Smart Home firewall
Profile-based Smart Home firewall
Functions | Variables
attack Namespace Reference

-lan More...

Functions

def main ()
 FUNCTIONS ###.
 

Variables

string mac_src = "50:c7:bf:ed:0a:54"
 GLOBAL VARIABLES ###.
 
string mac_dst = "c0:56:27:73:46:0b"
 
string ip_src = "192.168.1.135"
 
string ip_dst = "192.168.1.1"
 
int port_dst = 53
 
string qname = "example.com"
 
string eth_broadcast = "ff:ff:ff:ff:ff:ff"
 GLOBAL VARIABLES ###.
 
string sha = "3c:cd:5d:a2:a9:d7"
 
string tha = "00:00:00:00:00:00"
 
string spa = "192.168.1.222"
 
string tpa = "192.168.1.135"
 

Detailed Description

-lan

-wan

Attack towards the `turn-on-upon-motion-phone-tcp` policy of the TP-Link smart plug.
Send unwanted packets having the following signature:
    - Source MAC address:       3c:cd:5d:a2:a9:d7 (phone MAC address)
    - Destination MAC address:  50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
    - Source IPv4 address:      192.168.1.222 (phone IPv4 address)
    - Destination IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
    - Destination TCP port:     9999
Any attack packet will be blocked, as the prerequisite door state update pattern
has not been seen beforehand.
Attack towards the `turn-on-upon-motion-cloud` policy of the TP-Link smart plug.
Send unwanted packets having the following signature:
    - Source MAC address:       c0:56:27:73:46:0b (gateway MAC address)
    - Destination MAC address:  50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
    - Source IPv4 address:      TP-Link cloud server IPv4 address
    - Destination IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
    - Destination TCP port:     443 (HTTPS port)
All packets should be blocked, as the prerequisite door state update pattern
has not been seen beforehand.
Attack towards the `dns-query-plug-use1-api` policy of the TP-Link smart plug.
Issue DNS queries for an unwanted domain name.
Packets have the following signature:
    - Source MAC address:       50:c7:bf:ed:0a:54 (TP-Link smart plug MAC address)
    - Destination MAC address:  c0:56:27:73:46:0b (gateway MAC address)
    - Source IPv4 address:      192.168.1.135 (TP-Link smart plug IPv4 address)
    - Destination IPv4 address: 192.168.1.1 (gateway IPv4 address)
    - Destination UDP port:     53 (DNS port)
All packets should be blocked.
Attack towards the `arp-plug-phone` policy of the TP-Link smart plug.
Issue ARP requests toward the smart plug with a rate higher than allowed.
Packets have the following signature:
    - Sender MAC address:  3c:cd:5d:a2:a9:d7 (phone MAC address)
    - Target MAC address:  00:00:00:00:00:00 (default MAC address)
    - Sender IPv4 address: 192.168.1.222 (phone IPv4 address)
    - Target IPv4 address: 192.168.1.135 (TP-Link smart plug IPv4 address)
Packets should be blocked when they exceed the allowed rate of 1 packet per second.