Trang chủ Khám phá Trợ giúp
Đăng nhập
stefan.schmidt
/
ID2T-toolkit
forked from SPIN/ID2T-toolkit
3
0
Fork 0
Các tập tin
Browse Source

modify MSS for packets

aidmar.wainakh 7 năm trước cách đây
mục cha
ad49451167
commit
3c5848f026
1 tập tin đã thay đổi với 47 bổ sung8 xóa
View chưa được định nghĩa Hiển thị tình trạng sai khác
  1. 47 8
      code/Attack/EternalBlueExploit.py

+ 47 - 8
code/Attack/EternalBlueExploit.py
Xem Tập Tin 

@@ -145,12 +145,16 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
             destination_win_dist = self.statistics.get_win_distribution(self.statistics.get_most_used_ip_address())
 
             destination_win_dist = self.statistics.get_win_distribution(self.statistics.get_most_used_ip_address())
 
             destination_win_prob_dict = Lea.fromValFreqsDict(destination_win_dist)
 
             destination_win_prob_dict = Lea.fromValFreqsDict(destination_win_dist)
 
 
 
+        # Set MSS (Maximum Segment Size) based on MSS distribution of IP address
 
+        mss_value = self.statistics.process_db_query("most_used(mssValue)")
 
+        if not mss_value:
 
+            mss_value = 1465
 
+
 
         # Scan (MS17) for EternalBlue
 
         # Scan (MS17) for EternalBlue
 
         # Read Win7_eternalblue_scan pcap file
 
         # Read Win7_eternalblue_scan pcap file
 
         orig_ip_dst = None
 
         orig_ip_dst = None
 
         exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
 
         exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
 
         inter_arrival_times = self.get_inter_arrival_time(exploit_raw_packets)
 
         inter_arrival_times = self.get_inter_arrival_time(exploit_raw_packets)
 
-        #timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
 
         exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
 
         exploit_raw_packets = RawPcapReader(self.template_scan_pcap_path)
 
 
 
         port_source = randint(self.minDefaultPort,self.maxDefaultPort) # experiments show this range of ports
 
         port_source = randint(self.minDefaultPort,self.maxDefaultPort) # experiments show this range of ports
 
@@ -177,12 +181,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                 ip_pkt.setfieldval("ttl", source_ttl_value)
 
                 ip_pkt.setfieldval("ttl", source_ttl_value)
 
                 # TCP
 
                 # TCP
 
                 tcp_pkt.setfieldval("sport",port_source)
 
                 tcp_pkt.setfieldval("sport",port_source)
 
-
 
+                ## Window Size
 
                 source_origin_win = tcp_pkt.getfieldval("window")
 
                 source_origin_win = tcp_pkt.getfieldval("window")
 
                 if source_origin_win not in source_origin_wins:
 
                 if source_origin_win not in source_origin_wins:
 
                     source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                     source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                 new_win = source_origin_wins[source_origin_win]
 
                 new_win = source_origin_wins[source_origin_win]
 
                 tcp_pkt.setfieldval("window", new_win)
 
                 tcp_pkt.setfieldval("window", new_win)
 
+                ## MSS
 
+                tcp_options = tcp_pkt.getfieldval("options")
 
+                if tcp_options:
 
+                    if tcp_options[0][0] == "MSS":
 
+                        tcp_options [0] = ("MSS",mss_value)
 
+                        tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                 new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                 new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                 new_pkt.time = timestamp_next_pkt
 
                 new_pkt.time = timestamp_next_pkt
 
@@ -200,12 +210,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                 ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                 ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                 # TCP
 
                 # TCP
 
                 tcp_pkt.setfieldval("dport", port_source)
 
                 tcp_pkt.setfieldval("dport", port_source)
 
-                
+                ## Window Size
 
                 destination_origin_win = tcp_pkt.getfieldval("window")
 
                 destination_origin_win = tcp_pkt.getfieldval("window")
 
                 if destination_origin_win not in destination_origin_wins:
 
                 if destination_origin_win not in destination_origin_wins:
 
                     destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                     destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                 new_win = destination_origin_wins[destination_origin_win]
 
                 new_win = destination_origin_wins[destination_origin_win]
 
                 tcp_pkt.setfieldval("window", new_win)
 
                 tcp_pkt.setfieldval("window", new_win)
 
+                ## MSS
 
+                tcp_options = tcp_pkt.getfieldval("options")
 
+                if tcp_options:
 
+                    if tcp_options[0][0] == "MSS":
 
+                        tcp_options[0] = ("MSS", mss_value)
 
+                        tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                 new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                 new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                 timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]#+ float(timeSteps.random())
 
                 timestamp_next_pkt = update_timestamp(timestamp_next_pkt, pps) + inter_arrival_times[pkt_num]#+ float(timeSteps.random())
 
@@ -229,7 +245,6 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
 
 
             conv_pkts = conversations[conv]
 
             conv_pkts = conversations[conv]
 
             inter_arrival_times = self.get_inter_arrival_time(conv_pkts)
 
             inter_arrival_times = self.get_inter_arrival_time(conv_pkts)
 
-            #timeSteps = Lea.fromValFreqsDict(inter_arrival_time_dist)
 
