Skip to content

Instantly share code, notes, and snippets.

View thepacketgeek's full-sized avatar

Mat Wood thepacketgeek

373 followers · 20 following
View GitHub Profile
@thepacketgeek
thepacketgeek / rand-packet-fields.py
Created October 23, 2013 00:01
Random packet field generators
## Returns a string of a random int between 1 and 254(default)
def randOct(end = 254):
return str(random.randint(1, end))
## Used for random size or TTL
def randTS(max = 256):
return str(random.randint(1, max/8) * 8)
## Returns a string of a hex number 4 digits long, with the preceding '0x' sliced off
def randHex(max = 65535):
@thepacketgeek
thepacketgeek / 10-sweep-and-scan.py
Last active December 26, 2015 08:49
from scapy.all import *
import netaddr
import random
# Define IP range to scan
network = "172.16.20.0/29"
# Define TCP port range
portRange = [22,23,80,443,449]
# make list of addresses out of network, set live host counter
@thepacketgeek
thepacketgeek / valid_ip.py
Created December 4, 2013 22:01
Check for a valid IP address
def valid_ip(address):
try:
host_bytes = address.split('.')
valid = [int(b) for b in host_bytes]
valid = [b for b in valid if b >= 0 and b<=255]
return len(host_bytes) == 4 and len(valid) == 4
except:
return False
@thepacketgeek
thepacketgeek / get_advertised_routes.py
Created July 7, 2015 16:33
import paramiko
import re
from time import sleep
# Router connection details (could be read in from file or argparse)
peer = '172.16.2.10'
username = 'admin'
password = 'admin'
def collect_output(shell, command):
@thepacketgeek
thepacketgeek / .bash_profile
Last active January 10, 2018 03:53 — forked from natelandau/.bash_profile
# ---------------------------------------------------------------------------
#
# Description: This file holds all my BASH configurations and aliases
#
# Sections:
# 1. Environment Configuration
# 2. Make Terminal Better (remapping defaults and adding functionality)
# 3. File and Folder Management
# 4. Searching
# 5. Process Management
@thepacketgeek
thepacketgeek / 07-arp_monitor.py
Last active May 31, 2018 20:32
Scapy - Monitor ARP traffic on network with custom console output
from scapy.all import *
def arp_display(pkt):
if pkt[ARP].op == 1: #who-has (request)
return "Request: " + pkt[ARP].psrc + " is asking about " + pkt[ARP].pdst
if pkt[ARP].op == 2: #is-at (response)
return "*Response: " + pkt[ARP].hwsrc + " has address " + pkt[ARP].psrc
print sniff(prn=arp_display, filter="arp", store=0, count=10)
@thepacketgeek
thepacketgeek / 10-sweep-and-scan-2.py
Last active January 12, 2019 23:51
#! /usr/bin/env python3
import random
from ipaddress import IPv4Network
from typing import List
from scapy.all import ICMP, IP, sr1, TCP
# Define IP range to scan
network = "192.168.40.0/30"
@thepacketgeek
thepacketgeek / scapy-single-object-argument.py
Created October 7, 2013 23:20
Using the scapy 'prn' argument, pass an object along with packet in a sniff(), s(), or sr() function.
# define API options
options = {"url": "http://hosted.app/api/packets", "token": "supersecretusertoken"}
# create parent function with passed in arguments
def customAction(options):
# uploadPacket function has access to the options object because they are 'closed' in the nested function
def uploadPacket(packet):
# upload packet, using passed arguments
headers = {'content-type': 'application/json'}
r = requests.post(options["url"], data=json.dumps(packet,options["token"]), headers=headers)
@thepacketgeek
thepacketgeek / gist:d7ff94bdce21fe073124fc3ec142a648
Created May 8, 2019 01:09
Parsed BGP Packets
Update {
withdrawn_routes: [],
attributes: [
ORIGIN(
IGP
),
AS_PATH(
ASPath {
segments: []
}
@thepacketgeek
thepacketgeek / pcapng -> bgp-rs.rs
Created May 8, 2019 01:16
extern crate pcarp;
use std::fs::File;
use std::io::{Cursor, Read};
use std::net::IpAddr;
use std::path::Path;
use std::result::Result;
use bgp_rs::{Header, Message, Reader};
use byteorder::{NetworkEndian, ReadBytesExt};