david/netsec-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

start ttl

Browse Source
This commit is contained in:
David Westgate 2024-06-13 01:56:39 -07:00
parent ab6835ceeb
commit 61c2e1b565
3 changed files with 39 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
final/final.md
View File

@ -155,7 +155,7 @@ Like before, discarded/dropped frames number only 1 or 2 over a period of severa
Now it is time to do something interesting with pitap by capturing and forwarding the traffic. Now it is time to do something interesting with pitap by capturing and forwarding the traffic.
The script [`capture.py`](./capture.py) is intended to do just this. Using scapy, the script works by sniffing all traffic on an interface provided from arguments, and saving those to a unique timestamped file. Every time a file is saved, it attempts to transmit them to a supplied ip address and port (defaults to my workstation on LAN) with the intention that a listening netcat server can capture and save the contents. The script [`capture.py`](./scripts/capture.py) is intended to do just this. Using scapy, the script works by sniffing all traffic on an interface provided from arguments, and saving those to a unique timestamped file. Every time a file is saved, it attempts to transmit them to a supplied ip address and port (defaults to my workstation on LAN) with the intention that a listening netcat server can capture and save the contents.
The professional thing to do here would be to connect the raspberry pi via wifi to an entirely seperate network, or even to set it up as an access point so that way it can communicate with a netcat server running off the network I am snooping on. However, since we are no longer evaluating the transparency of the pitap I will keep things simple for the sake of time by just connecting pitap via wifi to my router again. I will also be running the netcat server on my workstation, which is the same one consuming the RTSP stream from reolink while I capture. This should all be fine, since transmission to the netcat server will be exclusively over wifi and not on ethernet. The professional thing to do here would be to connect the raspberry pi via wifi to an entirely seperate network, or even to set it up as an access point so that way it can communicate with a netcat server running off the network I am snooping on. However, since we are no longer evaluating the transparency of the pitap I will keep things simple for the sake of time by just connecting pitap via wifi to my router again. I will also be running the netcat server on my workstation, which is the same one consuming the RTSP stream from reolink while I capture. This should all be fine, since transmission to the netcat server will be exclusively over wifi and not on ethernet.
@ -192,3 +192,11 @@ Here is a look at `received_file-1.pcap` in wireshark. For this capture, I start
### 6. Attack ### 6. Attack
To wrap up, I will create three MiTM style attacks that can be executed by the pitap
#### 6a. TTL=65
#### 6b.
#### 6c.

0
final/capture.py → final/scripts/capture.py
View File

29
final/scripts/ttl.py Normal file
View File

@ -0,0 +1,29 @@
import sys
from scapy.all import sniff, send, IP
from datetime import datetime
modifications = 0
def modify_packet(packet):
if packet.haslayer(IP):
if packet[IP].ttl != 65:
packet[IP].ttl = 65
modifications += 1
send(packet)
if __name__ == "__main__":
if len(sys.argv) != 2:
print(f"Usage: {sys.argv[0]} <interface>")
sys.exit(1)
interface = sys.argv[1]
start_time = datetime.now()
print(f"Script started at: {start_time.strftime('%Y-%m-%d %H:%M:%S')}")
packets = sniff(filter="ip", iface=interface, timeout=30*1, prn=modify_packet)
end_time = datetime.now()
print(f"Script ended at: {end_time.strftime('%Y-%m-%d %H:%M:%S')}")
print(f"{modifications} packets modified")