sendit.protocols package¶
Submodules¶
sendit.protocols.arp module¶
Creates ARP object and provides methods to parse bytes to ARP create bytes to ARP object
-
class
sendit.protocols.arp.
ARP
(sha, spa, tha, tpa, hrd=1, pro=2048, hln=6, pln=4, op=1)¶ Bases:
object
Holds all data for ARP
Parameters: - sha (String, formatted as "XX:XX:XX:XX:XX:XX") – Source MAC address
- spa (String, formated as "XXX.XXX.XXX.XXX") – string of source IP address
- tha (String, formatted as "XX:XX:XX:XX:XX:XX") – string of target MAC address
- tpa (String, formated as "XXX.XXX.XXX.XXX") – string of target IP address”
- hrd (int) – hardware code, defaults to 1 for ethernet
- pro (int) – type of protocol address - corresponds to Ethertype values, defaults to 2048 for IPv4
- hln (int) – length of hardware address in bytes, defaults to 6 for MAC length
- pln (int) – length of protocol address in bytes, defaults to 4 for IPv4 length
- op (int) – opcode of arp message, defaults to 1 for request
Raises: ValueError – if opcode, hrd, or pln is not between 0 and 65535 inclusive or hln or pln is not between 0 and 255 inclusive
-
classmethod
arp_parser
(data)¶ Class Method that parses group of bytes to create ARP object
Parameters: data (bytes) – ARP message to parse passed in as bytes Returns: ARP instance that contains the values that was in data Return type: ARP object
-
as_bytes
()¶ Converts ARP to proper format of payload bytes
Returns: bytes representation of ARP message Return type: bytes
sendit.protocols.etherframe module¶
Creates Etherframe object and provides methods to parse bytes to Etherframe create bytes to EtherFrame object
-
class
sendit.protocols.etherframe.
EtherFrame
(dst, src, payload, ethertype='ipv4')¶ Bases:
object
Holds all data of Etherframe
Parameters: - dst (String) – string of destination MAC address ex: “AB:CD:EF:01:23:45”
- src (String) – string of source MAC Address ex: “AB:CD:EF:01:23:45”
- payload (ARP, IPv4, IPv6, or any or any object str.encode(payload) can be called) – data to put into Etherframe
- ethertype (String) – String representing ethertype - defaults to “ipv4”. Can be ipv4, ipv6, arp, or rarp, or a custom value consisting of 4 hex string ascii chars, such as “8035”
Raises: ValueError – if dst not valid MAC address, if src not valid MAC address, or ethertype not supported builtin AND is not 2 bytes of a string of hex characters
-
as_bytes
()¶ Converts EtherFrame to proper format of payload bytes to send on Raw_NIC If self.payload is IPv4 or ARP object, their as_bytes function is called, providing the conversion of payload to properly formated bytes to be inserted into frame to be sent on Raw_NIC If self.payload is not IPv4 or ARP object, self.payload is conver
Returns: bytes representation of EtherFrame Return type: bytes
-
bytes_to_ethertype
= {b'\x08\x00': 'ipv4', b'\x08\x06': 'arp', b'\x805': 'rarp', b'\x86\xdd': 'ipv6'}¶
-
classmethod
etherframe_parser
(data, recursive=True)¶ Class Method that parses group of bytes to create EtherFrame Object
Parameters: - data (EtherFrame) – etherframe passed in as bytes If IPv4 is type of frame, payload will be IPv4 object created If ARP is type of frame, payload will be ARP object created
- recursive – boolean of whether to parse recursively to higher layers, defaults to True If protocol is “IPv4”, payload will be IPv4 object created If protocol is “IPv6”, payload will be IPv6 object created If protocol is “ARP”, payload will be ARP object created :type recursive: Boolean
Returns: EtherFrame instance that contains the values that was in data
Return type:
-
ethertype_to_bytes
= {'arp': b'\x08\x06', 'ipv4': b'\x08\x00', 'ipv6': b'\x86\xdd', 'rarp': b'\x805'}¶
-
parse_further_layers
(recursive=True)¶ Method that parses higher layer information contained in payload
Parameters: recursive (boolean) – boolean value of whether parsing function should be called recursively through all layers Returns: Object representation of payload if possible to parse, if not returns self.payload Return type: ARP, IPv4, IPv6, or bytes
sendit.protocols.ipv4 module¶
Creates IPv4 object and provides methods to parse bytes to IPv4 create bytes to IPv4 object
-
class
sendit.protocols.ipv4.
