TFTPFuzzyDetection.py
1022 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
from scapy.all import *
from scapy.arch.windows import get_windows_if_list
import sys
cnt = 0
def parse_packet(packet):
global cnt
if packet and packet.haslayer("UDP"):
payload = str(packet[UDP].payload)
if payload.find('octet') < 0:
pass
else:
a = payload.partition("octet")
a = a[0].rpartition('\\x01')
filename = a[2].partition('\\x00')
filename = filename[0]
print("Fuzzing with length ", len(filename))
if len(filename) == 209 :
print("error occurred")
sys.exit(1)
if len(filename) >= 190 :
cnt += 1
if cnt > 10 :
print("Fuzzing detected\n")
# udp = packet.getlayer('UDP')
# udp.show()
interfaces = get_windows_if_list()
#print(interfaces)
sniff(filter="udp port 69", iface=r'Ethernet0', prn=parse_packet)