Advertisement
Guest User

Untitled

a guest
Apr 5th, 2020
183
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 1.93 KB | None | 0 0
  1. if (re.search("PROTO=TCP",line)):
  2.     # NULL Scan (flag -> none)
  3.     if (not re.search(" ACK ",line) and not re.search(" SYN ",line) and not re.search(" FIN ",line) and not re.search(" URG ",line) and not re.search(" PSH ",line) and not re.search(" RST ",line)):
  4.         null_pkts.append(line)
  5.     # XMAS Scan (flag -> URG, PSH, FIN)
  6.     elif (not re.search(" ACK ",line) and not re.search(" SYN ",line) and re.search(" FIN ",line) and re.search(" URG ",line) and re.search(" PSH ",line) and not re.search(" RST ",line)):
  7.         xmas_pkts.append(line)
  8.     # FIN Scan (flag -> FIN)
  9.     elif (not re.search(" ACK ",line) and not re.search(" SYN ",line) and re.search(" FIN ",line) and not re.search(" URG ",line) and not re.search(" PSH ",line) and not re.search(" RST ",line)):
  10.         fin_pkts.append(line)
  11.     # ACK Scan (flag -> ACK)
  12.     elif (re.search(" ACK ",line) and not re.search(" SYN ",line) and not re.search(" FIN ",line) and not re.search(" URG ",line) and not re.search(" PSH ",line) and not re.search(" RST ",line)):
  13.         ack_pkts.append(line)
  14.     # SYN flood (flag -> SYN) (molti pacchetti)
  15.     # Connect() Scan (flag -> SYN) (OPT molto lungo)
  16.     # HALF-OPEN Scan (flag -> SYN) (OPT molto corto)
  17.     elif (not re.search(" ACK ",line) and re.search(" SYN ",line) and not re.search(" FIN ",line) and not re.search(" URG ",line) and not re.search(" PSH ",line) and not re.search(" RST ",line)):
  18.         if (re.search(opt_re,line)):
  19.             opt = ((re.search(opt_re,line)).group(2))
  20.                 if (len(opt) > 10):
  21.                     syn_c_pkts.append(line)
  22.                 else:
  23.                     syn_ho_pkts.append(line)
  24.             elif (re.search("DPT=0",line)):
  25.                 syn_f_pkts.append(line)
  26. # Ricerca di UDP Scan
  27. elif (re.search("PROTO=UDP",line) and re.search(" LEN=8 ",line) and not re.search("PROTO=ICMP",line)):
  28.     udp_pkts.append(line)
  29. # Ricerca di ICMP Ping Scan + attacco Smurf
  30. elif (re.search("PROTO=ICMP",line)):
  31.     if(re.search("DST=192.168.1.255",line)):
  32.         smurf_pkts.append(line)
  33.     elif (re.search(" LEN=28 ",line)):
  34.         icmp_pkts.append(line)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement