6 years ago · daf4a572fd
--- a/code/Attack/FTPWinaXeExploit.py
+++ b/code/Attack/FTPWinaXeExploit.py
@@ -1,4 +1,5 @@
 
				 import logging
			
 
				+import ID2TLib.Utility
			
 
				 
			
 
				 from random import randint
			
 
				 from lea import Lea
			
@@ -8,7 +9,7 @@ from Attack import BaseAttack
 
				 from Attack.AttackParameters import Parameter as Param
			
 
				 from Attack.AttackParameters import ParameterTypes
			
 
				 from ID2TLib.Utility import update_timestamp, generate_source_port_from_platform, get_rnd_x86_nop, forbidden_chars,\
			
 
				-    get_rnd_bytes, get_bytes_from_file
			
 
				+    get_rnd_bytes , check_payload_len
			
 
				 
			
 
				 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
			
 
				 # noinspection PyPep8
			
@@ -110,18 +111,6 @@ class FTPWinaXeExploit(BaseAttack.BaseAttack):
 
				 
			
 
				             return mss_value, ttl_value, win_value
			
 
				 
			
 
				-        def check_payload_len(payload_len: int, limit: int):
			
 
				-            """
			
 
				-            Checks if the len of the payload exceeds a given limit
			
 
				-            :param payload_len: The length of the payload
			
 
				-            :param limit: The limit of the length of the payload which is allowed
			
 
				-            """
			
 
				-
			
 
				-            if payload_len > limit:
			
 
				-                print("\nCustom payload too long: ", payload_len, " bytes. Should be a maximum of ", limit, " bytes.")
			
 
				-                exit(1)
			
 
				-
			
 
				-
			
 
				         pps = self.get_param_value(Param.PACKETS_PER_SECOND)
			
 
				 
			
 
				         # Timestamp
			
@@ -205,7 +194,7 @@ class FTPWinaXeExploit(BaseAttack.BaseAttack):
 
				             if custom_payload_file == '':
			
 
				                 payload = get_rnd_bytes(custom_payload_limit, forbidden_chars)
			
 
				             else:
			
 
				-                payload = get_bytes_from_file(custom_payload_file)
			
 
				+                payload = ID2TLib.Utility.get_bytes_from_file(custom_payload_file)
			
 
				                 check_payload_len(len(payload), custom_payload_limit)
			
 
				                 payload += get_rnd_x86_nop(custom_payload_limit - len(payload), False, forbidden_chars)
			
 
				         else:
			
--- a/code/Attack/PortscanAttack.py
+++ b/code/Attack/PortscanAttack.py
@@ -5,6 +5,7 @@ from random import shuffle, randint, choice
 
				 from lea import Lea
			
 
				 from scapy.layers.inet import IP, Ether, TCP
			
 
				 
			
 
				+from definitions import ROOT_DIR
			
 
				 from Attack import BaseAttack
			
 
				 from Attack.AttackParameters import Parameter as Param
			
 
				 from Attack.AttackParameters import ParameterTypes
			
@@ -89,7 +90,7 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
				         :return: Ports numbers to be used as default destination ports or default open ports in the port scan.
			
 
				         """
			
 
				         ports_dst = []
			
 
				-        spamreader = csv.reader(open('resources/nmap-services-tcp.csv', 'rt'), delimiter=',')
			
 
				+        spamreader = csv.reader(open(ROOT_DIR + '/../resources/nmap-services-tcp.csv', 'rt'), delimiter=',')
			
 
				         for count in range(ports_num):
			
 
				             # escape first row (header)
			
 
				             next(spamreader)
			
@@ -109,10 +110,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
 
				         return port_dst_shuffled
			
 
				 
			
 
				     def generate_attack_pcap(self):
			
 
				-
			
 
				-
			
 
				-
			
 
				-
			
 
				         mac_source = self.get_param_value(Param.MAC_SOURCE)
			
 
				         mac_destination = self.get_param_value(Param.MAC_DESTINATION)
			
 
				         pps = self.get_param_value(Param.PACKETS_PER_SECOND)
			
--- a/code/ID2TLib/Utility.py
+++ b/code/ID2TLib/Utility.py
@@ -220,6 +220,17 @@ def get_rnd_bytes(count=1, ignore=None):
 
				     return result
			
 
				 
			
 
				 
			
 
				+def check_payload_len(payload_len: int, limit: int):
			
 
				+    """
			
 
				+    Checks if the len of the payload exceeds a given limit
			
 
				+    :param payload_len: The length of the payload
			
 
				+    :param limit: The limit of the length of the payload which is allowed
			
 
				+    """
			
 
				+
			
 
				+    if payload_len > limit:
			
 
				+        print("\nCustom payload too long: ", payload_len, " bytes. Should be a maximum of ", limit, " bytes.")
			
