-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update TCP Handshake and ARP challenges
- Loading branch information
1 parent
1af80f6
commit 50cbbc6
Showing
12 changed files
with
82 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| ../.init |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Manually perform a Transmission Control Protocol handshake. | ||
| The initial packet should have `TCP sport=31337, dport=31337, seq=31337`. | ||
| The handshake should occur with the remote host at `10.0.0.2`. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| #!/usr/bin/exec-suid --real -- /usr/bin/python -I | ||
|
|
||
| import random | ||
| import scapy.all as scapy | ||
| from dojjail import Host, Network | ||
|
|
||
| flag = open("/flag").read() | ||
|
|
||
| class RawPacketHost(Host): | ||
| def __init__(self, *args, **kwargs): | ||
| super().__init__(*args, **kwargs) | ||
| self.seq = None | ||
|
|
||
| def entrypoint(self): | ||
| scapy.conf.ifaces.reload() | ||
| scapy.sniff(prn=self.handle_packet, iface="eth0") | ||
|
|
||
| def handle_packet(self, packet): | ||
| if "TCP" not in packet: | ||
| return | ||
| if not (packet["TCP"].sport == 31337 and packet["TCP"].dport == 31337): | ||
| return | ||
|
|
||
| if packet["TCP"].seq == 31337 and packet["TCP"].flags == "S": | ||
| self.seq = random.randrange(0, 2**32) | ||
| response_packet = (scapy.IP(src=packet["IP"].dst, dst=packet["IP"].src) / | ||
| scapy.TCP(sport=packet["TCP"].dport, dport=packet["TCP"].sport, | ||
| seq=self.seq, ack=(packet["TCP"].seq + 1) & (2**32 - 1), | ||
| flags="SA")) | ||
| scapy.send(response_packet, verbose=False) | ||
|
|
||
| if (packet["TCP"].seq == (31337 + 1) and packet["TCP"].ack == self.seq and | ||
| packet["TCP"].flags == "A"): | ||
| print(flag, flush=True) | ||
|
|
||
| user_host = Host("ip-10-0-0-1") | ||
| raw_packet_host = RawPacketHost("ip-10-0-0-2") | ||
| network = Network(hosts={user_host: "10.0.0.1", raw_packet_host: "10.0.0.2"}, subnet="10.0.0.0/24") | ||
| network.run() | ||
|
|
||
| user_host.interact() |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| ../.init |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| Manually send an Address Resolution Protocol packet. | ||
| The packet should inform the remote host that the IP address `10.0.0.42` can be found at the Ethernet address `42:42:42:42:42:42`. | ||
| The packet should be sent to the remote host at `10.0.0.2`. |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| #!/usr/bin/exec-suid --real -- /usr/bin/python -I | ||
|
|
||
| from dojjail import Host, Network | ||
| import scapy.all as scapy | ||
|
|
||
| WHO_HAS = 1 | ||
| IS_AT = 2 | ||
|
|
||
| flag = open("/flag").read() | ||
|
|
||
| class RawPacketHost(Host): | ||
| def entrypoint(self): | ||
| scapy.conf.ifaces.reload() | ||
| scapy.sniff(prn=self.handle_packet, iface="eth0") | ||
|
|
||
| def handle_packet(self, packet): | ||
| if "ARP" not in packet: | ||
| return | ||
| if (packet["ARP"].psrc == "10.0.0.42" and packet["ARP"].hwsrc == "42:42:42:42:42:42" and | ||
| packet["ARP"].op == IS_AT): | ||
| print(flag, flush=True) | ||
|
|
||
| user_host = Host("ip-10-0-0-1") | ||
| raw_packet_host = RawPacketHost("ip-10-0-0-2") | ||
| network = Network(hosts={user_host: "10.0.0.1", raw_packet_host: "10.0.0.2"}, subnet="10.0.0.0/24") | ||
| network.run() | ||
|
|
||
| user_host.interact() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters