|
@@ -2,6 +2,10 @@ import logging
|
|
|
import csv
|
|
|
import socket
|
|
|
|
|
|
+
|
|
|
+from operator import itemgetter
|
|
|
+import math
|
|
|
+
|
|
|
from random import shuffle, randint, choice, uniform
|
|
|
|
|
|
from lea import Lea
|
|
@@ -16,6 +20,10 @@ from scapy.layers.inet import IP, Ether, TCP
|
|
|
|
|
|
|
|
|
class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
+
|
|
|
+ maxDefaultPPS = 300
|
|
|
+ minDefaultPPS = 5
|
|
|
+
|
|
|
|
|
|
def get_ports_from_nmap_service_dst(self, ports_num):
|
|
|
"""
|
|
@@ -123,11 +131,11 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
|
|
|
|
|
|
|
|
|
-
|
|
|
-
|
|
|
+
|
|
|
+
|
|
|
|
|
|
-
|
|
|
- self.add_param_value(Param.PACKETS_PER_SECOND,300)
|
|
|
+
|
|
|
+ self.add_param_value(Param.PACKETS_PER_SECOND,self.maxDefaultPPS)
|
|
|
|
|
|
self.add_param_value(Param.INJECT_AFTER_PACKET, randint(0, self.statistics.get_packet_count()))
|
|
|
|
|
@@ -139,10 +147,46 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
:return: Timestamp to be used for the next packet.
|
|
|
"""
|
|
|
|
|
|
-
|
|
|
+
|
|
|
|
|
|
return timestamp + uniform(1 / pps, maxdelay)
|
|
|
|
|
|
+ mac_source = self.get_param_value(Param.MAC_SOURCE)
|
|
|
+ mac_destination = self.get_param_value(Param.MAC_DESTINATION)
|
|
|
+ pps = self.get_param_value(Param.PACKETS_PER_SECOND)
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ result = self.statistics.process_db_query(
|
|
|
+ "SELECT timestamp,pktsCount FROM interval_statistics ORDER BY timestamp")
|
|
|
+ print(result)
|
|
|
+ bg_interval_pps = []
|
|
|
+ intervalsSum = 0
|
|
|
+ if result:
|
|
|
+
|
|
|
+ for i,row in enumerate(result):
|
|
|
+ if i<len(result)-1:
|
|
|
+ intervalsSum += math.ceil((int(result[i+1][0]) * 10 ** -6) - (int(row[0]) * 10 ** -6))
|
|
|
+ interval = intervalsSum/(len(result)-1)
|
|
|
+
|
|
|
+ for row in result:
|
|
|
+ bg_interval_pps.append((int(row[0]) * 10 ** -6, int(row[1]/interval)))
|
|
|
+
|
|
|
+ maxPPS = max(bg_interval_pps, key=itemgetter(1))[1]
|
|
|
+ complement_interval_pps = []
|
|
|
+ for row in bg_interval_pps:
|
|
|
+ complement_interval_pps.append((row[0], int(pps * (maxPPS - row[1])/maxPPS)))
|
|
|
+ print(complement_interval_pps)
|
|
|
+
|
|
|
+ def getIntervalPPS(timestamp):
|
|
|
+ for row in complement_interval_pps:
|
|
|
+ if timestamp<=row[0]:
|
|
|
+ return row[1]
|
|
|
+ return complement_interval_pps[-1][1]
|
|
|
+
|
|
|
|
|
|
|
|
|
dest_ports = self.get_param_value(Param.PORT_DESTINATION)
|
|
@@ -151,9 +195,7 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
elif self.get_param_value(Param.PORT_DEST_SHUFFLE):
|
|
|
shuffle(dest_ports)
|
|
|
if self.get_param_value(Param.PORT_SOURCE_RANDOMIZE):
|
|
|
-
|
|
|
sport = randint(1, 65535)
|
|
|
-
|
|
|
else:
|
|
|
sport = self.get_param_value(Param.PORT_SOURCE)
|
|
|
|
|
@@ -173,15 +215,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
import sys
|
|
|
sys.exit(0)
|
|
|
|
|
|
- mac_source = self.get_param_value(Param.MAC_SOURCE)
|
|
|
- mac_destination = self.get_param_value(Param.MAC_DESTINATION)
|
|
|
- pps = self.get_param_value(Param.PACKETS_PER_SECOND)
|
|
|
-
|
|
|
-
|
|
|
-
|
|
|
- randomdelay = Lea.fromValFreqsDict({1 / pps: 50, 10 / pps: 50})
|
|
|
-
|
|
|
-
|
|
|
|
|
|
|
|
|
ports_open = self.get_param_value(Param.PORT_OPEN)
|
|
@@ -205,7 +238,6 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
ports_open = [ports_open]
|
|
|
|
|
|
|
|
|
-
|
|
|
|
|
|
|
|
|
mss_dst = self.statistics.get_most_used_mss(ip_destination)
|
|
@@ -229,7 +261,8 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
replies = []
|
|
|
|
|
|
for dport in dest_ports:
|
|
|
-
|
|
|
+
|
|
|
+ randomdelay = Lea.fromValFreqsDict({1 / pps: 85, 2 / pps: 10, 5 / pps: 5})
|
|
|
maxdelay = randomdelay.random()
|
|
|
|
|
|
|
|
@@ -253,10 +286,9 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps, maxdelay)
|
|
|
request.time = timestamp_next_pkt
|
|
|
"""
|
|
|
-
|
|
|
+
|
|
|
request.time = timestamp_next_pkt
|
|
|
|
|
|
-
|
|
|
|
|
|
if dport in ports_open:
|
|
|
reply_ether = Ether(src=mac_destination, dst=mac_source)
|
|
@@ -307,9 +339,10 @@ class PortscanAttack(BaseAttack.BaseAttack):
|
|
|
|
|
|
packets.append(request)
|
|
|
|
|
|
+
|
|
|
+ pps = self.minDefaultPPS if getIntervalPPS(timestamp_next_pkt) is None else max(getIntervalPPS(timestamp_next_pkt),1)
|
|
|
timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps, maxdelay)
|
|
|
|
|
|
-
|
|
|
|
|
|
if len(replies)>0:
|
|
|
for reply in replies:
|