttlValue)"))
 
 
         # Set Window Size based on Window Size distribution of IP address
 
         source_win_dist = self.statistics.get_win_distribution(ip_source)
 
         if len(source_win_dist) > 0:
 
-            source_win_prob_dict = Lea.fromValFreqsDict(source_win_dist)
 
+            source_win_prob_dict = lea.Lea.fromValFreqsDict(source_win_dist)
 
             source_win_value = source_win_prob_dict.random()
 
         else:
 
             source_win_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(winSize)"))
 
         destination_win_dist = self.statistics.get_win_distribution(ip_destination)
 
         if len(destination_win_dist) > 0:
 
-            destination_win_prob_dict = Lea.fromValFreqsDict(destination_win_dist)
 
+            destination_win_prob_dict = lea.Lea.fromValFreqsDict(destination_win_dist)
 
             destination_win_value = destination_win_prob_dict.random()
 
         else:
 
-            destination_win_value = Util.handle_most_used_outputs(self.statistics.process_db_query("most_used(winSize)"))
 
+            destination_win_value = Util.handle_most_used_outputs(
 
+                self.statistics.process_db_query("most_used(winSize)"))
 
 
-        minDelay,maxDelay = self.get_reply_delay(ip_destination)
 
+        min_delay, max_delay = self.get_reply_delay(ip_destination)
 
 
         for dport in dest_ports:
 
             # Parameters changing each iteration
 
-            if self.get_param_value(Param.IP_SOURCE_RANDOMIZE) and isinstance(ip_source, list):
 
-                ip_source = choice(ip_source)
 
+            if self.get_param_value(atkParam.Parameter.IP_SOURCE_RANDOMIZE) and isinstance(ip_source, list):
 
+                ip_source = rnd.choice(ip_source)
 
 
             # 1) Build request package
 
-            request_ether = Ether(src=mac_source, dst=mac_destination)
 
-            request_ip = IP(src=ip_source, dst=ip_destination, ttl=source_ttl_value)
 
+            request_ether = inet.Ether(src=mac_source, dst=mac_destination)
 
+            request_ip = inet.IP(src=ip_source, dst=ip_destination, ttl=source_ttl_value)
 
 
             # Random src port for each packet
 
-            sport = randint(1, 65535)
 
+            sport = rnd.randint(1, 65535)
 
 
-            request_tcp = TCP(sport=sport, dport=dport,  window= source_win_value, flags='S', options=[('MSS', source_mss_value)])
 
+            request_tcp = inet.TCP(sport=sport, dport=dport, window=source_win_value, flags='S',
 
+                                   options=[('MSS', source_mss_value)])
 
 
             request = (request_ether / request_ip / request_tcp)
 
 
@@ -230,15 +234,15 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
 
             # 2) Build reply (for open ports) package
 
             if dport in ports_open:  # destination port is OPEN
 
-                reply_ether = Ether(src=mac_destination, dst=mac_source)
 
-                reply_ip = IP(src=ip_destination, dst=ip_source, ttl=destination_ttl_value, flags='DF')
 
-                reply_tcp = TCP(sport=dport, dport=sport, seq=0, ack=1, flags='SA', window=destination_win_value,
 
-                                    options=[('MSS', destination_mss_value)])
 
+                reply_ether = inet.Ether(src=mac_destination, dst=mac_source)
 
+                reply_ip = inet.IP(src=ip_destination, dst=ip_source, ttl=destination_ttl_value, flags='DF')
 
+                reply_tcp = inet.TCP(sport=dport, dport=sport, seq=0, ack=1, flags='SA', window=destination_win_value,
 
+                                     options=[('MSS', destination_mss_value)])
 
                 reply = (reply_ether / reply_ip / reply_tcp)
 
 
-                timestamp_reply = Util.update_timestamp(timestamp_next_pkt,pps,minDelay)
 
-                while (timestamp_reply <= timestamp_prv_reply):
 
-                    timestamp_reply = Util.update_timestamp(timestamp_prv_reply,pps,minDelay)
 
+                timestamp_reply = Util.update_timestamp(timestamp_next_pkt, pps, min_delay)
 
+                while timestamp_reply <= timestamp_prv_reply:
 
+                    timestamp_reply = Util.update_timestamp(timestamp_prv_reply, pps, min_delay)
 
                 timestamp_prv_reply = timestamp_reply
 
 
                 reply.time = timestamp_reply
 
@@ -247,9 +251,9 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
                 # requester confirms
 
                 confirm_ether = request_ether
 
                 confirm_ip = request_ip
 
-                confirm_tcp = TCP(sport=sport, dport=dport, seq=1, window=0, flags='R')
 
+                confirm_tcp = inet.TCP(sport=sport, dport=dport, seq=1, window=0, flags='R')
 
                 confirm = (confirm_ether / confirm_ip / confirm_tcp)
 
-                timestamp_confirm = Util.update_timestamp(timestamp_reply,pps,minDelay)
 
+                timestamp_confirm = Util.update_timestamp(timestamp_reply, pps, min_delay)
 
                 confirm.time = timestamp_confirm
 
                 self.packets.append(confirm)