Assignment 1

10 files changed, 235 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..4450ceb
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+*.pyc
+*.tar.gz
+assignment*.pdf
+
diff --git a/Readme.md b/Readme.md
new file mode 100644
index 0000000..d366922
--- /dev/null
+++ b/Readme.md
@@ -0,0 +1,4 @@
+# NWI-IBC022 Network Security
+
+Copyright © 2015 [Camil Staps](mailto:info@camilstaps.nl).
+
diff --git a/netsec-assignment1-S4498062/exercise1/netcat-l.py b/netsec-assignment1-S4498062/exercise1/netcat-l.py
new file mode 100755
index 0000000..4050b1a
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise1/netcat-l.py
@@ -0,0 +1,40 @@
+#!/usr/bin/env python3
+
+import socket
+
+def handle(passedconn):
+    data = b""
+    newdata = passedconn.recv(size)
+    while newdata:
+        data += newdata
+        newdata = passedconn.recv(size)
+    if data:
+        datastring = data.decode("utf-8")
+        print(handlestring(datastring, len("spam "), "\n"))
+    passedconn.close()
+
+def handlestring(datastring, length, delimiter):
+    stringlist = datastring.split(sep=delimiter)
+    filteredlist = [s[length:] for s in stringlist]
+    filteredstring = delimiter.join(filteredlist)
+    return filteredstring
+
+def main():
+    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+    s.bind((host, port))
+    s.listen(backlog)
+    
+    for i in [1, 2, 3]:
+        conn, clientaddress = s.accept()
+        handle(conn)
+    
+    s.close()
+
+host = "localhost"
+port = 42424
+backlog = 5
+size = 1024
+
+if __name__ == "__main__":
+    main()
+
diff --git a/netsec-assignment1-S4498062/exercise1/netcat.py b/netsec-assignment1-S4498062/exercise1/netcat.py
new file mode 100755
index 0000000..1bd7fd9
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise1/netcat.py
@@ -0,0 +1,12 @@
+#!/usr/bin/env python3
+
+import socket
+
+s = socket.create_connection(("localhost", 42424))
+stringbuf = ""
+for i in range(0, 1000):
+    stringbuf = stringbuf + "spam " + str(i) + "\n"
+buf = stringbuf.encode("utf-8")
+s.sendall(buf)
+s.close()
+
diff --git a/netsec-assignment1-S4498062/exercise2/netcat-l.py b/netsec-assignment1-S4498062/exercise2/netcat-l.py
new file mode 100755
index 0000000..8a4ce2f
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise2/netcat-l.py
@@ -0,0 +1,32 @@
+#!/usr/bin/env python3
+
+import socket
+
+def handle(passedconn):
+    data = b""
+    newdata, addr = passedconn.recvfrom(size)
+    print(newdata, addr)
+    while newdata:
+        datastring = newdata.decode("utf-8")
+        print(handlestring(datastring, len("spam "), "\n"))
+        newdata, addr = passedconn.recvfrom(size)
+
+def handlestring(datastring, length, delimiter):
+    stringlist = datastring.split(sep=delimiter)
+    filteredlist = [s[length:] for s in stringlist]
+    filteredstring = delimiter.join(filteredlist)
+    return filteredstring
+
+def main():
+    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    s.bind((host, port))
+    handle(s)
+    s.close()
+
+host = "localhost"
+port = 42424
+size = 2 ** 16 - 1
+
+if __name__ == "__main__":
+    main()
+
diff --git a/netsec-assignment1-S4498062/exercise2/netcat.py b/netsec-assignment1-S4498062/exercise2/netcat.py
new file mode 100755
index 0000000..5585c32
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise2/netcat.py
@@ -0,0 +1,12 @@
+#!/usr/bin/env python3
+
+import socket
+
+s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+stringbuf = ""
+for i in range(0, 1000):
+    stringbuf = stringbuf + "spam " + str(i) + "\n"
+buf = stringbuf.encode("utf-8")
+s.sendto(buf, ("localhost", 42424))
+s.close()
+
diff --git a/netsec-assignment1-S4498062/exercise3/sniffer.py b/netsec-assignment1-S4498062/exercise3/sniffer.py
new file mode 100755
index 0000000..55416a8
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise3/sniffer.py
@@ -0,0 +1,42 @@
+#!/usr/bin/env python3
+
+import socket
+import struct
+
+def parse_udp(packet):
+    header_length = 8
+    header = packet[:header_length]
+    data = packet[header_length:]
+    (source_port, dest_port, data_length, checksum) = struct.unpack(
+            "!HHHH", header)
+    return source_port, dest_port, data_length, data, checksum
+
+def parse_ip(packet):
+    header_length_in_bytes = (packet[0] & 0x0f) * 4
+    header = packet[:20]
+    data = packet[header_length_in_bytes:]
+    length, protocol, src, dst = struct.unpack(
+            "!xxHxxxxxBxx4s4s", header)
+    header = {'length': length,
+            'protocol': protocol,
+            'source': src,
+            'destination': dst}
+    return header_length_in_bytes, header, data
+
+def format_ip(addr):
+    return '.'.join('%d'%i for i in addr)
+
+def main():
+    s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_UDP)
+    while True:
+        raw, address = s.recvfrom(2 ** 16 - 1)
+        ip_header_len, ip_header, ip_payload = parse_ip(raw)
+        src_port, dst_port, udp_len, udp_data, udp_crc = parse_udp(ip_payload)
+        print("{}:{} --> {}:{}\nData length: {}\nChecksum: {}\n{}\n".format(
+            format_ip(ip_header['source']), src_port,
+            format_ip(ip_header['destination']), dst_port,
+            udp_len, udp_crc, udp_data))
+
+if __name__ == "__main__":
+    main()
+
diff --git a/netsec-assignment1-S4498062/exercise3/udp-length-mismatch-explanation b/netsec-assignment1-S4498062/exercise3/udp-length-mismatch-explanation
new file mode 100644
index 0000000..543f7e4
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise3/udp-length-mismatch-explanation
@@ -0,0 +1,6 @@
+The length field is calculated as
+
+    length = len(header) + length(data)
+
+Therefore, it is always 8 more than the data length.
