Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: moonbaseDelta/OSfooler-ng
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: ezbik/OSfooler-ng
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 2 commits
  • 3 files changed
  • 1 contributor

Commits on Jun 27, 2021

  1. make it compatible with PolicyBasedRouting;

    proper interface detection
    logging of ignored packets in verbos mode
    logging Queue number, Home_IP
    ezbik committed Jun 27, 2021
    Copy the full SHA
    a176e1d View commit details
  2. +systemd_service

    ezbik committed Jun 27, 2021
    Copy the full SHA
    e97dcd7 View commit details
Showing with 52 additions and 5 deletions.
  1. +8 −0 _extra/osfooler-ng.conf
  2. +15 −0 _extra/osfooler-ng.service
  3. +29 −5 osfooler_ng/osfooler_ng.py
8 changes: 8 additions & 0 deletions _extra/osfooler-ng.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@


# vim: filetype=bash


OSGENRE=Windows
DETAILS_P0F="XP bare-bone"

15 changes: 15 additions & 0 deletions _extra/osfooler-ng.service
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@

[Unit]
After=network.target

[Service]
ExecStart=/usr/local/bin/osfooler-ng -o ${OSGENRE} -d ${DETAILS_P0F}
Type=simple
EnvironmentFile=/etc/osfooler-ng.conf
KillMode=mixed
TimeoutStopSec=2
KillSignal=SIGINT

[Install]
WantedBy=default.target

34 changes: 29 additions & 5 deletions osfooler_ng/osfooler_ng.py
Original file line number Diff line number Diff line change
@@ -628,7 +628,13 @@ def cb_p0f( pl ):

pkt = ip.IP(pl.get_payload())

if (inet_ntoa(pkt.src) == home_ip) and (pkt.p == ip.IP_PROTO_TCP) and (tcp_flags(pkt.tcp.flags) == "S"):
# that condition is too complex, I had to drop SourceIP check, so it will work with PolicyBasedRouting.
#
# During PolicyBasedRouting, when we afterwards route the packets via
# .. another interface, its SRC_IP remains always of main interface, as TCP stack sees it.

#if (inet_ntoa(pkt.src) == home_ip) and (pkt.p == ip.IP_PROTO_TCP) and (tcp_flags(pkt.tcp.flags) == "S"):
if (pkt.p == ip.IP_PROTO_TCP) and (tcp_flags(pkt.tcp.flags) == "S"):
options = pkt.tcp.opts.encode('hex_codec')
op = options.find("080a")
if (op != -1):
@@ -662,7 +668,9 @@ def cb_p0f( pl ):
else:
pl.accept()
else:
pl.accept()
pl.accept()
if opts.verbose:
print " [+] Ignored packet: source %s destination %s tos %s id %s" % (inet_ntoa(pkt.src), inet_ntoa(pkt.dst), pkt.tos, pkt.id)
# return 0

# Process nmap packets
@@ -826,6 +834,18 @@ def user_is_root():
else:
return

def get_default_iface_name_linux():
route = "/proc/net/route"
with open(route) as f:
for line in f.readlines():
try:
iface, dest, _, flags, _, _, _, _, _, _, _, = line.strip().split()
if dest != '00000000' or not int(flags, 16) & 2:
continue
return iface
except:
continue

def main():
# Main program begins here
show_banner()
@@ -901,14 +921,15 @@ def main():
q_num0 = -1
q_num1 = -1
else:
interface = "eth0" # you may paste here your main interface found by '$~: ip a', for instance
interface = get_default_iface_name_linux()
try:
q_num0 = os.listdir("/sys/class/net/").index(opts.interface) * 2
q_num1 = os.listdir("/sys/class/net/").index(opts.interface) * 2 + 1
q_num0 = os.listdir("/sys/class/net/").index(interface) * 2
q_num1 = os.listdir("/sys/class/net/").index(interface) * 2 + 1
except ValueError, err:
q_num0 = -1
q_num1 = -1

print " [+] detected interface: %s" % interface
# Global -> get values from cb_nmap() and cb_p0f
global base

@@ -953,6 +974,7 @@ def main():
procs = []
# nmap mode
if opts.os:
print (" [+] detected Queue %s" % q_num0)
os.system("iptables -A INPUT -j NFQUEUE --queue-num %s" % q_num0)
proc = Process(target=init,args=(q_num0,))
procs.append(proc)
@@ -961,6 +983,8 @@ def main():
if (opts.osgenre):
global home_ip
home_ip = get_ip_address(interface)
print (" [+] detected home_ip %s" % home_ip)
print (" [+] detected Queue %s" % q_num1)
os.system("iptables -A OUTPUT -p TCP --syn -j NFQUEUE --queue-num %s" % q_num1)
proc = Process(target=init,args=(q_num1,))
procs.append(proc)