 
				+        exit(1)
			
 
				+
			
 
				 def get_bytes_from_file(filepath):
			
 
				     """
			
 
				     Converts the content of a file into its byte representation
			
--- a/code/Test/Lib.py
+++ b/code/Test/Lib.py
@@ -7,6 +7,7 @@ from definitions import ROOT_DIR
 
				 test_resource_dir = ROOT_DIR + "/../resources/test"
			
 
				 test_pcap = ROOT_DIR + "/../resources/test/test.pcap"
			
 
				 test_pcap_ips = ["192.168.189.143", "192.168.189.1"]
			
 
				+test_pcap_empty = []
			
 
				 
			
 
				 """
			
 
				 helper functions for generic_test
			
--- a/code/Test/test_FTPWinaXeExploit.py
+++ b/code/Test/test_FTPWinaXeExploit.py
@@ -2,14 +2,20 @@ import unittest
 
				 import unittest.mock as mock
			
 
				 
			
 
				 from Test.GenericTest import GenericTest
			
 
				-from Test.Lib import get_bytes, get_x86_nop
			
 
				+from Test.Lib import *
			
 
				 
			
 
				-sha_one_attacker_ftp = '941947ccc42ea10e724d2a20626882130d62fc5dbbe007095a90f67a943ab3bf'
			
 
				+sha_ftp_basic = '941947ccc42ea10e724d2a20626882130d62fc5dbbe007095a90f67a943ab3bf'
			
 
				+sha_ftp_most_used_ip = '941947ccc42ea10e724d2a20626882130d62fc5dbbe007095a90f67a943ab3bf'
			
 
				+sha_ftp_mac = 'c2e83e62bb8a15402725faef47a53c6e5afa3dd82a17435d48000058976160cb'
			
 
				+sha_ftp_random_ip_src = '41ae677b553064428905682f6a17447850cc4c1b617c337e046ee6e50f51217b'
			
 
				+sha_not_empty_custom_payload_empty_file = '369d59174de5f01787ea623673f320e8342ddd6be9761edb607bf635f44a3749'
			
 
				+sha_empty_custom_payload_not_empty_file = '9d3ec2451b05acc72b99b40309b714bc015b6d12b5477f6490cd2f9ba8f1ffa8'
			
 
				+sha_valid_ip = '941947ccc42ea10e724d2a20626882130d62fc5dbbe007095a90f67a943ab3bf'
			
 
				 
			
 
				 """
			
 
				 Name                             Stmts   Miss  Cover   Missing
			
 
				 --------------------------------------------------------------------------------------------
			
 
				-Attack/FTPWinaXeExploit.py         141     14    90%   55, 66, 71, 121-122, 148-150, 208-214
			
 
				+Attack/FTPWinaXeExploit.py         141     14    99%    67
			
 
				 """
			
 
				 
			
 
				 
			
@@ -17,8 +23,46 @@ class UnitTestFTPWinaXeExploit(GenericTest):
 
				 
			
 
				     @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				     @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				-    def test_one_attacker_ftp(self, mock_get_rnd_bytes, mock_get_rnd_x86_nop):
			
 
				-        self.generic_test([['FTPWinaXeExploit']], sha_one_attacker_ftp)
			
 
				+    def test_ftp_basic(self, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        self.generic_test([['FTPWinaXeExploit']], sha_ftp_basic)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    @mock.patch('ID2TLib.Statistics.Statistics.get_most_used_ip_address')
			
 
				+    def test_ftp_most_used_ips(self,mock_most_used_ip_address, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        mock_most_used_ip_address.return_value = test_pcap_ips
			
 
				+        self.generic_test([['FTPWinaXeExploit']], sha_ftp_most_used_ip)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    @mock.patch('ID2TLib.Statistics.Statistics.get_mac_address')
			
 
				+    def test_ftp_mac(self, mock_mac_address, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        mock_mac_address.return_value = test_pcap_empty
			
 
				+        self.generic_test([['FTPWinaXeExploit']], sha_ftp_mac)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    def test_ftp_random_ip_src(self, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        self.generic_test([['FTPWinaXeExploit', 'ip.src.shuffle=1']], sha_ftp_random_ip_src)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    def test_ftp_not_empty_custom_payload_empty_file(self, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        self.generic_test([['FTPWinaXeExploit', 'custom.payload=1']], sha_not_empty_custom_payload_empty_file)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    @mock.patch('ID2TLib.Utility.check_payload_len')
			
 
				+    @mock.patch('ID2TLib.Utility.get_bytes_from_file', return_value=b'AAAAA')
			
 
				+    def test_ftp_empty_custom_payload_not_empty_file(self, mock_bytes_from_file, mock_payload_len, mock_get_rnd_x86_nop,
			
 
				+                                                     mock_get_rnd_bytes):
			
 
				+        self.generic_test([['FTPWinaXeExploit', 'custom.payload.file=1']], sha_empty_custom_payload_not_empty_file)
			
 
				+
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_bytes', side_effect=get_bytes)
			
 
				+    @mock.patch('ID2TLib.Utility.get_rnd_x86_nop', side_effect=get_x86_nop)
			
 
				+    @mock.patch('Attack.BaseAttack.BaseAttack.is_valid_ip_address', return_values=[False, True])
			
 
				+    def test_ftp_invalid_ip(self,mock_valid_ip_check, mock_get_rnd_x86_nop, mock_get_rnd_bytes):
			
 
				+        self.generic_test([['FTPWinaXeExploit']], sha_valid_ip)
			
 
				 
			
 
				 
			
 
				 if __name__ == '__main__':