david415
/ scapy tcp header fu
Created
September 30, 2013 04:58
hiding messages in tcp header using scapy;
retrieving messages from iptables LOG...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import binascii | |
| from scapy.all import TCP, IP | |
| ip = IP(dst="192.155.82.5") | |
| tcp = TCP(dport = 6200, | |
| flags = 'S', | |
| seq = 32456, | |
| ack = 32456, | |
| window = 32456, |
david415
/ nflog twisted
Last active
December 24, 2015 08:29
an attempt to create a async twisted interface to the iptables NFLOG blocking packet reads; this example happens to use an echo server because it's simple. Use this with an iptables rule to populate the NFLOG e.g. iptables -A INPUT -p tcp --dport 2600 -j NFLOG
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| from nflog_cffi import NFLOG | |
| from twisted.internet.protocol import Protocol, Factory | |
| from twisted.internet import reactor | |
| def NFLOG_get_packets(callback): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from nflog_cffi import NFLOG, NFWouldBlock | |
| from twisted.internet import main | |
| from twisted.internet import reactor | |
| class NFLogReader(object): | |
| def __init__(self, dropPrivCallback = None, handlePacket = None, queues = (0,1), nflog_kwargs=dict()): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Implementation of the Hush protocol. | |
| """ | |
| from nflog_cffi import NFLOG, NFWouldBlock | |
| from twisted.internet import reactor, protocol, defer | |
| from twisted.python import log | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import scapy | |
| import scapy.all | |
| from scapy.all import ARP, send | |
| def poison_arpcache(target_ip, spoofed_ip, spoofed_mac): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| def get_shard_map(shardfile): | |
| shards = {} | |
| shards_fh = open(shardfile) | |
| for line in shards_fh: | |
| shard, host1, host2 = line.split() | |
| if shards.has_key(shard): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import nacl.secret | |
| import nacl.utils | |
| key = nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE) | |
| box = nacl.secret.SecretBox(key) | |
| message = b"secret message" | |
| nonce = nacl.utils.random(nacl.secret.SecretBox.NONCE_SIZE) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| apt-get update | |
| apt-get install xorg openbox wicd sysstat wireshark macchanger openvpn xlockmore emacs23 chromium-browser nmap netcat -y | |
| # after install grsec kernel | |
| paxctl -m -x -e /usr/lib/chromium-browser/chrome-sandbox -c | |
| paxctl -P -m -x -e -R /usr/lib/chromium-browser/chromium-browser -c | |
| # edit /etc/default/grub |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Log notice stdout | |
| SocksPort 0 | |
| ORPort 7001 | |
| ExitPolicy reject *:* | |
| DataDirectory ./bridge-data | |
| BridgeRelay 1 | |
| PublishServerDescriptor 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Log notice stdout | |
| SocksPort 8040 | |
| #ORPort 8001 | |
| DataDirectory ./client-data | |
| UseBridges 1 | |
| Bridge bananaphone 127.0.0.1:4703 modelName=markov corpus=/usr/share/dict/words encodingSpec=words,sha1,4 order=1 |
OlderNewer