Update pinject.py

Author: OffensivePython

pinject.py

@@ -3,6 +3,7 @@
 import threading
 import time
 import sys
+import random
 from optparse import OptionParser
 
 ETH_P_IP = 0x0800 # Internet Protocol Packet
@@ -18,95 +19,36 @@ def checksum(data):
         s = (s & 0xFFFF) + (s >> 16)
     s = ~s & 0xffff
     return s
-
-def recv(event, iface, src, dst, srcp, dstp, buff, timeout):
-    """
-        event: should be set when a packet is sent
-        src: source ip
-        dst: destination ip
-        srcp: source port
-        dstp: destination port
-        buff: buffer for received data
-    """
-    sock = socket.socket(socket.AF_PACKET,
-                         socket.SOCK_DGRAM,
-                         socket.htons(ETH_P_IP))
-    sock.settimeout(timeout)
-    sock.bind((iface, ETH_P_IP))
-    event.wait()
-    while True:
-        try:
-            data, sa_ll = sock.recvfrom(65535)
-            if sa_ll[1]==ETH_P_IP and sa_ll[2]==socket.PACKET_HOST:
-                break # break if we captured incoming ip packet,
-        except socket.timeout:
-            sock.close()
-            return 
-            
-    sip = data[12:16] # src ip
-    dip = data[16:20] # dst ip
-    sp = data[20:22]  # src port
-    dp = data[22:24]  # dst port
-    if sip==dst and dip==src and sp==dstp and dp==srcp:
-        buff.append(data) # return received packet
-        event.clear()
-    sock.close()
 
-def send(network, transport, payload="", iface=None, retry=3, timeout=1):
-    if timeout<=0:
-        # Avoid entering an infinite waiting loop
-        timeout = 0.1
-    response = []
-    event = threading.Event()
-    sock = socket.socket(socket.AF_INET,
-                         socket.SOCK_RAW,
-                         socket.IPPROTO_RAW)
-    # Extracting identifiers
-    # ip
-    src = network.source
-    dst = network.destination
-    # port
-    srcp = struct.pack("!H", transport.srcp)
-    dstp = struct.pack("!H", transport.dstp)
-    
-    transport.payload = payload
-    packet = network.pack() + transport.pack(network.source, network.destination) + payload
-    
-    for i in range(retry):
-        t = threading.Thread(target=recv,
-                             args=(event, iface,
-                                   src, dst, srcp,
-                                   dstp, response, timeout)
-                             )
-        t.start()
-        sock.sendto(packet, (socket.inet_ntoa(dst), 0))
-        event.set()
-        t.join()
-        if not event.isSet():
-            break
-    
-    if event.isSet():
-        return None
-    else:
-        return response[0]
-
 class layer():
     pass
 
