本文整理汇总了Python中scapy.error.log_runtime.info方法的典型用法代码示例。如果您正苦于以下问题:Python log_runtime.info方法的具体用法?Python log_runtime.info怎么用?Python log_runtime.info使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类scapy.error.log_runtime
的用法示例。
在下文中一共展示了log_runtime.info方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: deal_common_pkt
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def deal_common_pkt(self, pkt):
# Send to DHCP server
# LLC / SNAP to Ether
if SNAP in pkt:
ether_pkt = Ether(src=self.client, dst=self.mac) / pkt[SNAP].payload # noqa: E501
self.dhcp_server.reply(ether_pkt)
# If an ARP request is made, extract client IP and answer
if ARP in pkt and \
pkt[ARP].op == 1 and pkt[ARP].pdst == self.dhcp_server.gw:
if self.arp_target_ip is None:
self.arp_target_ip = pkt[ARP].psrc
log_runtime.info("Detected IP: %s", self.arp_target_ip)
# Reply
ARP_ans = LLC() / SNAP() / ARP(
op="is-at",
psrc=self.arp_source_ip,
pdst=self.arp_target_ip,
hwsrc=self.mac,
hwdst=self.client,
)
self.send_wpa_to_client(ARP_ans)
# States
示例2: post_dissection_tls_session_update
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def post_dissection_tls_session_update(self, msg_str):
self.tls_session_update(msg_str)
s = self.tls_session
test = (len(s.client_certs) > 0 and
s.sslv2_key_material is not None and
s.sslv2_challenge_clientcert is not None and
len(s.server_certs) > 0)
if test:
m = (s.sslv2_key_material +
s.sslv2_challenge_clientcert +
s.server_certs[0].der)
sig_test = self.responsedata._verify_sig(m, s.client_certs[0])
if not sig_test:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: invalid client CertificateVerify signature [%s]", pkt_info) # noqa: E501
示例3: post_build
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def post_build(self, pkt, pay):
if not self.tls_session.frozen and self.server_share.privkey:
# if there is a privkey, we assume the crypto library is ok
privshare = self.tls_session.tls13_server_privshare
if len(privshare) > 0:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: overwriting previous server key share [%s]", pkt_info) # noqa: E501
group_name = _tls_named_groups[self.server_share.group]
privshare[group_name] = self.server_share.privkey
if group_name in self.tls_session.tls13_client_pubshares:
privkey = self.server_share.privkey
pubkey = self.tls_session.tls13_client_pubshares[group_name]
if group_name in six.itervalues(_tls_named_ffdh_groups):
pms = privkey.exchange(pubkey)
elif group_name in six.itervalues(_tls_named_curves):
if group_name in ["x25519", "x448"]:
pms = privkey.exchange(pubkey)
else:
pms = privkey.exchange(ec.ECDH(), pubkey)
self.tls_session.tls13_dhe_secret = pms
return super(TLS_Ext_KeyShare_SH, self).post_build(pkt, pay)
示例4: _tls_auth_decrypt
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def _tls_auth_decrypt(self, s):
"""
Provided with the record header and AEAD-ciphered data, return the
sliced and clear tuple (TLSInnerPlaintext, tag). Note that
we still return the slicing of the original input in case of decryption
failure. Also, if the integrity check fails, a warning will be issued,
but we still return the sliced (unauthenticated) plaintext.
"""
rcs = self.tls_session.rcs
read_seq_num = struct.pack("!Q", rcs.seq_num)
rcs.seq_num += 1
add_data = (pkcs_i2osp(self.type, 1) +
pkcs_i2osp(self.version, 2) +
pkcs_i2osp(len(s), 2))
try:
return rcs.cipher.auth_decrypt(add_data, s, read_seq_num)
except CipherError as e:
return e.args
except AEADTagError as e:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: record integrity check failed [%s]", pkt_info) # noqa: E501
return e.args
示例5: post_dissection
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def post_dissection(self, pkt):
"""
While previously dissecting Server*DHParams, the session
server_kx_pubkey should have been updated.
