|
@@ -52,25 +52,27 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
"""
|
|
|
# PARAMETERS: initialize with default utilsvalues
|
|
|
# (values are overwritten if user specifies them)
|
|
|
+ # Attacker configuration
|
|
|
most_used_ip_address = self.statistics.get_most_used_ip_address()
|
|
|
if isinstance(most_used_ip_address, list):
|
|
|
most_used_ip_address = most_used_ip_address[0]
|
|
|
- self.add_param_value(Param.IP_SOURCE, most_used_ip_address)
|
|
|
- self.add_param_value(Param.MAC_SOURCE, self.statistics.get_mac_address(most_used_ip_address))
|
|
|
- self.add_param_value(Param.INJECT_AFTER_PACKET, randint(0, self.statistics.get_packet_count()))
|
|
|
- self.add_param_value(Param.PACKETS_PER_SECOND,
|
|
|
- (self.statistics.get_pps_sent(most_used_ip_address) +
|
|
|
- self.statistics.get_pps_received(most_used_ip_address)) / 2)
|
|
|
-
|
|
|
- # victim configuration
|
|
|
random_ip_address = self.statistics.get_random_ip_address()
|
|
|
- self.add_param_value(Param.IP_DESTINATION, random_ip_address)
|
|
|
+ self.add_param_value(Param.IP_SOURCE, random_ip_address)
|
|
|
+ self.add_param_value(Param.MAC_SOURCE, self.statistics.get_mac_address(random_ip_address))
|
|
|
|
|
|
- destination_mac = self.statistics.get_mac_address(random_ip_address)
|
|
|
+ # Victim configuration
|
|
|
+ self.add_param_value(Param.IP_DESTINATION, most_used_ip_address)
|
|
|
+ destination_mac = self.statistics.get_mac_address(most_used_ip_address)
|
|
|
if isinstance(destination_mac, list) and len(destination_mac) == 0:
|
|
|
destination_mac = self.generate_random_mac_address()
|
|
|
self.add_param_value(Param.MAC_DESTINATION, destination_mac)
|
|
|
|
|
|
+ # Attack configuration
|
|
|
+ self.add_param_value(Param.PACKETS_PER_SECOND,
|
|
|
+ (self.statistics.get_pps_sent(most_used_ip_address) +
|
|
|
+ self.statistics.get_pps_received(most_used_ip_address)) / 2)
|
|
|
+ self.add_param_value(Param.INJECT_AFTER_PACKET, randint(0, self.statistics.get_packet_count()))
|
|
|
+
|
|
|
def generate_attack_pcap(self):
|
|
|
def update_timestamp(timestamp, pps):
|
|
|
"""
|
|
@@ -147,8 +149,8 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
# Read Win7_eternalblue_scan pcap file
|
|
|
orig_ip_dst = None
|
|
|
exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
|
|
|
- inter_arrival_time_dist = self.get_inter_arrival_time_dist(exploit_raw_packets)
|
|
|
- timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
|
|
|
+ inter_arrival_times = self.get_inter_arrival_time(exploit_raw_packets)
|
|
|
+ #timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
|
|
|
exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
|
|
|
|
|
|
port_source = randint(self.minDefaultPort,self.maxDefaultPort) # experiments show this range of ports
|
|
@@ -186,7 +188,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|
|
|
pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt), 10)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]#float(timeSteps.random())
|
|
|
# Reply
|
|
|
else:
|
|
|
# Ether
|
|
@@ -206,7 +208,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
tcp_pkt.setfieldval("window", new_win)
|
|
|
|
|
|
new_pkt = (eth_frame / ip_pkt / tcp_pkt)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]#+ float(timeSteps.random())
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|
|
|
packets.append(new_pkt)
|
|
@@ -226,8 +228,8 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
timestamp_next_pkt = conv_start_timesamp
|
|
|
|
|
|
conv_pkts = conversations[conv]
|
|
|
- inter_arrival_time_dist = self.get_inter_arrival_time_dist(conv_pkts)
|
|
|
- timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
|
|
|
+ inter_arrival_times = self.get_inter_arrival_time(conv_pkts)
|
|
|
+ #timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
|
|
|
|
|
|
if conv_index == len(orderList_conversations) - 2: # Not the last conversation
|
|
|
timestamp_next_pkt = packets[-1].time + uniform(0.001,0.01)
|
|
@@ -265,7 +267,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|
|
|
pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt), 10)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num] #float(timeSteps.random())
|
|
|
|
|
|
# Reply
|
|
|
else:
|
|
@@ -288,7 +290,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
new_pkt = (eth_frame / ip_pkt / tcp_pkt)
|
|
|
|
|
|
pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt), 10)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]#float(timeSteps.random())
|
|
|
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|
|
@@ -324,7 +326,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|
|
|
pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt), 10)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]# float(timeSteps.random())
|
|
|
|
|
|
# Reply
|
|
|
else:
|
|
@@ -347,7 +349,7 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
|
|
|
new_pkt = (eth_frame / ip_pkt / tcp_pkt)
|
|
|
|
|
|
pps = max(getIntervalPPS(complement_interval_pps, timestamp_next_pkt), 10)
|
|
|
- timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + float(timeSteps.random())
|
|
|
+ timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]# float(timeSteps.random())
|
|
|
|
|
|
new_pkt.time = timestamp_next_pkt
|
|
|
|