# -*- coding: utf-8 -*-
#!/usr/bin/python
import sys
import os
import re
from scapy.all import *
req_dir = 'req'
resp_dir = 'resp'
src_mac = 'C4:00:AD:2D:46:98'
dst_mac = '00:0c:29:5e:2a:c5'
req_iface = "eth7"
resp_iface = "eth8"
class Send:
def __init__(self, path, srcip, dstip):
self.all_pcap_ip = {}
self.path = sys.argv[1]
#self.start_ip = "1.1.1.1"
#self.end_ip = "2.2.2.2"
self.start_ip = srcip
self.end_ip = dstip
def iptoint(self, num):
h = []
s = num.split(".")
for temp in s:
a = bin(int(temp))[2:]
a = a.zfill(8)
h.append(a)
g = "".join(h)
e = int(g, 2)
return e
def inttoip(self, num):
s = bin(num)[2:]
s = s.zfill(32)
g = []
h = []
for i in range(0, 32, 8):
g.append(s[i: i + 8])
for temp in g:
h.append(str(int(temp, 2)))
e = ".".join(h)
return e
def run(self):
if os.path.isdir(self.path):
i = 0
for root, dirs, files in os.walk(self.path):
for one_pcap in files:
begin_cmd = "begin end pcap file is: {0}\n".format(one_pcap)
print(begin_cmd)
if ".pcap" in one_pcap:
src_ip = self.inttoip(self.iptoint(self.start_ip) + i)
self.send_pcap(one_pcap, src_ip, self.end_ip)
i = i + 1
end_cmd = "end send pcap file is: {0}\n".format(one_pcap)
print(end_cmd)
else:
self.send_pcap(self.path, self.start_ip, self.end_ip)
def send_pcap(self, one_pcap, src_ip, dst_ip):
packets = rdpcap(one_pcap)
address_dict = {}
mac_dict = {}
one_pcap_address = []
global req_dir
global resp_dir
global src_mac
global dst_mac
for p in packets:
if p.haslayer("Dot1Q") and p.haslayer("IP") :
payload = p["IP"].copy()
p.remove_payload()
p.add_payload(payload)
p[Ether].type = 0x800
elif p.haslayer("Dot1Q") and p.haslayer("IPv6") :
payload = p["IPv6"].copy()
p.remove_payload()
p.add_payload(payload)
p[Ether].type = 0x86dd
#去除rarp
if p.haslayer("Ether") and p[Ether].type == 0x8035 :
continue
#去除arp
if p.haslayer("Ether") and p[Ether].type == 0x0806 :
continue
#去除igmp
if p.haslayer("IP") and p["IP"].proto == 2 :
continue
#去除广播和组播
if (p.haslayer("IP") and re.findall(".255", p["IP"].dst)) or (re.findall("01:00:5e", p.dst)) :
continue
# 去除RST报文(ipv6)
if not p.haslayer("IPv6ExtHdrFragment") and p.haslayer("IPv6") and \
p.haslayer("TCP") and (socket.ntohs(p["TCP"].flags) & 0x0400) :
continue
# 去除RST报文
if p.haslayer("IP") and p.haslayer("TCP") and (socket.ntohs(p["TCP"].flags) & 0x0400) :
continue
if not mac_dict.get('src') and p.haslayer("IP") and p["IP"].proto == 6 :
mac_dict['src'] = src_mac
req_dir = p.src
elif not mac_dict.get('src') and p.haslayer("IPv6") and p["IPv6"].nh == 6 :
mac_dict['src'] = dst_mac
req_dir = p.src
if not mac_dict.get('dst') and p.haslayer("IP") and p["IP"].proto == 6 :
mac_dict['dst'] = p.dst
resp_dir = p.dst
elif not mac_dict.get('dst') and p.haslayer("IPv6") and p["IPv6"].nh == 6 :
mac_dict['dst'] = p.dst
resp_dir = p.dst
if (p.haslayer("UDP")) :
print("--->>>>udp")
if p.haslayer("IP"):
if address_dict.get(p["IP"].src) :
p["IP"].src = address_dict[p["IP"].src]
else :
address_dict[p["IP"].src] = src_ip