+class ETHER(object):
+    def __init__(self, src, dst, type=ETH_P_IP):
+        self.src = src
+        self.dst = dst
+        self.type = type
+    def pack(self):
+        ethernet = struct.pack('!6s6sH',
+        self.dst,
+        self.src,
+        self.type)
+        return ethernet
+
 class IP(object):
-    def __init__(self, source, destination):
-                self.version = 4
-                self.ihl = 5 # Internet Header Length
-                self.tos = 0 # Type of Service
-                self.tl = 0 # total length will be filled by kernel
-                self.id = 54321
-                self.flags = 0
-                self.offset = 0
-                self.ttl = 255
-                self.protocol = socket.IPPROTO_TCP
-                self.checksum = 0 # will be filled by kernel
-                self.source = socket.inet_aton(source)
-                self.destination = socket.inet_aton(destination)
+    def __init__(self, source, destination, payload='', proto=socket.IPPROTO_TCP):
+        self.version = 4
+        self.ihl = 5 # Internet Header Length
+        self.tos = 0 # Type of Service
+        self.tl = 20+len(payload)
+        self.id = 0#random.randint(0, 65535)
+        self.flags = 0 # Don't fragment
+        self.offset = 0
+        self.ttl = 255
+        self.protocol = proto
+        self.checksum = 2 # will be filled by kernel
+        self.source = socket.inet_aton(source)
+        self.destination = socket.inet_aton(destination)
     def pack(self):
         ver_ihl = (self.version << 4) + self.ihl
         flags_offset = (self.flags << 13) + self.offset
@@ -121,35 +63,47 @@ def pack(self):
                     self.checksum,
                     self.source,
                     self.destination)
+        self.checksum = checksum(ip_header)
+        ip_header = struct.pack("!BBHHHBBH4s4s",
+                    ver_ihl,
+                    self.tos,
+                    self.tl,
+                    self.id,
+                    flags_offset,
+                    self.ttl,
+                    self.protocol,
+                    socket.htons(self.checksum),
+                    self.source,
+                    self.destination)  
         return ip_header
     def unpack(self, packet):
-            _ip = layer()
-            _ip.ihl = (ord(packet[0]) & 0xf) * 4
-            iph = struct.unpack("!BBHHHBBH4s4s", packet[:_ip.ihl])
-            _ip.ver = iph[0] >> 4
-            _ip.tos = iph[1]
-            _ip.length = iph[2]
-            _ip.ids = iph[3]
-            _ip.flags = iph[4] >> 13
-            _ip.offset = iph[4] & 0x1FFF
-            _ip.ttl = iph[5]
-            _ip.protocol = iph[6]
-            _ip.checksum = hex(iph[7])
-            _ip.src = socket.inet_ntoa(iph[8])
-            _ip.dst = socket.inet_ntoa(iph[9])
-            _ip.list = [
-                _ip.ihl,
-                _ip.ver,
-                _ip.tos,
-                _ip.length,
-                _ip.ids,
-                _ip.flags,
-                _ip.offset,
-                _ip.ttl,
-                _ip.protocol,
-                _ip.src,
-                _ip.dst]
-            return _ip
+        _ip = layer()
+        _ip.ihl = (ord(packet[0]) & 0xf) * 4
+        iph = struct.unpack("!BBHHHBBH4s4s", packet[:_ip.ihl])
+        _ip.ver = iph[0] >> 4
+        _ip.tos = iph[1]
+        _ip.length = iph[2]
+        _ip.ids = iph[3]
+        _ip.flags = iph[4] >> 13
+        _ip.offset = iph[4] & 0x1FFF
+        _ip.ttl = iph[5]
+        _ip.protocol = iph[6]
+        _ip.checksum = hex(iph[7])
+        _ip.src = socket.inet_ntoa(iph[8])
+        _ip.dst = socket.inet_ntoa(iph[9])
+        _ip.list = [
+            _ip.ihl,
+            _ip.ver,
+            _ip.tos,
+            _ip.length,
+            _ip.ids,
+            _ip.flags,
+            _ip.offset,
+            _ip.ttl,
+            _ip.protocol,
+            _ip.src,
+            _ip.dst]
+        return _ip
 
 class TCP(object):
     def __init__(self, srcp, dstp):
@@ -243,7 +197,25 @@ def unpack(self, packet):
             _tcp.urg,
             _tcp.options,
             _tcp.payload]
-        return _tcp       
+        return _tcp
+
+class UDP(object):
+    def __init__(self, src, dst, payload=''):
+        self.src = src
+        self.dst = dst
+        self.payload = payload
+        self.checksum = 0
+        self.length = 8 # UDP Header length
+    def pack(self, src, dst, proto=socket.IPPROTO_UDP):
+        length = self.length + len(self.payload)
+        pseudo_header = struct.pack('!4s4sBBH',
+            socket.inet_aton(src), socket.inet_aton(dst), 0, 
+            proto, length)
+        self.checksum = checksum(pseudo_header)
+        packet = struct.pack('!HHHH',
+            self.src, self.dst, length, 0)
+        return packet
+
 def main():
     parser = OptionParser()
     parser.add_option("-s", "--src", dest="src", type="string",