本文整理匯總了Python中scapy.error.log_runtime.info方法的典型用法代碼示例。如果您正苦於以下問題:Python log_runtime.info方法的具體用法?Python log_runtime.info怎麽用?Python log_runtime.info使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類scapy.error.log_runtime的用法示例。
在下文中一共展示了log_runtime.info方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: deal_common_pkt
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def deal_common_pkt(self, pkt):
# Send to DHCP server
# LLC / SNAP to Ether
if SNAP in pkt:
ether_pkt = Ether(src=self.client, dst=self.mac) / pkt[SNAP].payload # noqa: E501
self.dhcp_server.reply(ether_pkt)
# If an ARP request is made, extract client IP and answer
if ARP in pkt and \
pkt[ARP].op == 1 and pkt[ARP].pdst == self.dhcp_server.gw:
if self.arp_target_ip is None:
self.arp_target_ip = pkt[ARP].psrc
log_runtime.info("Detected IP: %s", self.arp_target_ip)
# Reply
ARP_ans = LLC() / SNAP() / ARP(
op="is-at",
psrc=self.arp_source_ip,
pdst=self.arp_target_ip,
hwsrc=self.mac,
hwdst=self.client,
)
self.send_wpa_to_client(ARP_ans)
# States 示例2: post_dissection_tls_session_update
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def post_dissection_tls_session_update(self, msg_str):
self.tls_session_update(msg_str)
s = self.tls_session
test = (len(s.client_certs) > 0 and
s.sslv2_key_material is not None and
s.sslv2_challenge_clientcert is not None and
len(s.server_certs) > 0)
if test:
m = (s.sslv2_key_material +
s.sslv2_challenge_clientcert +
s.server_certs[0].der)
sig_test = self.responsedata._verify_sig(m, s.client_certs[0])
if not sig_test:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: invalid client CertificateVerify signature [%s]", pkt_info) # noqa: E501 示例3: post_build
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def post_build(self, pkt, pay):
if not self.tls_session.frozen and self.server_share.privkey:
# if there is a privkey, we assume the crypto library is ok
privshare = self.tls_session.tls13_server_privshare
if len(privshare) > 0:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: overwriting previous server key share [%s]", pkt_info) # noqa: E501
group_name = _tls_named_groups[self.server_share.group]
privshare[group_name] = self.server_share.privkey
if group_name in self.tls_session.tls13_client_pubshares:
privkey = self.server_share.privkey
pubkey = self.tls_session.tls13_client_pubshares[group_name]
if group_name in six.itervalues(_tls_named_ffdh_groups):
pms = privkey.exchange(pubkey)
elif group_name in six.itervalues(_tls_named_curves):
if group_name in ["x25519", "x448"]:
pms = privkey.exchange(pubkey)
else:
pms = privkey.exchange(ec.ECDH(), pubkey)
self.tls_session.tls13_dhe_secret = pms
return super(TLS_Ext_KeyShare_SH, self).post_build(pkt, pay) 示例4: _tls_auth_decrypt
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def _tls_auth_decrypt(self, s):
"""
Provided with the record header and AEAD-ciphered data, return the
sliced and clear tuple (TLSInnerPlaintext, tag). Note that
we still return the slicing of the original input in case of decryption
failure. Also, if the integrity check fails, a warning will be issued,
but we still return the sliced (unauthenticated) plaintext.
"""
rcs = self.tls_session.rcs
read_seq_num = struct.pack("!Q", rcs.seq_num)
rcs.seq_num += 1
add_data = (pkcs_i2osp(self.type, 1) +
pkcs_i2osp(self.version, 2) +
pkcs_i2osp(len(s), 2))
try:
return rcs.cipher.auth_decrypt(add_data, s, read_seq_num)
except CipherError as e:
return e.args
except AEADTagError as e:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: record integrity check failed [%s]", pkt_info) # noqa: E501
return e.args 示例5: post_dissection
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def post_dissection(self, pkt):
"""
While previously dissecting Server*DHParams, the session
server_kx_pubkey should have been updated.