p["IP"].src = src_ip
if address_dict.get(p["IP"].dst) :
p["IP"].dst = address_dict[p["IP"].dst]
elif not re.findall("255", p.dst) :
address_dict[p["IP"].dst] = dst_ip
p["IP"].dst = dst_ip
p["IP"].len = None
p["IP"].chksum = None
if p.haslayer("UDP"):
p["UDP"].chksum = None
if p.haslayer("TCP"):
p["TCP"].chksum = None
try:
if req_dir == p.src :
p.src = src_mac
p.dst = dst_mac
#time.sleep(0.05)
sendp(p, iface=req_iface)
elif resp_dir == p.src :
p.dst = src_mac
p.src = dst_mac
#time.sleep(0.05)
sendp(p, iface=resp_iface)
else :
sendp(p, iface=req_iface)
except Exception(e):
print(repr(e))
assert(0)
self.retry_excpt_pcap(one_pcap)
return
if p["IP"].src not in one_pcap_address:
one_pcap_address.append(p["IP"].src)
elif p.haslayer("IPv6"):
print("ipv6")
if address_dict.get(p["IPv6"].src) :
p["IPv6"].src = address_dict[p["IPv6"].src]
else :
address_dict[p["IPv6"].src] = src_ip
p["IPv6"].src = src_ip
if address_dict.get(p["IPv6"].dst) :
p["IPv6"].dst = address_dict[p["IPv6"].dst]
elif not re.findall("255", p.dst) :
address_dict[p["IPv6"].dst] = dst_ip
p["IPv6"].dst = dst_ip
try:
if req_dir == p.src :
p.src = src_mac
p.dst = dst_mac
sendp(p, iface=req_iface)
elif resp_dir == p.src :
p.dst = src_mac
p.src = dst_mac
sendp(p, iface=resp_iface)
else :
sendp(p, iface=req_iface)
except Exception(e):
print(repr(e))
assert(0)
self.retry_excpt_pcap(one_pcap)
return
if p["IPv6"].src not in one_pcap_address:
one_pcap_address.append(p["IPv6"].src)
elif p.haslayer("Ether") :
sendp(p, iface=req_iface)
self.all_pcap_ip[one_pcap] = one_pcap_address
print(one_pcap_address)
def retry_excpt_pcap(self, one_pcap):
packets = rdpcap(one_pcap)
one_pcap_address = []
for p in packets:
p.src = src_mac
p.dst = dst_mac
if p.haslayer("IP"):
sendp(p, iface=req_iface)
if p["IP"].src not in one_pcap_address:
one_pcap_address.append(p["IP"].src)
self.all_pcap_ip[one_pcap] = one_pcap_address
发送pcap包
send = Send(sys.argv[1], sys.argv[2], sys.argv[3])
send.run()
print(send.all_pcap_ip)
#python3 xxx.py xx.pcap 123.3.3.4 222.33.1.1
批量
#!/bin/bash
#
function random ()
{
#usage: a=$(random num1 num2)
min=$1;
max=$2-$1;
num=$(date +%s%N);
((retnum=num%max+min));
#进行求余数运算即可
echo $retnum;
#这里通过echo 打印出来值,然后获得函数的,stdout就可以获得值
}
$date > 9.log
find /var/ips/zy/a -name "*cap" > /var/ips/zy/pcaplist
while read line
do
ip_addr=$(random 2 254).$(random 2 254).$(random 2 254).$(random 2 254)
ip_add=$(random 2 254).$(random 2 254).$(random 2 254).$(random 2 254)
printf "%-23s %-40s" "回放 `basename $line`" "ip=$ip_addr" "ip1=$ip_add" >> 9.log
printf "%-23s %-40s" "回放 `basename $line`" "ip=$ip_addr" "ip1=$ip_add"
time=$(date "+%Y-%m-%d %H:%M:%S")
echo $time >> 9.log
printf "%-23s %-40s" "回放 `basename $line`" "ip=$ip_addr" "ip1=$ip_add"
python3 ac-1.py $line $ip_addr $ip_add
#tomahawk_bak -l 1 -i eth5 -j eth6 -f $line -a $ip_addr
#tomahawk5 -l 1 -i eth5 -j eth6 -f $line -a $ip_addr
tomahawk5 -l 1 -i eth7 -j eth8 -f $line -a $ip_addr
done</var/ips/zy/pcaplist