update ttl script

final/final.md

@@ -197,6 +197,8 @@ To wrap up, I will create three MiTM style attacks that can be executed by the p
 
 #### 6a. TTL=65
 
+This is a simple script found in [ttl.py](./scripts/ttl.py). The idea here is to modify all TTL (time-to-live) values in ipv4 and ipv6 packets passing through the pitap and set them to 65, if they are not already 65. This logic could be extended to include any known packet type which contains a TTL field. We also keep a tally of the number of packets modified
+
 #### 6b.
 
 #### 6c.

final/scripts/ttl.py

@@ -1,5 +1,5 @@
 import sys
-from scapy.all import sniff, send, IP
+from scapy.all import sniff, send, IP, IPv6
 from datetime import datetime
 
 modifications = 0
@@ -9,6 +9,11 @@ def modify_packet(packet):
         if packet[IP].ttl != 65:
             packet[IP].ttl = 65
             modifications += 1
+    elif packet.haslayer(IPv6):
+        if packet[IPv6].ttl != 65:
+            packet[IPv6].ttl = 65
+            modifications += 1
+    #Can be extented with other protocols which have TTL
     send(packet)
 
 
@@ -22,7 +27,7 @@ if __name__ == "__main__":
     start_time = datetime.now()
     print(f"Script started at: {start_time.strftime('%Y-%m-%d %H:%M:%S')}")
 
-    packets = sniff(filter="ip", iface=interface, timeout=30*1, prn=modify_packet)
+    packets = sniff(filter="ip or ipv6", iface=interface, timeout=30*1, prn=modify_packet)
 
     end_time = datetime.now()
     print(f"Script ended at: {end_time.strftime('%Y-%m-%d %H:%M:%S')}")