Sunday, August 28, 2011

UNS,UMPA and ZION with new features

Hi, I worked as GSOC 2011 student with UMIT project. I worked on UNS, UMPA and ZION as part of my project. The start was a little bumpy, but all is well that ends well. In this post I'll explain the work done during this summer.

  1. Umit Network Scanner :
    My goal is to release UNS 2.0 as part of my GSOC project. Most of the work has been done, and the release will follow shortly. I added following features to UNS



    • Support for IPv6 : nmap supports IPv6 (baring some options), but the support was missing from UNS. For the options that are not supported by nmap we display an error message with appropriate information. Screen Shot of IPv6 Scan (done on testbed of 2 computers). It uses the address checker implemented in zion.



    • Radialnet Improvements: Developed algorithm with the help of Joao, for display of network with large number of networks. This solved problems of superimposition when running a scan on large network. The algorithm was implemented and the results are shown below
    • Scan Detail Improvements: Active and inactive nodes are shown in green and red respectively in the display column.

    • Fixing of some other bugs
  2. UMPA:
    In UMPA, I added support for IPv6, ICMP, ICMPv6. All the types/codes currently in use for ICMP and ICMP6 are now supported. For using the developed API's following code need to be called

    ICMP :

    >>from umit.umpa.protocols import IP
    >>from umit.umpa.protocols import ICMP
    >>from umit.umpa import Packet
    >>from umit.umpa import Socket
    >>from umit.umpa._sockets import INET
    >>from umit.umpa.utils.security import super_priviliges

    >>ip = IP(src='127.0.0.1', dst='127.0.0.1')
    >>sock = super_priviliges(INET)
    >>icmp = ICMP(type = 'ECHO' , code = 0)
    >>icmp.data = 'ABCD'
    >>first_packet = Packet(ip, icmp)
    >>sock.send(first_packet)

    TCP over IPv6 :

    >>from umit.umpa.protocols import IPV6
    >>from umit.umpa.protocols import TCP
    >>from umit.umpa.protocols import Payload
    >>from umit.umpa import Packet
    >>from umit.umpa import Socket
    >>from umit.umpa._sockets import INET6
    >>from umit.umpa.utils.security import super_priviliges

    >>ip = IPV6(src='0000:0000:0000:0000:0000:0000:0000:0001', >>dst='0000:0000:0000:0000:0000:0000:0000:0001')

    >>ip.set_flags('ds',ect=True)
    >>ip.set_flags('ds',ecn_ce=True)

    >>tcp = TCP()
    >>tcp.srcport = 2561
    >>tcp.dstport = 253
    >>tcp.set_flags('flags', syn=True)

    >>payload = Payload()
    >>payload.data = "this is umpa!"

    >>first_packet = Packet(ip, tcp)
    >>first_packet.include(payload)

    >>sock = super_priviliges(INET6)
    >>sock.send(first_packet)

    Similar for UDP over IPv6

    ICMPv6:

    >>from umit.umpa.protocols import IPV6
    >>from umit.umpa.protocols import ICMPV6
    >>from umit.umpa import Packet
    >>from umit.umpa import Socket
    >>from umit.umpa._sockets import INET6
    >>from umit.umpa.utils.security import super_priviliges

    >>ip = IPV6(src='0000:0000:0000:0000:0000:0000:0000:0001', >>dst='0000:0000:0000:0000:0000:0000:0000:0001')
    >>sock = super_priviliges(INET6)
    >>icmp = ICMPV6(type = 'ECHO' , code = 0)
    >>icmp.data = 'ABCD'
    >>first_packet = Packet(ip, icmp)
    >>sock.send(first_packet)
Packet captured by wire shark on above execution :
No.     Time        Source                Destination           Protocol Info
      1 0.000000    ::1                   ::1                   ICMPv6   Echo (ping) request id=0x0000, seq=0

