Skip to content
Extraits de code Groupes Projets
Valider 0419927d rédigé par François De Keersmaeker's avatar François De Keersmaeker
Parcourir les fichiers

Started anonymizing hardware addresses in DHCP packets

parent 99eab512
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Pipeline #60247 en échec
Étape : test
Masquer les modifications d'espaces
En ligne Côte à côte
pcap_anonymize/layers/mac.py
+ 33
7
Voir le fichier @ 0419927d
...@@ -4,11 +4,16 @@ Anonymize MAC addresses. ...@@ -4,11 +4,16 @@ Anonymize MAC addresses.
from hashlib import sha256 from hashlib import sha256
from scapy.layers.l2 import Ether, ARP from scapy.layers.l2 import Ether, ARP
from scapy.layers.dhcp import DHCP from scapy.layers.dhcp import BOOTP, DHCP
BASE_HEX = 16 BASE_HEX = 16
BYTE_ORDER = "big" BYTE_ORDER = "big"
# DHCP-related constants
DHCP_MAGIC_COOKIE = 0x63825363
DHCP_OPTION_CLIENT_ID = "client_id"
DHCP_CLIENT_ID_TYPE_ETH = 1
# Special, well-known MAC addresses # Special, well-known MAC addresses
special_macs = [ special_macs = [
"00:00:00:00:00:00", # Default "00:00:00:00:00:00", # Default
...@@ -137,15 +142,36 @@ def anonymize_arp(arp: ARP) -> ARP: ...@@ -137,15 +142,36 @@ def anonymize_arp(arp: ARP) -> ARP:
return arp return arp
def anonymize_dhcp(dhcp: DHCP) -> DHCP: def anonymize_dhcp(dhcp: BOOTP) -> BOOTP:
""" """
Anonymize a packet's DHCP layer. Anonymize a packet's DHCP layer MAC addresses.
Args: Args:
dhcp (scapy.DHCP): DHCP layer to anonymize dhcp (scapy.BOOTP): DHCP layer to anonymize
Returns: Returns:
scapy.DHCP: anonymized DHCP layer scapy.BOOTP: anonymized DHCP layer
""" """
# Anonymize client MAC address # Anonymize client hardware address
dhcp.setfieldval("chaddr", anonymize_mac(dhcp.getfieldval("chaddr"))) chaddr = dhcp.getfieldval("chaddr")[0:6]
dhcp.setfieldval("chaddr", anonymize_mac(chaddr))
# Check if BOOTP layer contains DHCP options
options = dhcp.getfieldval("options")
cookie = int.from_bytes(options[:4], BYTE_ORDER)
if cookie != DHCP_MAGIC_COOKIE:
return dhcp
# BOOTP layer contains DHCP options
# Anonymize Client Identifier option
dhcp = dhcp.getlayer(DHCP)
if dhcp is None or dhcp.options is None:
return dhcp
for i, (code, value) in enumerate(dhcp.options):
if code == DHCP_OPTION_CLIENT_ID and value[0] == DHCP_CLIENT_ID_TYPE_ETH:
mac = ":".join(f"{byte:02x}" for byte in value[1:7])
dhcp.options[i] = (code, anonymize_mac(mac))
break
return dhcp return dhcp
pcap_anonymize/pcap_anonymize.py
+ 8
1
Voir le fichier @ 0419927d
...@@ -6,8 +6,9 @@ import os ...@@ -6,8 +6,9 @@ import os
from pathlib import Path from pathlib import Path
from scapy.all import Packet, sniff, wrpcap from scapy.all import Packet, sniff, wrpcap
from scapy.layers.l2 import Ether, ARP from scapy.layers.l2 import Ether, ARP
from scapy.layers.dhcp import BOOTP
# Packet layers # Packet layers
from .layers.mac import anonymize_ether, anonymize_arp from .layers.mac import anonymize_ether, anonymize_arp, anonymize_dhcp
### GLOBAL VARIABLES ### ### GLOBAL VARIABLES ###
...@@ -59,6 +60,12 @@ def anonymize_packet(packet: Packet) -> None: ...@@ -59,6 +60,12 @@ def anonymize_packet(packet: Packet) -> None:
except AttributeError: except AttributeError:
pass pass
# Anonymize MAC addresses in DHCP packets
try:
anonymize_dhcp(packet.getlayer(BOOTP))
except AttributeError:
pass
# Recompute packet checksums # Recompute packet checksums
packet = recompute_checksums(packet) packet = recompute_checksums(packet)
......
0% ou .
You are about to add 0 people to the discussion. Proceed with caution.
Terminez d'abord l'édition de ce message.
Veuillez vous inscrire ou vous pour commenter