add sniff examples

Medium_articles/README.md

@@ -3,4 +3,6 @@
 This directory holds any code and snippet that I have published in Medium:
 
 
-* [Learn Networking with Python’s Socket and Threading Module 🚀](https://medium.com/python-for-the-utopian/learning-networking-with-pythons-socket-and-threading-module-30dc77e1fc59).
+* [Learn Networking with Python’s Socket and Threading Module 🚀](https://medium.com/python-for-the-utopian/learning-networking-with-pythons-socket-and-threading-module-30dc77e1fc59).
+* [Understand the SSH Protocol with Python 🐍](https://medium.com/python-for-the-utopian/writing-ssh-client-and-server-in-python-b5b330c983d3).
+* [Building a Snifffffing Scanner in Python 💣](https://medium.com/python-for-the-utopian/building-a-udp-scanner-in-python-84e62947aab7).

Medium_articles/python_sniff_scanner/icmp_example.py

@@ -0,0 +1,17 @@
+import ctypes
+
+
+class ICMP(ctypes.Structure):
+    _fields_ = [
+               ('type',        ctypes.c_ubyte),
+               ('code',        ctypes.c_ubyte),
+               ('checksum',    ctypes.c_ushort),
+               ('unused',      ctypes.c_ushort),
+               ('next_hop_mtu',ctypes.c_ushort)
+               ]
+               
+    def __new__(self, socket_buffer):
+        return self.from_buffer_copy(socket_buffer)
+        
+    def __init__(self, socket_buffer):
+        pass

Medium_articles/python_sniff_scanner/main_example.py

@@ -0,0 +1,44 @@
+import socket
+import os
+import struct
+import ctypes
+
+from ICMPHeader import ICMP
+
+
+# host to listen on
+HOST = '192.168.1.114'
+
+
+def main():
+    socket_protocol = socket.IPPROTO_ICMP
+    sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
+    sniffer.bind(( HOST, 0 ))
+    sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
+    
+    while True:
+        raw_buffer = sniffer.recvfrom(65565)[0]
+        ip_header = raw_buffer[0:20]
+        iph = struct.unpack('!BBHHHBBH4s4s' , ip_header)
+
+        # Create our IP structure
+        version_ihl = iph[0]
+        version = version_ihl >> 4
+        ihl = version_ihl & 0xF
+        iph_length = ihl * 4
+        ttl = iph[5]
+        protocol = iph[6]
+        s_addr = socket.inet_ntoa(iph[8]);
+        d_addr = socket.inet_ntoa(iph[9]);
+        print('IP -> Version:' + str(version) + ', Header Length:' + str(ihl) + \
+        ', TTL:' + str(ttl) + ', Protocol:' + str(protocol) + ', Source:'\
+         + str(s_addr) + ', Destination:' + str(d_addr))
+
+        # Create our ICMP structure
+        buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)]
+        icmp_header = ICMP(buf)
+        print('ICMP -> Type:{0}, Code:{1}'.format((icmp_header.type, icmp_header.code)))
+
+
+if __name__ == '__main__':
+    main()

Medium_articles/python_sniff_scanner/sniff_example.py

@@ -0,0 +1,33 @@
+import os
+import socket
+
+
+# host to listen
+HOST = '192.168.1.114'
+
+
+def sniffing(host, win, socket_prot):
+
+    while True:
+        sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_prot)
+        sniffer.bind((host, 0))
+        
+        # include the IP headers in the captured packets
+        sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
+
+        if win == 1:
+            sniffer.ioctl(socket.SIO_RCVALL, socket_RCVALL_ON)
+
+        # read in a single packet
+        print(sniffer.recvfrom(65565))
+
+
+def main(host):
+    if os.name == 'nt':
+        sniffing(host, 1, socket.IPPROTO_IP)
+    else:
+        sniffing(host, 0, socket.IPPROTO_ICMP)
+
+
+if __name__ == '__main__':
+    main(HOST)

Medium_articles/python_sniff_scanner/udp_sender_example.py

@@ -0,0 +1,69 @@
+import os
+import time
+import socket
+import struct
+import ctypes
+import threading
+
+from netaddr import IPNetwork, IPAddress
+from ICMPHeader import ICMP
+
+
+# host to listen on
+HOST = '192.168.1.114'
+
+# subnet to target (iterates through all IP address in this subnet)
+SUBNET = '192.168.1.0/24'
+
+# string signature
+MESSAGE = 'hellooooo'
+
+
+
+def udp_sender(SUBNET, MESSAGE):
+    ''' Sprays out the udp datagram'''
+    time.sleep(5)
+    sender = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    for ip in IPNetwork(SUBNET):
+        try:
+            sender.sendto(MESSAGE, (str(ip), 65212))
+        except:
+            pass
+
+
+
+def main():
+
+    t = threading.Thread(target=udp_sender, args=(SUBNET, MESSAGE))
+    t.start()
+    socket_protocol = socket.IPPROTO_ICMP
+
+    sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
+    sniffer.bind(( HOST, 0 ))
+    sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
+
+    # continually read in packets and parse their information
+    while True:
+        raw_buffer = sniffer.recvfrom(65565)[0]
+        ip_header = raw_buffer[0:20]
+        iph = struct.unpack('!BBHHHBBH4s4s' , ip_header)
+
+        # Create our IP structure
+        version_ihl = iph[0]
+        ihl = version_ihl & 0xF
+        iph_length = ihl * 4
+        src_addr = socket.inet_ntoa(iph[8]);
+
+        # Create our ICMP structure
+        buf = raw_buffer[iph_length:iph_length + ctypes.sizeof(ICMP)]
+        icmp_header = ICMP(buf)
+        
+        # check for the type 3 and code and within our target subnet
+        if icmp_header.code == 3 and icmp_header.type == 3:
+            if IPAddress(src_addr) in IPNetwork(SUBNET):
+                if raw_buffer[len(raw_buffer) - len(MESSAGE):] == MESSAGE:
+                    print(f'Host up: {src_addr}')
+
+
+if __name__ == '__main__':
+    main()

README.md

@@ -4,6 +4,7 @@
 * [CLI with Argparse](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Argparse_app).
 * [Dashboards with Dash and Plot.ly](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/dash_app).
 * [Testing in Python](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Testing).
+* [Medium examples](https://github.com/bt3gl/Awesome_Python_Boilerplates/tree/master/Medium_articles).