Frame 1: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
    Arrival Time: Aug 29, 2011 01:21:18.734364000 IST
    Epoch Time: 1314561078.734364000 seconds
    [Protocols in frame: eth:ipv6:icmpv6:data]
    [Coloring Rule Name: ICMP]
    [Coloring Rule String: icmp || icmpv6]
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
    Type: IPv6 (0x86dd)
Internet Protocol Version 6, Src: ::1 (::1), Dst: ::1 (::1)
    0110 .... = Version: 6
        [0110 .... = This field makes the filter "ip.version == 6" possible: 6]
    .... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
    Payload length: 12
    Next header: ICMPv6 (0x3a)
    Hop limit: 255
    Source: ::1 (::1)
    Destination: ::1 (::1)
Internet Control Message Protocol v6
    Type: 128 (Echo (ping) request)
    Code: 0 (Should always be zero)
    Checksum: 0xfb30 [correct]
    ID: 0x0000
    Sequence: 0
    Data (4 bytes)

0000  41 42 43 44                                       ABCD
        Data: 41424344
        [Length: 4]

No.     Time        Source                Destination           Protocol Info
   2 0.000019    ::1                   ::1                   ICMPv6   Echo (ping) reply id=0x0000, seq=0

Frame 2: 66 bytes on wire (528 bits), 66 bytes captured (528 bits)
    Arrival Time: Aug 29, 2011 01:21:18.734383000 IST
    Epoch Time: 1314561078.734383000 seconds
    [Protocols in frame: eth:ipv6:icmpv6:data]
    [Coloring Rule Name: ICMP]
    [Coloring Rule String: icmp || icmpv6]
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
    Type: IPv6 (0x86dd)
Internet Protocol Version 6, Src: ::1 (::1), Dst: ::1 (::1)
    0110 .... = Version: 6
        [0110 .... = This field makes the filter "ip.version == 6" possible: 6]
    .... 0000 0000 .... .... .... .... .... = Traffic class: 0x00000000
    Payload length: 12
    Next header: ICMPv6 (0x3a)
    Hop limit: 255
    Source: ::1 (::1)
    Destination: ::1 (::1)
Internet Control Message Protocol v6
    Type: 129 (Echo (ping) reply)
    Code: 0 (Should always be zero)
    Checksum: 0xfa30 [correct]
    ID: 0x0000
    Sequence: 0
    Data (4 bytes)

0000  41 42 43 44                                       ABCD
        Data: 41424344
        [Length: 4]





  1. ZION:
    IPv6 support added to zion. As ZION uses UMPA for sending the packets, the IPv6 implemented in UMPA was directly used here. We first detect the type of destination address (IPv6,IPv4,Domain Name). Then we correspondingly select the available source IP address (our address), and set interface accordingly for packet capture. For dynamically setting the interface depending on destination address, 
     It set this device same as for capturing the packet . 

  1.  Regular expressions used are as follows :

    ipv4

    "((25[0-5]|2[0-4]\d|1\d\d|[1-
    9]\d|\d)\.){3}(25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)"


    ipv6 (all address types are supported with the given regex)
    eg, ****************************************

    "^(?:(?:(?:[A-F0-9]{1,4}:){6}|(?=(?:[A-F0-9]{0,4}:){0,6}(?:[0-9]{1,3}\.){3}[0-9]{1,3}$)(([0-9A-F]{1,4}:){0,5}|:)((:[0-9A-F]{1,4}){1,5}:|:))(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)|(?:[A-F0-9]{1,4}:){7}[A-F0-9]{1,4}|(?=(?:[A-F0-9]{0,4}:){0,7}[A-F0-9]{0,4}$)(([0-9A-F]{1,4}:){1,7}|:)((:[0-9A-F]{1,4}){1,7}|:))$"


    and a domain name list (containing top level domains). 


Here are Screen Shot of Zion scan with two different public IPv6 address .


    No comments:

    Post a Comment