XXX Add a 'fixed_dh' OR condition to the 'anonymous' test.
"""
s = self.tls_session
if s.prcs and s.prcs.key_exchange.no_ske:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: useless ServerKeyExchange [%s]", pkt_info)
if (s.prcs and
not s.prcs.key_exchange.anonymous and
s.client_random and s.server_random and
s.server_certs and len(s.server_certs) > 0):
m = s.client_random + s.server_random + raw(self.params)
sig_test = self.sig._verify_sig(m, s.server_certs[0])
if not sig_test:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: invalid ServerKeyExchange signature [%s]", pkt_info) # noqa: E501
###############################################################################
# CertificateRequest #
############################################################################### 示例6: _tls_auth_decrypt
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def _tls_auth_decrypt(self, hdr, s):
"""
Provided with the record header and AEAD-ciphered data, return the
sliced and clear tuple (nonce, TLSCompressed.fragment, mac). Note that
we still return the slicing of the original input in case of decryption
failure. Also, if the integrity check fails, a warning will be issued,
but we still return the sliced (unauthenticated) plaintext.
"""
try:
read_seq_num = struct.pack("!Q", self.tls_session.rcs.seq_num)
self.tls_session.rcs.seq_num += 1
# self.type and self.version have not been parsed yet,
# this is why we need to look into the provided hdr.
add_data = read_seq_num + hdr[:3]
# Last two bytes of add_data are appended by the return function
return self.tls_session.rcs.cipher.auth_decrypt(add_data, s,
read_seq_num)
except CipherError as e:
return e.args
except AEADTagError as e:
pkt_info = self.firstlayer().summary()
log_runtime.info("TLS: record integrity check failed [%s]", pkt_info) # noqa: E501
return e.args 示例7: update
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def update(self, data):
"""Update info about network interface according to given dnet dictionary"""
self.name = data["name"]
self.description = data['description']
self.win_index = data['win_index']
# Other attributes are optional
if conf.use_winpcapy:
self._update_pcapdata()
try:
self.ip = socket.inet_ntoa(get_if_raw_addr(data['guid']))
except (KeyError, AttributeError, NameError):
pass
try:
self.mac = data['mac']
except KeyError:
pass 示例8: update
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def update(self, dnetdict):
"""Update info about network interface according to given dnet dictionary"""
self.name = dnetdict["name"]
# Other attributes are optional
try:
self.ip = socket.inet_ntoa(dnetdict["addr"].ip)
except (KeyError, AttributeError, NameError):
pass
try:
self.mac = dnetdict["link_addr"]
except KeyError:
pass
self._update_pcapdata() 示例9: build_ap_info_pkt
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def build_ap_info_pkt(self, layer_cls, dest):
"""Build a packet with info describing the current AP
For beacon / proberesp use
"""
return RadioTap() \
/ Dot11(addr1=dest, addr2=self.mac, addr3=self.mac) \
/ layer_cls(timestamp=0, beacon_interval=100,
cap='ESS+privacy') \
/ Dot11Elt(ID="SSID", info=self.ssid) \
/ Dot11EltRates(rates=[130, 132, 139, 150, 12, 18, 24, 36]) \
/ Dot11Elt(ID="DSset", info=chb(self.channel)) \
/ Dot11EltRSN(group_cipher_suite=RSNCipherSuite(cipher=0x2),
pairwise_cipher_suites=[RSNCipherSuite(cipher=0x2)],
akm_suites=[AKMSuite(suite=0x2)]) 示例10: probe_request_received
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def probe_request_received(self, pkt):
# Avoid packet from other interfaces
if RadioTap not in pkt:
