include port_destination in input parameters

code/Attack/EternalBlueExploit.py

@@ -61,6 +61,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
         random_ip_address = self.statistics.get_random_ip_address()
         self.add_param_value(Param.IP_SOURCE, random_ip_address)
         self.add_param_value(Param.MAC_SOURCE, self.statistics.get_mac_address(random_ip_address))
+        self.add_param_value(Param.PORT_SOURCE, randint(self.minDefaultPort, self.maxDefaultPort))
 
         # Victim configuration
         self.add_param_value(Param.IP_DESTINATION, most_used_ip_address)
@@ -68,6 +69,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
         if isinstance(destination_mac, list) and len(destination_mac) == 0:
             destination_mac = self.generate_random_mac_address()
         self.add_param_value(Param.MAC_DESTINATION, destination_mac)
+        self.add_param_value(Param.PORT_DESTINATION, self.smb_port)
 
         # Attack configuration
         self.add_param_value(Param.PACKETS_PER_SECOND,
@@ -109,8 +111,10 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
         packets = []
         mac_source = self.get_param_value(Param.MAC_SOURCE)
         ip_source = self.get_param_value(Param.IP_SOURCE)
+        port_source = self.get_param_value(Param.PORT_SOURCE)
         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
         ip_destination = self.get_param_value(Param.IP_DESTINATION)
+        port_destination = self.get_param_value(Param.PORT_DESTINATION)
 
         # Check ip.src == ip.dst
         self.ip_src_dst_equal_check(ip_source, ip_destination)
@@ -159,8 +163,6 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
         inter_arrival_times = self.get_inter_arrival_time(exploit_raw_packets)
         exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
 
-        port_source = randint(self.minDefaultPort,self.maxDefaultPort) # experiments show this range of ports
-
         source_origin_wins, destination_origin_wins = {}, {}
 
         for pkt_num, pkt in enumerate(exploit_raw_packets):
@@ -183,6 +185,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                 ip_pkt.setfieldval("ttl", source_ttl_value)
                 # TCP
                 tcp_pkt.setfieldval("sport",port_source)
+                tcp_pkt.setfieldval("dport",port_destination)
                 ## Window Size
                 source_origin_win = tcp_pkt.getfieldval("window")
                 if source_origin_win not in source_origin_wins:
@@ -212,6 +215,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                 ip_pkt.setfieldval("ttl", destination_ttl_value)
                 # TCP
                 tcp_pkt.setfieldval("dport", port_source)
+                tcp_pkt.setfieldval("sport",port_destination)
                 ## Window Size
                 destination_origin_win = tcp_pkt.getfieldval("window")
                 if destination_origin_win not in destination_origin_wins:
@@ -273,6 +277,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                         ip_pkt.setfieldval("ttl", source_ttl_value)
                         # TCP
                         tcp_pkt.setfieldval("sport", port_source)
+                        tcp_pkt.setfieldval("dport", port_destination)
                         ## Window Size
                         source_origin_win = tcp_pkt.getfieldval("window")
                         if source_origin_win not in source_origin_wins:
@@ -303,6 +308,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
                         # TCP
                         tcp_pkt.setfieldval("dport", port_source)
+                        tcp_pkt.setfieldval("sport", port_destination)
                         ## Window Size
                         destination_origin_win = tcp_pkt.getfieldval("window")
                         if destination_origin_win not in destination_origin_wins:
@@ -344,6 +350,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
                         # TCP
                         tcp_pkt.setfieldval("sport", port_source)
+                        # destination port is fixed 4444
                         ## Window Size
                         destination_origin_win = tcp_pkt.getfieldval("window")
                         if destination_origin_win not in destination_origin_wins:
@@ -374,6 +381,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
                         ip_pkt.setfieldval("ttl", source_ttl_value)
                         # TCP
                         tcp_pkt.setfieldval("dport", port_source)
+                        # source port is fixed 4444
                         ## Window Size
                         source_origin_win = tcp_pkt.getfieldval("window")
                         if source_origin_win not in source_origin_wins:
@@ -396,7 +404,6 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                     packets.append(new_pkt)
 
-
         # Store timestamp of first packet (for attack label)
         self.attack_start_utime = packets[0].time
         self.attack_end_utime = packets[-1].time

code/Attack/JoomlaRegPrivExploit.py

@@ -34,7 +34,6 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
         self.supported_params = {
             Param.MAC_SOURCE: ParameterTypes.TYPE_MAC_ADDRESS,
             Param.IP_SOURCE: ParameterTypes.TYPE_IP_ADDRESS,
-            #Param.PORT_SOURCE: ParameterTypes.TYPE_PORT,
             Param.MAC_DESTINATION: ParameterTypes.TYPE_MAC_ADDRESS,
             Param.IP_DESTINATION: ParameterTypes.TYPE_IP_ADDRESS,
             Param.PORT_DESTINATION: ParameterTypes.TYPE_PORT,
@@ -61,7 +60,6 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
             most_used_ip_address = most_used_ip_address[0]
         self.add_param_value(Param.IP_SOURCE, most_used_ip_address)
         self.add_param_value(Param.MAC_SOURCE, self.statistics.get_mac_address(most_used_ip_address))
-        #self.add_param_value(Param.PORT_SOURCE, randint(self.minDefaultPort, self.maxDefaultPort))
 
         # Victim configuration
         random_ip_address = self.statistics.get_random_ip_address()
@@ -115,7 +113,7 @@ class JoomlaRegPrivExploit(BaseAttack.BaseAttack):
         packets = []
         mac_source = self.get_param_value(Param.MAC_SOURCE)
         ip_source = self.get_param_value(Param.IP_SOURCE)
-        port_source = randint(self.minDefaultPort, self.maxDefaultPort) #self.get_param_value(Param.PORT_SOURCE)
+        port_source = randint(self.minDefaultPort, self.maxDefaultPort)
         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
         ip_destination = self.get_param_value(Param.IP_DESTINATION)
         port_destination = self.get_param_value(Param.PORT_DESTINATION)