diff --git a/Medium_articles/README.md b/Medium_articles/README.md index 6cda24d..ba6d3ef 100644 --- a/Medium_articles/README.md +++ b/Medium_articles/README.md @@ -3,4 +3,6 @@ This directory holds any code and snippet that I have published in Medium: -* [Learn Networking with Python’s Socket and Threading Module 🚀](https://medium.com/python-for-the-utopian/learning-networking-with-pythons-socket-and-threading-module-30dc77e1fc59). \ No newline at end of file +* [Learn Networking with Python’s Socket and Threading Module 🚀](https://medium.com/python-for-the-utopian/learning-networking-with-pythons-socket-and-threading-module-30dc77e1fc59). +* [Understand the SSH Protocol with Python 🐍](https://medium.com/python-for-the-utopian/writing-ssh-client-and-server-in-python-b5b330c983d3). +* [Building a Snifffffing Scanner in Python 💣](https://medium.com/python-for-the-utopian/building-a-udp-scanner-in-python-84e62947aab7). diff --git a/Medium_articles/python_sniff_scanner/icmp_example.py b/Medium_articles/python_sniff_scanner/icmp_example.py new file mode 100644 index 0000000..967fe7d --- /dev/null +++ b/Medium_articles/python_sniff_scanner/icmp_example.py @@ -0,0 +1,17 @@ +import ctypes + + +class ICMP(ctypes.Structure): + _fields_ = [ + ('type', ctypes.c_ubyte), + ('code', ctypes.c_ubyte), + ('checksum', ctypes.c_ushort), + ('unused', ctypes.c_ushort), + ('next_hop_mtu',ctypes.c_ushort) + ] + + def __new__(self, socket_buffer): + return self.from_buffer_copy(socket_buffer) + + def __init__(self, socket_buffer): + pass \ No newline at end of file diff --git a/Medium_articles/python_sniff_scanner/main_example.py b/Medium_articles/python_sniff_scanner/main_example.py new file mode 100644 index 0000000..49443df --- /dev/null +++ b/Medium_articles/python_sniff_scanner/main_example.py @@ -0,0 +1,44 @@ +import socket +import os +import struct +import ctypes + +from ICMPHeader import ICMP + + +# host to listen on +HOST = '192.168.1.114' + + +def main(): + socket_protocol = socket.IPPROTO_ICMP + sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) + sniffer.bind(( HOST, 0 )) + sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) + + while True: + raw_buffer = sniffer.recvfrom(65565)[0] + ip_header = raw_buffer[0:20] + iph = struct.unpack('!BBHHHBBH4s4s' , ip_header) + + # Create our IP structure + version_ihl = iph[0] + version = version_ihl >> 4 + ihl = version_ihl & 0xF + iph_length = ihl * 4 + ttl = iph[5] + protocol = iph[6] + s_addr = socket.inet_ntoa(iph[8]); + d_addr = socket.inet_ntoa(iph[9]); + print('IP -> Version:' + str(version) + ', Header Length:' + str(ihl) + \ + ', TTL:' + str(ttl) + ', Protocol:' + str(protocol) + ', Source:'\ + + str(s_addr) + ', Destination:' + str(d_addr)) + + # Create our ICMP structure + buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)] + icmp_header = ICMP(buf) + print('ICMP -> Type:{0}, Code:{1}'.format((icmp_header.type, icmp_header.code))) + + +if __name__ == '__main__': + main() \ No newline at end of file diff --git a/Medium_articles/python_sniff_scanner/sniff_example.py b/Medium_articles/python_sniff_scanner/sniff_example.py new file mode 100644 index 0000000..d494e84 --- /dev/null +++ b/Medium_articles/python_sniff_scanner/sniff_example.py @@ -0,0 +1,33 @@ +import os +import socket + + +# host to listen +HOST = '192.168.1.114' + + +def sniffing(host, win, socket_prot): + + while True: + sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_prot) + sniffer.bind((host, 0)) + + # include the IP headers in the captured packets + sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) + + if win == 1: + sniffer.ioctl(socket.SIO_RCVALL, socket_RCVALL_ON) + + # read in a single packet + print(sniffer.recvfrom(65565)) + + +def main(host): + if os.name == 'nt': + sniffing(host, 1, socket.IPPROTO_IP) + else: + sniffing(host, 0, socket.IPPROTO_ICMP) + + +if __name__ == '__main__': + main(HOST) \ No newline at end of file diff --git a/Medium_articles/python_sniff_scanner/udp_sender_example.py b/Medium_articles/python_sniff_scanner/udp_sender_example.py new file mode 100644 index 0000000..35945f5 --- /dev/null +++ b/Medium_articles/python_sniff_scanner/udp_sender_example.py @@ -0,0 +1,69 @@ +import os +import time +import socket +import struct +import ctypes +import threading + +from netaddr import IPNetwork, IPAddress +from ICMPHeader import ICMP + + +# host to listen on +HOST = '192.168.1.114' + +# subnet to target (iterates through all IP address in this subnet) +SUBNET = '192.168.1.0/24' + +# string signature +MESSAGE = 'hellooooo' + + + +def udp_sender(SUBNET, MESSAGE): + ''' Sprays out the udp datagram''' + time.sleep(5) + sender = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + for ip in IPNetwork(SUBNET): + try: + sender.sendto(MESSAGE, (str(ip), 65212)) + except: + pass + + + +def main(): + + t = threading.Thread(target=udp_sender, args=(SUBNET, MESSAGE)) + t.start() + socket_protocol = socket.IPPROTO_ICMP + + sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol) + sniffer.bind(( HOST, 0 )) + sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) + + # continually read in packets and parse their information + while True: + raw_buffer = sniffer.recvfrom(65565)[0] + ip_header = raw_buffer[0:20] + iph = struct.unpack('!BBHHHBBH4s4s' , ip_header) + + # Create our IP structure + version_ihl = iph[0] + ihl = version_ihl & 0xF + iph_length = ihl * 4 + src_addr = socket.inet_ntoa(iph[8]); + + # Create our ICMP structure + buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)] + icmp_header = ICMP(buf) + + # check for the type 3 and code and within our target subnet + if icmp_header.code == 3 and icmp_header.type == 3: + if IPAddress(src_addr) in IPNetwork(SUBNET): + if raw_buffer[len(raw_buffer) - len(MESSAGE):] == MESSAGE: + print(f'Host up: {src_addr}') + + +if __name__ == '__main__': + main() \ No newline at end of file diff --git a/README.md b/README.md index 7a1b006..2880b2f 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ * [CLI with Argparse](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Argparse_app). * [Dashboards with Dash and Plot.ly](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/dash_app). * [Testing in Python](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Testing). +* [Medium examples](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Medium_articles).