'''
termspy.py : sniff packets from interface en1 using python module scapy (2.3.1)

Use WS port 8081
v0.1
By Sam Neurohack

LICENCE : BY NC
'''
import log

print("")
log.infog("Termspy")
log.infog("v0.1b")
print("Loading...")

from time import sleep
import types
import random
from scapy.all import *
import traceback
import websocket
try:
    import thread
except ImportError:
    import _thread as thread

counter = 0
serverIP = "192.168.2.189"
#serverIP = "127.0.0.1"
wsPORT = 8081


import argparse
parser = argparse.ArgumentParser(description="A Scanner Interface Darkly")
parser.add_argument("-i","--interface", help="interface to scan")
#parser.add_argument("-f","--filter",help="tcpdump filter")
parser.add_argument("-epi","--ephemeralportmin",help="ephemeral port min to exclude (32768 by default), set to 65536 to include all ports",type=int)
parser.add_argument("-epa","--ephemeralportmax",help="ephemeral port max to exclude (61000 by default)",type=int)
args = parser.parse_args()


if args.ephemeralportmin:
    ephemeralportmin = args.ephemeralportmin
else:
    ephemeralportmin = 32768

if args.ephemeralportmax:
    ephemeralportmax = args.ephemeralportmax
else:
    ephemeralportmax = 61000



def sendled(zzzport):
       
    # zzzport
    ws.send('/termspy '+str(zzzport))


def print_summary(pkt):

    if IP in pkt:
        ip_src=pkt[IP].src
        ip_dst=pkt[IP].dst

        if TCP in pkt:
            tcp_sport=pkt[TCP].sport
            tcp_dport=pkt[TCP].dport

            if tcp_sport < 50000:
                #print(" IP src " + str(ip_src) + " TCP sport " + str(tcp_sport))
                sendled(tcp_sport)
            if tcp_dport < 50000:
                #print(" IP dst " + str(ip_dst) + " TCP dport " + str(tcp_dport))
                sendled(tcp_dport)

        if UDP in pkt:
            udp_sport=pkt[UDP].sport
            udp_dport=pkt[UDP].dport

            if udp_sport < 50000:
                #print(" IP src " + str(ip_src) + " UDP sport " + str(udp_sport))
                sendled(udp_sport)

            if udp_dport < 50000:
                #print(" IP dst " + str(ip_dst) + " UDP dport " + str(udp_dport))
                sendled(udp_dport)


    if ARP in pkt and pkt[ARP].op in (1,2):
        print("ARP")
        sendled(67)



def handle_error(self,request,client_address):      # All callbacks
    pass


def on_message(ws, message):
    print(message)

def on_error(ws, error):
    print(error)

def on_close(ws):
    print("### closed ###")

def run(*args):

    try:

        if platform == 'darwin':
            print("Running on", platform, "-> en0")
            #sniff(iface='en0', prn=print_summary, store=0, filter= args.filter)
            sniff(iface='en0', prn=print_summary, store=0)

        else:
            print("Running on", platform, "-> eth0")
            sniff(iface='eth0', prn=print_summary, store=0)

    
    except Exception:
        traceback.print_exc()

    finally:
        ws.close()
        print("Termspy WS terminating...")


def on_open(ws):

    print("WS connection opened")
    thread.start_new_thread(run, ())


if __name__ == "__main__":

    try:
        print("Connecting to WS server...")
        websocket.enableTrace(True)
        ws = websocket.WebSocketApp("ws://"+str(serverIP)+":"+str(wsPORT),
                                  on_message = on_message,
                                  on_error = on_error,
                                  on_close = on_close)
        ws.on_open = on_open
        ws.run_forever()

    except Exception:
        traceback.print_exc()

    finally:
        #ws.close()
        print("Termspy terminating...")