IPv4
(src, dst, payload, id=0, length=0, df=False, mf=False, offset=0, ttl=64, protocol='tcp', dscp=0, ecn=0, version=4, checksum=0)¶ Bases:
object
Creates IPv4 object from parameters
Parameters: - src (String) – source IP address
- dst (String) – destination IP address
- payload (TCP or UDP objects of String) – payload of the packet
- id (int) – identification number of packet, defaults to 0
- length (int) – total length of IP packet in bytes - header + data together, defaults to 0, calculated when as_bytes called. If IPv4 object created from parser function, takes value of captured IPv4 packet, and NOT calculated in as_bytes unless reset to 0 manually with reset_calculated_fields
- df (Boolean) – do not fragment flag, default to False
- mf (Boolean) – more fragments flag - deafult to False
- offset (int) – frag offset of packet, default to 0
- ttl (int) – time to live, default to 64
- protocol (String or int) – string name of protocol carried in packet.currently supported values: “tcp”, “udp”, “icmp”, custom int value accepted IF valid
- dscp (int) – differentiated services value - default of 0
- ecn (int) – explicit congestion notification - default of 0
- version (int) – version of IP
- checksum (int) – checksum of packet. By default, not calculated and set to 0 and to be calculated when as_bytes called. Set when IPv4 object created from parser function, and unless reset manually or with reset_calculated_fields function, will NOT be recalculated when as_bytes is called
-
as_bytes
()¶ Converts IPv4 to proper format of payload bytes to send set as EtherFrame payload If self.payload is TCP or UDP object, their as_bytes function is called, providing the conversion of payload to properly formated bytes to be inserted into packet If self.payload is not TCP or UDP object, self.payload is converted to bytes with str.encode(self.payload) if possible. Otherwise, it is assumed payload is already bytes
Returns: bytes representation of IPv4 Packet Return type: Bytes
-
classmethod
ipv4_parser
(data, recursive=True)¶ Class Method that parses group of bytes to create IPv4 Object
Parameters: recursive – boolean of whether to parse recursively to higher layers, defaults to True If protocol is “TCP”, payload will be TCP object created If protocol is “UDP”, payload will be UDP object created :type recursive: Boolean Returns: IPv4 instance that contains the values that was in data Return type: IPv4 object
-
parse_further_layers
(recursive=True)¶ Method that parses higher layers
Parameters: recursive (Boolean) – Whether parsing function should be called recursively through all layers, defaults to True
-
reset_calculated_fields
()¶ Resets calculated fields for IPv4 - resets length and checksum
sendit.protocols.ipv6 module¶
Creates IPv6 object and provides methods to parse bytes to IPv6 and create bytes to IPv6 object
-
class
sendit.protocols.ipv6.
IPv6
(src, dst, payload, next='tcp', limit=64, flow_label=0, ds=0, ecn=0, version=6, length=0)¶ Bases:
object
Creates IPv6 object from parameters
Parameters: - src (String) – source IPv6 address
- dst (String) – destination IPv6 address
- payload (TCP or UDP object, or String) – payload to be encapsulated inside IPv6 packet
- next (String) – next header protocol, defaults to “tcp”. “udp” and “icmp” also supported
- limit (int) – hop count limit - 0 to 255 inclusive
- flow_label (int) – label for which flow packet belongs to, defaults to 0 - which is not flow
- ds (int) – Differentiated Services field, defaults to 0
- ecn (int) – Explicit Congestion Notification value, defaults to 0
- version (int) – IP version, defaults to 6
- length (int) – length of IPv6 packet, defaults to 0 and calculated in as_bytes function. If IPv6 object created with parser method, will take value of IPv6 packet captured, and will NOT be calculated in as_bytes unless reset manually to 0 or with reset_calculated_fields function
-
as_bytes
()¶ Converts IPv6 to proper format of payload bytes to send set as EtherFrame payload If self.payload is TCP or UDP object, their as_bytes function is called, providing the conversion of payload to properly formated bytes to be inserted into packet If self.payload is not TCP or UDP object, self.payload is converted to bytes with str.encode(self.payload)
Returns: bytes representation of IPv6 Packet Return type: bytes
-
classmethod
ipv6_parser
(data, recursive=True)¶ Class Method that parses group of bytes to create IPv6 Object
Parameters: - data (bytes) – IPv6 packet passed in as bytes
- recursive (Boolean) – Boolean of whether to recursively parse; if true and if protocol is “TCP”, payload will be TCP object created if protocol is “UDP”, payload will be UDP object created
Returns: IPv6 instance that contains the values that was in data
Return type:
-
parse_further_layers
(recursive=True)¶ Method that parses higher layers
Parameters: recursive – boolean value of whether parsing funciton should be called recursively through all layers
-
reset_calculated_fields
()¶ Resets all calulated fields for IPv6 - resets length
sendit.protocols.tcp module¶
Creates TCP object and provides methods to parse bytes to TCP create bytes to TCP object
-
class
sendit.protocols.tcp.