XXX Add a 'fixed_dh' OR condition to the 'anonymous' test.
"""
s = self.tls_session
if s.prcs and s.prcs.key_exchange.no_ske:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: useless ServerKeyExchange [%s]", pkt_info)
if (s.prcs and
not s.prcs.key_exchange.anonymous and
s.client_random and s.server_random and
s.server_certs and len(s.server_certs) > 0):
m = s.client_random + s.server_random + raw(self.params)
sig_test = self.sig._verify_sig(m, s.server_certs[0])
if not sig_test:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: invalid ServerKeyExchange signature [%s]", pkt_info) # noqa: E501
###############################################################################
# CertificateRequest #
###############################################################################
示例6: _tls_auth_decrypt
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def _tls_auth_decrypt(self, hdr, s):
"""
Provided with the record header and AEAD-ciphered data, return the
sliced and clear tuple (nonce, TLSCompressed.fragment, mac). Note that
we still return the slicing of the original input in case of decryption
failure. Also, if the integrity check fails, a warning will be issued,
but we still return the sliced (unauthenticated) plaintext.
"""
try:
read_seq_num = struct.pack("!Q", self.tls_session.rcs.seq_num)
self.tls_session.rcs.seq_num += 1
# self.type and self.version have not been parsed yet,
# this is why we need to look into the provided hdr.
add_data = read_seq_num + hdr[:3]
# Last two bytes of add_data are appended by the return function
return self.tls_session.rcs.cipher.auth_decrypt(add_data, s,
read_seq_num)
except CipherError as e:
return e.args
except AEADTagError as e:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: record integrity check failed [%s]", pkt_info) # noqa: E501
return e.args
示例7: update
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def update(self, data):
"""Update info about network interface according to given dnet dictionary"""
self.name = data["name"]
self.description = data['description']
self.win_index = data['win_index']
# Other attributes are optional
if conf.use_winpcapy:
self._update_pcapdata()
try:
self.ip = socket.inet_ntoa(get_if_raw_addr(data['guid']))
except (KeyError, AttributeError, NameError):
pass
try:
self.mac = data['mac']
except KeyError:
pass
示例8: update
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def update(self, dnetdict):
"""Update info about network interface according to given dnet dictionary"""
self.name = dnetdict["name"]
# Other attributes are optional
try:
self.ip = socket.inet_ntoa(dnetdict["addr"].ip)
except (KeyError, AttributeError, NameError):
pass
try:
self.mac = dnetdict["link_addr"]
except KeyError:
pass
self._update_pcapdata()
示例9: build_ap_info_pkt
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def build_ap_info_pkt(self, layer_cls, dest):
"""Build a packet with info describing the current AP
For beacon / proberesp use
"""
return RadioTap() \
/ Dot11(addr1=dest, addr2=self.mac, addr3=self.mac) \
/ layer_cls(timestamp=0, beacon_interval=100,
cap='ESS+privacy') \
/ Dot11Elt(ID="SSID", info=self.ssid) \
/ Dot11EltRates(rates=[130, 132, 139, 150, 12, 18, 24, 36]) \
/ Dot11Elt(ID="DSset", info=chb(self.channel)) \
/ Dot11EltRSN(group_cipher_suite=RSNCipherSuite(cipher=0x2),
pairwise_cipher_suites=[RSNCipherSuite(cipher=0x2)],
akm_suites=[AKMSuite(suite=0x2)])
示例10: probe_request_received
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def probe_request_received(self, pkt):
# Avoid packet from other interfaces
if RadioTap not in pkt:
return
if Dot11ProbeReq in pkt and pkt[Dot11Elt::{'ID': 0}].info == self.ssid:
raise self.WAIT_AUTH_REQUEST().action_parameters(pkt)
示例11: assoc_received
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def assoc_received(self, pkt):
if Dot11AssoReq in pkt and pkt.addr1 == pkt.addr3 == self.mac and \
pkt[Dot11Elt::{'ID': 0}].info == self.ssid:
raise self.ASSOC_RESPONSE_SENT().action_parameters(pkt)
示例12: send_assoc_response
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def send_assoc_response(self, pkt):
# Get RSN info
temp_pkt = pkt[Dot11Elt::{"ID": 48}].copy()
temp_pkt.remove_payload()
self.RSN = raw(temp_pkt)
# Avoid 802.11w, etc. (deactivate RSN capabilities)
self.RSN = self.RSN[:-2] + b"\x00\x00"
rep = RadioTap()
rep /= Dot11(addr1=self.client, addr2=self.mac, addr3=self.mac)
rep /= Dot11AssoResp()
rep /= Dot11EltRates(rates=[130, 132, 139, 150, 12, 18, 24, 36])
self.send(rep)
示例13: send_arp_req
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def send_arp_req(self):
if self.krack_state & 4 == 0:
# Set the address for future uses
self.arp_target_ip = self.dhcp_server.leases.get(self.client,
self.arp_target_ip) # noqa: E501
assert self.arp_target_ip is not None
# Send the first ARP requests, for control test
log_runtime.info("Send ARP who-was from '%s' to '%s'",
self.arp_source_ip,
self.arp_target_ip)
arp_pkt = self.send_wpa_to_group(
LLC() / SNAP() / ARP(op="who-has",
psrc=self.arp_source_ip,
pdst=self.arp_target_ip,
hwsrc=self.mac),
dest='ff:ff:ff:ff:ff:ff',
)
self.arp_sent.append(arp_pkt)
else:
if self.arp_to_send < len(self.arp_sent):
# Re-send the ARP requests already sent
self.send(self.arp_sent[self.arp_to_send])
self.arp_to_send += 1
else:
# Re-send GTK
self.arp_to_send = 0
self.arp_retry += 1
log_runtime.info("Trying to trigger CVE-2017-13080 %d/%d",
self.arp_retry, self.ARP_MAX_RETRY)
if self.arp_retry > self.ARP_MAX_RETRY:
# We retries 100 times to send GTK, then already sent ARPs
log_runtime.warning("Client is likely not vulnerable to "
"CVE-2017-13080")
raise self.EXIT()
raise self.RENEW_GTK()
示例14: check_arp_reply
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def check_arp_reply(self, pkt):
data = parse_data_pkt(pkt, self.tk)
try:
data_clear = check_MIC_ICV(data, self.mic_sta_to_ap, pkt.addr2,
pkt.addr3)
except (ICVError, MICError):
return
decoded_pkt = LLC(data_clear)
log_runtime.debug(hexdump(decoded_pkt, dump=True))
log_runtime.debug(repr(decoded_pkt))
self.deal_common_pkt(decoded_pkt)
if ARP not in decoded_pkt:
return
# ARP.op 2: is-at
if decoded_pkt[ARP].op == 2 and \
decoded_pkt[ARP].psrc == self.arp_target_ip and \
decoded_pkt[ARP].pdst == self.arp_source_ip:
# Got the expected ARP
if self.krack_state & 4 == 0:
# First time, normal behavior
log_runtime.info("Got ARP reply, this is normal")
self.krack_state |= 4
log_runtime.info("Trying to trigger CVE-2017-13080")
raise self.RENEW_GTK()
else:
# Second time, the packet has been accepted twice!
log_runtime.warning("Broadcast packet accepted twice!! "
"(CVE-2017-13080)")
示例15: post_dissection
# 需要导入模块: from scapy.error import log_runtime [as 别名]
# 或者: from scapy.error.log_runtime import info [as 别名]
def post_dissection(self, pkt):
s = self.tls_session
if s.sslv2_challenge is not None:
if self.challenge != s.sslv2_challenge:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: invalid ServerVerify received [%s]", pkt_info) # noqa: E501
###############################################################################
# RequestCertificate #
###############################################################################