+
diff --git a/netsec-assignment1-S4498062/exercise4/sniffer.py b/netsec-assignment1-S4498062/exercise4/sniffer.py
new file mode 100755
index 0000000..4cb0c5c
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise4/sniffer.py
@@ -0,0 +1,77 @@
+#!/usr/bin/env python3
+
+import socket
+import struct
+import math
+
+def parse_tcp(packet):
+    header_length = packet[12] * 4
+    header = packet[:14] # We don't care about the variable length options
+    data = packet[header_length:]
+    src_port, dst_port, seqn, ackn, flags = struct.unpack("!HHIIxB", header)
+    return src_port, dst_port, seqn, ackn, flags, data
+
+def parse_udp(packet):
+    header_length = 8
+    header = packet[:header_length]
+    data = packet[header_length:]
+    src_port, dst_port, data_len, checksum = struct.unpack("!HHHH", header)
+    return src_port, dst_port, data_len, data, checksum
+
+def parse_ip(packet):
+    header_length_in_bytes = (packet[0] & 0x0f) * 4
+    header = packet[:20]
+    data = packet[header_length_in_bytes:]
+    length, protocol, src, dst = struct.unpack("!xxHxxxxxBxx4s4s", header)
+    header = {'length': length,
+            'protocol': protocol,
+            'source': src,
+            'destination': dst}
+    return header_length_in_bytes, header, data
+
+def format_ip(addr):
+    return '.'.join('%d'%i for i in addr)
+
+def parse_eth(packet):
+    if (packet[13:14] == b'\x81\x00'):
+        dst, src, typecode = struct.unpack("!6s6sxxxxH", packet[:18])
+        data = packet[18:]
+    else:
+        dst, src, typecode = struct.unpack("!6s6sH", packet[:14])
+        data = packet[14:]
+    return dst, src, typecode, data
+
+def format_mac(addr):
+    return ':'.join('%02x'%i for i in addr)
+
+def main():
+    s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.ntohs(0x0003))
+    while True:
+        raw, address = s.recvfrom(2 ** 16 - 1)
+
+        eth_dst, eth_src, eth_type, eth_data = parse_eth(raw)
+        print("ETH:  {} --> {} ({})".format(
+            format_mac(eth_dst), format_mac(eth_src), eth_type))
+
+        if eth_type == 0x0800: # IP
+            ip_header_len, ip_header, ip_payload = parse_ip(eth_data)
+            print("IP:   {} --> {} ({:04x})".format(
+                format_ip(ip_header['source']), 
+                format_ip(ip_header['destination']),
+                ip_header['protocol']))
+
+            if ip_header['protocol'] == 0x11: # UDP
+                src_port, dst_port, _, udp_data, _ = parse_udp(ip_payload)
+                print("UDP:  :{} --> :{}".format(
+                    src_port, dst_port))
+            elif ip_header['protocol'] == 0x06: # TCP
+                src_port, dst_port, seqn, ackn, flags, tcp_data = parse_tcp(
+                        ip_payload)
+                print("TCP:  :{} --> :{} / SEQ:{} ACK:{} ({:#02x})".format(
+                    src_port, dst_port, seqn, ackn, flags))
+
+        print()
+
+if __name__ == "__main__":
+    main()
+
diff --git a/netsec-assignment1-S4498062/exercise4/udp-length-mismatch-explanation b/netsec-assignment1-S4498062/exercise4/udp-length-mismatch-explanation
new file mode 100644
index 0000000..543f7e4
--- /dev/null
+++ b/netsec-assignment1-S4498062/exercise4/udp-length-mismatch-explanation
@@ -0,0 +1,6 @@
+The length field is calculated as
+
+    length = len(header) + length(data)
+
+Therefore, it is always 8 more than the data length.
+