157 lines
3.6 KiB
Python
157 lines
3.6 KiB
Python
'''
|
|
termspy.py : sniff packets from interface en1 using python module scapy (2.3.1)
|
|
|
|
Use WS port 8081
|
|
v0.1
|
|
By Sam Neurohack
|
|
|
|
LICENCE : BY NC
|
|
'''
|
|
import log
|
|
|
|
print("")
|
|
log.infog("Termspy")
|
|
log.infog("v0.1b")
|
|
print("Loading...")
|
|
|
|
from time import sleep
|
|
import types
|
|
import random
|
|
from scapy.all import *
|
|
import traceback
|
|
import websocket
|
|
try:
|
|
import thread
|
|
except ImportError:
|
|
import _thread as thread
|
|
|
|
counter = 0
|
|
serverIP = "192.168.2.189"
|
|
#serverIP = "127.0.0.1"
|
|
wsPORT = 8081
|
|
|
|
|
|
import argparse
|
|
parser = argparse.ArgumentParser(description="A Scanner Interface Darkly")
|
|
parser.add_argument("-i","--interface", help="interface to scan")
|
|
#parser.add_argument("-f","--filter",help="tcpdump filter")
|
|
parser.add_argument("-epi","--ephemeralportmin",help="ephemeral port min to exclude (32768 by default), set to 65536 to include all ports",type=int)
|
|
parser.add_argument("-epa","--ephemeralportmax",help="ephemeral port max to exclude (61000 by default)",type=int)
|
|
args = parser.parse_args()
|
|
|
|
|
|
if args.ephemeralportmin:
|
|
ephemeralportmin = args.ephemeralportmin
|
|
else:
|
|
ephemeralportmin = 32768
|
|
|
|
if args.ephemeralportmax:
|
|
ephemeralportmax = args.ephemeralportmax
|
|
else:
|
|
ephemeralportmax = 61000
|
|
|
|
|
|
|
|
def sendled(zzzport):
|
|
|
|
# zzzport
|
|
ws.send('/termspy '+str(zzzport))
|
|
|
|
|
|
def print_summary(pkt):
|
|
|
|
if IP in pkt:
|
|
ip_src=pkt[IP].src
|
|
ip_dst=pkt[IP].dst
|
|
|
|
if TCP in pkt:
|
|
tcp_sport=pkt[TCP].sport
|
|
tcp_dport=pkt[TCP].dport
|
|
|
|
if tcp_sport < 50000:
|
|
#print(" IP src " + str(ip_src) + " TCP sport " + str(tcp_sport))
|
|
sendled(tcp_sport)
|
|
if tcp_dport < 50000:
|
|
#print(" IP dst " + str(ip_dst) + " TCP dport " + str(tcp_dport))
|
|
sendled(tcp_dport)
|
|
|
|
if UDP in pkt:
|
|
udp_sport=pkt[UDP].sport
|
|
udp_dport=pkt[UDP].dport
|
|
|
|
if udp_sport < 50000:
|
|
#print(" IP src " + str(ip_src) + " UDP sport " + str(udp_sport))
|
|
sendled(udp_sport)
|
|
|
|
if udp_dport < 50000:
|
|
#print(" IP dst " + str(ip_dst) + " UDP dport " + str(udp_dport))
|
|
sendled(udp_dport)
|
|
|
|
|
|
if ARP in pkt and pkt[ARP].op in (1,2):
|
|
print("ARP")
|
|
sendled(67)
|
|
|
|
|
|
|
|
def handle_error(self,request,client_address): # All callbacks
|
|
pass
|
|
|
|
|
|
def on_message(ws, message):
|
|
print(message)
|
|
|
|
def on_error(ws, error):
|
|
print(error)
|
|
|
|
def on_close(ws):
|
|
print("### closed ###")
|
|
|
|
def run(*args):
|
|
|
|
try:
|
|
|
|
if platform == 'darwin':
|
|
print("Running on", platform, "-> en0")
|
|
#sniff(iface='en0', prn=print_summary, store=0, filter= args.filter)
|
|
sniff(iface='en0', prn=print_summary, store=0)
|
|
|
|
else:
|
|
print("Running on", platform, "-> eth0")
|
|
sniff(iface='eth0', prn=print_summary, store=0)
|
|
|
|
|
|
except Exception:
|
|
traceback.print_exc()
|
|
|
|
finally:
|
|
ws.close()
|
|
print("Termspy WS terminating...")
|
|
|
|
|
|
def on_open(ws):
|
|
|
|
print("WS connection opened")
|
|
thread.start_new_thread(run, ())
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
try:
|
|
print("Connecting to WS server...")
|
|
websocket.enableTrace(True)
|
|
ws = websocket.WebSocketApp("ws://"+str(serverIP)+":"+str(wsPORT),
|
|
on_message = on_message,
|
|
on_error = on_error,
|
|
on_close = on_close)
|
|
ws.on_open = on_open
|
|
ws.run_forever()
|
|
|
|
except Exception:
|
|
traceback.print_exc()
|
|
|
|
finally:
|
|
#ws.close()
|
|
print("Termspy terminating...")
|
|
|