return
if Dot11ProbeReq in pkt and pkt[Dot11Elt::{'ID': 0}].info == self.ssid:
raise self.WAIT_AUTH_REQUEST().action_parameters(pkt) 示例11: assoc_received
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def assoc_received(self, pkt):
if Dot11AssoReq in pkt and pkt.addr1 == pkt.addr3 == self.mac and \
pkt[Dot11Elt::{'ID': 0}].info == self.ssid:
raise self.ASSOC_RESPONSE_SENT().action_parameters(pkt) 示例12: send_assoc_response
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def send_assoc_response(self, pkt):
# Get RSN info
temp_pkt = pkt[Dot11Elt::{"ID": 48}].copy()
temp_pkt.remove_payload()
self.RSN = raw(temp_pkt)
# Avoid 802.11w, etc. (deactivate RSN capabilities)
self.RSN = self.RSN[:-2] + b"\x00\x00"
rep = RadioTap()
rep /= Dot11(addr1=self.client, addr2=self.mac, addr3=self.mac)
rep /= Dot11AssoResp()
rep /= Dot11EltRates(rates=[130, 132, 139, 150, 12, 18, 24, 36])
self.send(rep) 示例13: send_arp_req
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def send_arp_req(self):
if self.krack_state & 4 == 0:
# Set the address for future uses
self.arp_target_ip = self.dhcp_server.leases.get(self.client,
self.arp_target_ip) # noqa: E501
assert self.arp_target_ip is not None
# Send the first ARP requests, for control test
log_runtime.info("Send ARP who-was from '%s' to '%s'",
self.arp_source_ip,
self.arp_target_ip)
arp_pkt = self.send_wpa_to_group(
LLC() / SNAP() / ARP(op="who-has",
psrc=self.arp_source_ip,
pdst=self.arp_target_ip,
hwsrc=self.mac),
dest='ff:ff:ff:ff:ff:ff',
)
self.arp_sent.append(arp_pkt)
else:
if self.arp_to_send < len(self.arp_sent):
# Re-send the ARP requests already sent
self.send(self.arp_sent[self.arp_to_send])
self.arp_to_send += 1
else:
# Re-send GTK
self.arp_to_send = 0
self.arp_retry += 1
log_runtime.info("Trying to trigger CVE-2017-13080 %d/%d",
self.arp_retry, self.ARP_MAX_RETRY)
if self.arp_retry > self.ARP_MAX_RETRY:
# We retries 100 times to send GTK, then already sent ARPs
log_runtime.warning("Client is likely not vulnerable to "
"CVE-2017-13080")
raise self.EXIT()
raise self.RENEW_GTK() 示例14: check_arp_reply
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def check_arp_reply(self, pkt):
data = parse_data_pkt(pkt, self.tk)
try:
data_clear = check_MIC_ICV(data, self.mic_sta_to_ap, pkt.addr2,
pkt.addr3)
except (ICVError, MICError):
return
decoded_pkt = LLC(data_clear)
log_runtime.debug(hexdump(decoded_pkt, dump=True))
log_runtime.debug(repr(decoded_pkt))
self.deal_common_pkt(decoded_pkt)
if ARP not in decoded_pkt:
return
# ARP.op 2: is-at
if decoded_pkt[ARP].op == 2 and \
decoded_pkt[ARP].psrc == self.arp_target_ip and \
decoded_pkt[ARP].pdst == self.arp_source_ip:
# Got the expected ARP
if self.krack_state & 4 == 0:
# First time, normal behavior
log_runtime.info("Got ARP reply, this is normal")
self.krack_state |= 4
log_runtime.info("Trying to trigger CVE-2017-13080")
raise self.RENEW_GTK()
else:
# Second time, the packet has been accepted twice!
log_runtime.warning("Broadcast packet accepted twice!! "
"(CVE-2017-13080)") 示例15: post_dissection
# 需要導入模塊: from scapy.error import log_runtime [as 別名]
# 或者: from scapy.error.log_runtime import info [as 別名]
def post_dissection(self, pkt):
s = self.tls_session
if s.sslv2_challenge is not None:
if self.challenge != s.sslv2_challenge:
pkt_info = pkt.firstlayer().summary()
log_runtime.info("TLS: invalid ServerVerify received [%s]", pkt_info) # noqa: E501
###############################################################################
# RequestCertificate #
###############################################################################