sammm
/
nerves
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
nerves/termspy.py

177 lines
3.9 KiB
Python
Raw Blame History

'''
termspy.py : sniff packets from interface en0/eth0 using python module scapy (2.3.1)
And send port number to nerves pi (WS server port 8081)
v0.1b
By Sam Neurohack
LICENCE : BY NC
scapy filter like : -f 'tcp'
'''
import log
print("")
log.infog("Termspy")
log.infog("v0.1b")
print("Loading...")
from time import sleep
import types
import random
from scapy.all import *
import traceback
import websocket
try:
import thread
except ImportError:
import _thread as thread
counter = 0
serverIP = "192.168.2.189"
#serverIP = "127.0.0.1"
wsPORT = 8081
import argparse
parser = argparse.ArgumentParser(description="A Scanner Interface Darkly")
parser.add_argument("-i","--interface", help="interface to scan")
parser.add_argument("-f","--filter",help="tcpdump filter")
parser.add_argument("-epi","--ephemeralportmin",help="ephemeral port min to exclude (32768 by default), set to 65536 to include all ports",type=int)
parser.add_argument("-epa","--ephemeralportmax",help="ephemeral port max to exclude (61000 by default)",type=int)
parser.add_argument("-d","--debug",action="store_true",default="True",help="Debug output")
args = parser.parse_args()
debug = args.debug
print('Debug mode :', debug)
if args.ephemeralportmin:
ephemeralportmin = args.ephemeralportmin
else:
ephemeralportmin = 32768
if args.ephemeralportmax:
ephemeralportmax = args.ephemeralportmax
else:
ephemeralportmax = 61000
if args.filter:
filters = args.filter
else:
filters = None
print('Filter :',filters)
if args.interface == None:
if platform == 'darwin':
ifn='en0'
else:
ifn='eth0'
else:
iface = args.interface
print("Running on interface :", ifn)
def sendled(zzzport):
# zzzport
ws.send('/termspy '+str(zzzport))
def print_summary(pkt):
if IP in pkt:
ip_src=pkt[IP].src
ip_dst=pkt[IP].dst
if TCP in pkt:
tcp_sport=pkt[TCP].sport
tcp_dport=pkt[TCP].dport
if tcp_sport < 50000:
#print(" IP src " + str(ip_src) + " TCP sport " + str(tcp_sport))
sendled(tcp_sport)
if tcp_dport < 50000:
#print(" IP dst " + str(ip_dst) + " TCP dport " + str(tcp_dport))
sendled(tcp_dport)
if UDP in pkt:
udp_sport=pkt[UDP].sport
udp_dport=pkt[UDP].dport
if udp_sport < 50000:
#print(" IP src " + str(ip_src) + " UDP sport " + str(udp_sport))
sendled(udp_sport)
if udp_dport < 50000:
#print(" IP dst " + str(ip_dst) + " UDP dport " + str(udp_dport))
sendled(udp_dport)
if ARP in pkt and pkt[ARP].op in (1,2):
print("ARP")
sendled(67)
def handle_error(self,request,client_address): # All callbacks
pass
def on_message(ws, message):
print(message)
def on_error(ws, error):
print(error)
def on_close(ws):
print("### closed ###")
def run(*args):
try:
if filters != None:
print('with filters', filters)
sniff(iface=ifn, prn=print_summary, store=0, filter= filters)
else:
print('without filter')
sniff(iface=ifn, prn=print_summary, store=0)
except Exception:
traceback.print_exc()
finally:
ws.close()
print("Termspy WS terminating...")
def on_open(ws):
print("WS connection opened")
thread.start_new_thread(run, ())
if __name__ == "__main__":
try:
print("Connecting to WS server...")
websocket.enableTrace(True)
ws = websocket.WebSocketApp("ws://"+str(serverIP)+":"+str(wsPORT),
on_message = on_message,
on_error = on_error,
on_close = on_close)
ws.on_open = on_open
ws.run_forever()
except Exception:
traceback.print_exc()
finally:
#ws.close()
print("Termspy terminating...")
Reference in New Issue View Git Blame Copy Permalink