 
 
             if conv_index == len(orderList_conversations) - 2:  # Not the last conversation
 
             if conv_index == len(orderList_conversations) - 2:  # Not the last conversation
 
                 timestamp_next_pkt = packets[-1].time + uniform(0.001,0.01)
 
                 timestamp_next_pkt = packets[-1].time + uniform(0.001,0.01)
 
@@ -256,12 +271,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                         ip_pkt.setfieldval("ttl", source_ttl_value)
 
                         ip_pkt.setfieldval("ttl", source_ttl_value)
 
                         # TCP
 
                         # TCP
 
                         tcp_pkt.setfieldval("sport", port_source)
 
                         tcp_pkt.setfieldval("sport", port_source)
 
-
 
+                        ## Window Size
 
                         source_origin_win = tcp_pkt.getfieldval("window")
 
                         source_origin_win = tcp_pkt.getfieldval("window")
 
                         if source_origin_win not in source_origin_wins:
 
                         if source_origin_win not in source_origin_wins:
 
                             source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                             source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                         new_win = source_origin_wins[source_origin_win]
 
                         new_win = source_origin_wins[source_origin_win]
 
                         tcp_pkt.setfieldval("window", new_win)
 
                         tcp_pkt.setfieldval("window", new_win)
 
+                        ## MSS
 
+                        tcp_options = tcp_pkt.getfieldval("options")
 
+                        if tcp_options:
 
+                            if tcp_options[0][0] == "MSS":
 
+                                tcp_options[0] = ("MSS", mss_value)
 
+                                tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt.time = timestamp_next_pkt
 
                         new_pkt.time = timestamp_next_pkt
 
@@ -280,12 +301,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                         # TCP
 
                         # TCP
 
                         tcp_pkt.setfieldval("dport", port_source)
 
                         tcp_pkt.setfieldval("dport", port_source)
 
-
 
+                        ## Window Size
 
                         destination_origin_win = tcp_pkt.getfieldval("window")
 
                         destination_origin_win = tcp_pkt.getfieldval("window")
 
                         if destination_origin_win not in destination_origin_wins:
 
                         if destination_origin_win not in destination_origin_wins:
 
                             destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                             destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                         new_win = destination_origin_wins[destination_origin_win]
 
                         new_win = destination_origin_wins[destination_origin_win]
 
                         tcp_pkt.setfieldval("window", new_win)
 
                         tcp_pkt.setfieldval("window", new_win)
 
+                        ## MSS
 
+                        tcp_options = tcp_pkt.getfieldval("options")
 
+                        if tcp_options:
 
+                            if tcp_options[0][0] == "MSS":
 
+                                tcp_options[0] = ("MSS", mss_value)
 
+                                tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
 
 
@@ -315,12 +342,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                         ip_pkt.setfieldval("ttl", destination_ttl_value)
 
                         # TCP
 
                         # TCP
 
                         tcp_pkt.setfieldval("sport", port_source)
 
                         tcp_pkt.setfieldval("sport", port_source)
 
-
 
+                        ## Window Size
 
                         destination_origin_win = tcp_pkt.getfieldval("window")
 
                         destination_origin_win = tcp_pkt.getfieldval("window")
 
                         if destination_origin_win not in destination_origin_wins:
 
                         if destination_origin_win not in destination_origin_wins:
 
                             destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                             destination_origin_wins[destination_origin_win] = destination_win_prob_dict.random()
 
                         new_win = destination_origin_wins[destination_origin_win]
 
                         new_win = destination_origin_wins[destination_origin_win]
 
                         tcp_pkt.setfieldval("window", new_win)
 
                         tcp_pkt.setfieldval("window", new_win)
 
+                        ## MSS
 
+                        tcp_options = tcp_pkt.getfieldval("options")
 
+                        if tcp_options:
 
+                            if tcp_options[0][0] == "MSS":
 
+                                tcp_options[0] = ("MSS", mss_value)
 
+                                tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt.time = timestamp_next_pkt
 
                         new_pkt.time = timestamp_next_pkt
 
@@ -339,12 +372,18 @@ class EternalBlueExploit(BaseAttack.BaseAttack):
 
                         ip_pkt.setfieldval("ttl", source_ttl_value)
 
                         ip_pkt.setfieldval("ttl", source_ttl_value)
 
                         # TCP
 
                         # TCP
 
                         tcp_pkt.setfieldval("dport", port_source)
 
                         tcp_pkt.setfieldval("dport", port_source)
 
-
 
+                        ## Window Size
 
                         source_origin_win = tcp_pkt.getfieldval("window")
 
                         source_origin_win = tcp_pkt.getfieldval("window")
 
                         if source_origin_win not in source_origin_wins:
 
                         if source_origin_win not in source_origin_wins:
 
                             source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                             source_origin_wins[source_origin_win] = source_win_prob_dict.random()
 
                         new_win = source_origin_wins[source_origin_win]
 
                         new_win = source_origin_wins[source_origin_win]
 
                         tcp_pkt.setfieldval("window", new_win)
 
                         tcp_pkt.setfieldval("window", new_win)
 
+                        ## MSS
 
+                        tcp_options = tcp_pkt.getfieldval("options")
 
+                        if tcp_options:
 
+                            if tcp_options[0][0] == "MSS":
 
+                                tcp_options[0] = ("MSS", mss_value)
 
+                                tcp_pkt.setfieldval("options", tcp_options)
 
 
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)
 
                         new_pkt = (eth_frame / ip_pkt / tcp_pkt)