Skip to content

Commit

Permalink
fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@AlirezaDehlaghi
AlirezaDehlaghi committed Aug 1, 2022
1 parent eec9164 commit 3868160
Show file tree
Hide file tree
Showing 5 changed files with 47 additions and 19 deletions.
31 changes: 30 additions & 1 deletion src/Attacker.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,11 @@
from datetime import datetime
from time import sleep

from scapy.arch import get_if_addr
from scapy.config import conf
from scapy.layers.inet import IP
from scapy.layers.l2 import ARP, Ether

from ics_sim.Device import Runnable, HMI


Expand All @@ -17,6 +22,9 @@ def _before_start(self):
self.__attack_path = './attacks'
self.__log_path = os.path.join(self.__attack_path,'attack-logs')

self.MAC = Ether().src
self.IP = get_if_addr(conf.iface)

if not os.path.exists(self.__log_path):
os.makedirs(self.__log_path)

Expand All @@ -27,6 +35,16 @@ def _before_start(self):
file_ext='.csv'
)

self.__log_attack_summary.info("{},{},{},{},{},{},{}".format("Attack",
"startStamp",
"endStamp",
sudo "startTime",
"endTime",
"attackerMAC",
"attackerIP",
)
)

self.__attack_list = ['scan-ettercap',
'scan-ping',
'scan-nmap',
Expand Down Expand Up @@ -74,7 +92,18 @@ def _logic(self):
subprocess.run([attack_path, self.__log_path, log_file])
end_time = datetime.now()

self.__log_attack_summary.info("{},{},{}\n".format(attack_name, start_time, end_time))
self.__log_attack_summary.info("{},{},{},{},{},{},{}".format(attack_name,
start_time.timestamp(),
end_time.timestamp(),
start_time,
end_time,
self.MAC,
self.IP,
)
)




except ValueError as e:
self.report(e.__str__())
Expand Down
2 changes: 1 addition & 1 deletion src/attacks/attack-logs/log-scan-ettercap.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
192.168.0.1 02:42:56:78:E7:D6 -
192.168.0.1 02:42:BB:CF:D4:87 -
192.168.0.11 02:42:C0:A8:00:0B -
192.168.0.12 02:42:C0:A8:00:0C -
192.168.0.21 02:42:C0:A8:00:15 -
Expand Down
26 changes: 13 additions & 13 deletions src/attacks/attack-logs/log-scan-nmap.txt
View file
Original file line number Diff line number Diff line change
@@ -1,51 +1,51 @@
# Nmap 7.92 scan initiated Fri Jul 22 16:20:23 2022 as: nmap -p- -oN ./attacks/attack-logs/log-scan-nmap.txt 192.168.0.1-255
# Nmap 7.92 scan initiated Mon Aug 1 23:01:22 2022 as: nmap -p- -oN ./attacks/attack-logs/log-scan-nmap.txt 192.168.0.1-255
Nmap scan report for dlinkrouter (192.168.0.1)
Host is up (0.0000070s latency).
Host is up (0.000062s latency).
All 65535 scanned ports on dlinkrouter (192.168.0.1) are in ignored states.
Not shown: 65535 closed tcp ports (reset)
MAC Address: 02:42:56:78:E7:D6 (Unknown)
MAC Address: 02:42:BB:CF:D4:87 (Unknown)

Nmap scan report for plc1.icsnet (192.168.0.11)
Host is up (0.000013s latency).
Host is up (0.000081s latency).
Not shown: 65534 closed tcp ports (reset)
PORT STATE SERVICE
502/tcp open mbap
MAC Address: 02:42:C0:A8:00:0B (Unknown)

Nmap scan report for plc2.icsnet (192.168.0.12)
Host is up (0.000013s latency).
Host is up (0.000068s latency).
Not shown: 65534 closed tcp ports (reset)
PORT STATE SERVICE
502/tcp open mbap
MAC Address: 02:42:C0:A8:00:0C (Unknown)

Nmap scan report for hmi1.icsnet (192.168.0.21)
Host is up (0.000012s latency).
Host is up (0.00012s latency).
All 65535 scanned ports on hmi1.icsnet (192.168.0.21) are in ignored states.
Not shown: 65535 closed tcp ports (reset)
MAC Address: 02:42:C0:A8:00:15 (Unknown)

Nmap scan report for hmi2.icsnet (192.168.0.22)
Host is up (0.000019s latency).
Host is up (0.000049s latency).
All 65535 scanned ports on hmi2.icsnet (192.168.0.22) are in ignored states.
Not shown: 65535 closed tcp ports (reset)
MAC Address: 02:42:C0:A8:00:16 (Unknown)

Nmap scan report for hmi3.icsnet (192.168.0.23)
Host is up (0.000021s latency).
Host is up (0.000060s latency).
All 65535 scanned ports on hmi3.icsnet (192.168.0.23) are in ignored states.
Not shown: 65535 closed tcp ports (reset)
MAC Address: 02:42:C0:A8:00:17 (Unknown)

Nmap scan report for attacker2.icsnet (192.168.0.42)
Host is up (0.000018s latency).
Host is up (0.000033s latency).
All 65535 scanned ports on attacker2.icsnet (192.168.0.42) are in ignored states.
Not shown: 65535 closed tcp ports (reset)
MAC Address: 02:42:C0:A8:00:2A (Unknown)

Nmap scan report for 28cb66f0eb79 (192.168.0.41)
Host is up (0.0000050s latency).
All 65535 scanned ports on 28cb66f0eb79 (192.168.0.41) are in ignored states.
Nmap scan report for a156df83060e (192.168.0.41)
Host is up (0.000011s latency).
All 65535 scanned ports on a156df83060e (192.168.0.41) are in ignored states.
Not shown: 65535 closed tcp ports (reset)

# Nmap done at Fri Jul 22 16:20:37 2022 -- 255 IP addresses (8 hosts up) scanned in 14.37 seconds
# Nmap done at Mon Aug 1 23:02:12 2022 -- 255 IP addresses (8 hosts up) scanned in 49.97 seconds
7 changes: 3 additions & 4 deletions src/attacks/attack-logs/log_summary.csv
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
mitm-scapy,2022-07-22 23:26:01.958156,2022-07-22 23:26:24.198068

mitm-scapy,2022-07-22 23:26:36.942491,2022-07-22 23:26:58.252392

Attack,startStamp,endStamp,attackerMAC,attackerIP
scan-ettercap,1659387608.560321,1659387614.073667,02:42:c0:a8:00:29,192.168.0.41
scan-nmap,1659387682.063776,1659387732.277754,02:42:c0:a8:00:29,192.168.0.41
Binary file modified src/storage/PhysicalSimulation1.sqlite
View file
Binary file not shown.

0 comments on commit 3868160

Please sign in to comment.