1#!/usr/local/bin/python3 2 3print("fully fragmented maximum size ping packet, sent in random order") 4 5# |----| 6# |----| 7# |----| 8# |----| 9# |----| 10 11import os 12import random 13from addr import * 14from scapy.all import * 15 16pid=os.getpid() 17eid=pid & 0xffff 18iplen=2**16 19size=424 20payload=b"ABCDEFGHIJKLMNOP" * int(iplen / 16) 21packet=IP(src=LOCAL_ADDR, dst=REMOTE_ADDR)/ \ 22 ICMP(type='echo-request', id=eid)/bytes(payload)[0:iplen-20-8-1] 23frag=[] 24fid=pid & 0xffff 25max=int((iplen-20)/size) 26for i in range(max): 27 frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid, 28 frag=i*int(size/8), flags='MF')/ 29 bytes(packet)[20+i*size:20+(i+1)*size]) 30frag.append(IP(src=LOCAL_ADDR, dst=REMOTE_ADDR, proto=1, id=fid, 31 frag=max*int(size/8))/bytes(packet)[20+max*size:]) 32eth=[] 33for f in frag: 34 eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC)/f) 35 36child = os.fork() 37if child == 0: 38 time.sleep(1) 39 randeth=eth 40 random.shuffle(randeth) 41 for e in randeth: 42 sendp(e, iface=LOCAL_IF) 43 time.sleep(0.001) 44 os._exit(0) 45 46ans=sniff(iface=LOCAL_IF, timeout=10, filter= 47 "ip and src "+REMOTE_ADDR+" and dst "+LOCAL_ADDR+" and icmp") 48os.kill(child, 15) 49os.wait() 50 51for a in ans: 52 if a and a.type == ETH_P_IP and \ 53 a.payload.frag == 0 and \ 54 a.payload.proto == 1 and \ 55 icmptypes[a.payload.payload.type] == 'echo-reply': 56 id=a.payload.payload.id 57 print("id=%#x" % (id)) 58 if id != eid: 59 print("WRONG ECHO REPLY ID") 60 exit(2) 61 exit(0) 62print("NO ECHO REPLY") 63exit(1) 64