TCP
(src_prt, dst_prt, src_ip, dst_ip, window, payload, sqn=0, ack_num=0, ns=False, cwr=False, ece=False, urg=False, ack=False, psh=False, rst=False, syn=False, fin=False, urg_pnt=0, version=4, mss=None, scaling=None, sack_permitted=None, stamp=None, sack=None, offset=5, checksum=0)¶ Bases:
object
Forms TCP Object from parameters
Parameters: - src_prt (int) – source TCP port
- dst_prt (int) – destination TCP port
- src_ip (String) – source IP address - used for creating pseudoheader to calculate checksum
- dst_ip (String) – destination IP address - used for creating pseudoheader to calculate checksum
- window (int) – window size
- payload (String) – payload of TCP Segment
- sqn (int) – sequence Number
- ack_num (int) – Acknowledgement Number
- offset (int) – 4 byte word offset of where data starts, defaults to 5
- ns (boolean) – ns flag, defaults to False
- cwr (boolean) – cwr flag, defaults to False
- ece (boolean) – ece flag, defaults to False
- urg (boolean) – urg flag, defaults to False
- ack (boolean) – ack flag, defaults to False
- psh (boolean) – psh flag, defaults to False
- rst (boolean) – rst flag, defaults to False
- syn (boolean) – syn flag, defaults to False
- fin (boolean) – fin flag, defaults to False
- urg_pnt (int) – offset of where urgent data stops
- mss (int) – maximum segment size TCP option
- scaling (int) – window scaling factor TCP option
- sack_permitted (boolean) – boolean value of whether selective acknowledgments allowed - TCP option
- sack (tuple of ints) – tuple containing byte numbers, in order, to be passes as selective acknowledgments TCP option
- stamp (tuple of ints) – tuple containing timestamp value and time stamp error
- checksum (int) – default set to 0 and calculated when as_bytes called if 0 If TCP object created from parser function, set to checksum of captured segment and NOT recalculated in as_bytes unless set to 0 manually or by calling reset_calculated_fields function
:raise ValueError when src_prt or dst_prt not between 0 and 6553 inclusive or when sqn not between 0 and 4294967295 inclusive or when ack_number not between 0 and 4294967295 inclusive or when window not between 0 and 4294967295 inclusive or when urg_pnt not between 0 and 4294967295 inclusive or when length of sack greater than 8 or when sack contains odd number of values
-
as_bytes
()¶ Converts TCP to proper format of payload bytes to send self.payload is converted to bytes with str.encode(self.payload)
Returns: bytes representation of TCP Return type: bytes
-
create_tcp_options
()¶ Set TCP Header options mss, sack_permitted, and scaling only used during syn and ack of handshake sack (selective acknowledgment) value cannot be set during handhake Header option combinations are: mss, sack_permitted, scaling, and stamp (timestamp) during handshake - any combination of these 4 timestamp and selective acknowledgement value during regular transmissions - any combination of these 2 Depending on what combination of these are set depends on what order they are arranged in, along with nop (No-op) bytes to fit in 32 bit word
TODO handle sack value
Returns: tuple consisting of bytes of options for this TCP segment and increase to options header Return type: tuple of bytes
-
parse_further_layers
(recursive=True)¶ Method that parses higher layers and sets the payload of calling TCP object
Parameters: recursive (true) – boolean value of whether parsing function should be called recursively through all layers
-
classmethod
parse_options
(option_bytes)¶ Parses TCP header options from a series of byte
Parameters: option_bytes (bytes) – series of bytes containing TCP Header options Returns: list of options to return containing [MSS, Window Scale, sack_permitted, sack_values, timestamp] Return type: list
-
reset_calculated_fields
()¶ Resets calculated fields for TCP - resets checksum and length
sendit.protocols.udp module¶
Creates UDP object and provides methods to parse bytes to UDP create bytes to UDP object
-
class
sendit.protocols.udp.
UDP
(src_prt, dst_prt, src_ip, dst_ip, payload, version=4, length=0, checksum=0)¶ Bases:
object
Creates UDP object from parameters UDP checksum is optional and therefore not currently supported
Parameters: - src_prt (int) – source port
- dst_prt (int) – destination port
- src_ip (String) – source IP address - used for creating pseudoheader to calculate checksum
- dst_ip (String) – destination IP address - used for creating pseudoheader to calculate checksum
- version – version of IP being carried in - used for calculating checksum
- length (int) – length of segment, defaults to 0, calculated when as_bytes called if 0. If UDP object created from parser function, set to length of captured segment and NOT recalculated in as_bytes unless set to 0 manually or by calling reset_calculated_fields function
- checksum (int) – default set to 0 and calculated when as_bytes called if 0 If UDP object created from parser function, set to checksum of captured segment and NOT recalculated in as_bytes unless set to 0 manually or by calling reset_calculated_fields function
- payload (bytes) – payload to be carried UDP
Version type: int
Raises: ValueError – if src_prt or dst_prt is between 0 and 65535 inclusive
-
as_bytes
()¶ Converts UDP to proper format of payload bytes to send self.payload is converted to bytes with str.encode(self.payload)
Returns: bytes representation of UDP Return type: bytes
-
parse_further_layers
(recursive=True)¶ Method that parses higher layers
Parameters: recursive (boolean) – boolean value of whether parsing function should be called through higher layers, defaults to True
-
reset_calculated_fields
()¶ Resets calcualted fields for UDP - resets checksum and length