Virtual IP Phalanx Router-study of attack router concepts

VIPPR

Virtual IP Phalanx Router

... a study of attack router concepts

[ Download | Documentation | License ]

 

Introduction

The IRPAS program collection can be used to perform routing protocol attacks. Often, the approach is to redirect a traffic stream through another router which is under the control of an attacker.
Existing systems can be used to do this since most operating systems provide routing capabilities. But what, if such a system is not available? Or the attacker got a system to reroute it's traffic through another one just to discover that the new router immediately send back an ICMP redirect to correct the routing?
Another problem we are aware of is that the GRE tunnel intrusion described in our GRE paper can't be done without modification of all used tools - which would be a pain.

 

 

The Study

Since there are so many problems and uncertain circumstances you are facing when doing routing or tunneling attacks, we decided to start a study of an attack router software. The idea has the same sources as port scanners have: you can use exisiting tools to scan ports (such as telnet(1)), but this is unflexible and not powerful enough. So people started to write software just for attackers, which later became today's huge amount of port scanners.
The same idea applies for routers: If exisiting routing software can't fulfill your desires as a Gray Hat, create a router software that is just for this kind of stuff.
The Virtual IP Phalanx Router is a study object - not a product. But since most open source projects would acknowledge the fact that there is a big part just study, we thought that publishing this thing wouldn't hurt.

 

 

VIPPR concepts

VIPPR is a user land software that runs on Linux. To begin with an internal: VIPPR is just a sniffer/protocol analyser that knows something about how to handle certain kind of traffic and reacts accordingly.
You can bind as much virtual IP addresses to an exising interface as you want. These are not used by the kernel - the kernel dosen't even know about them. These Virtual IPs (or VIPs) can have several properties. In fact, there are different kinds of VIPs available to you. But you don't just bind IPs to an interface, you also select the MAC address they use. This enables you to impersonate any device on your network on the lower layers.
In contrast to conventional routers, VIPPR does not use one routing table but as much as you like. You can create routing tables and VIPs independent from each other. Then, you assign a routing table to your VIP. All VIPs that are in the same routing group can forward traffic from one to another. VIPs that are in a different routing group can't. It's the concept you know from VLANs - but just for routing.
To enable users to perform GRE intrusion attacks without changing their existing tools, VIPPR supports VIPs which do GRE encapsulation for any Tunnel you can think of and send them to the tunnel destination IP. This makes it possible to do a GRE intrusion just by setting up this VIP and have your workstation route it's traffic through this VIP.

 

 

VIPPR limitations

First, as all study code from us, this one is portable as a aircraft carrier on land and may be as buggy as some FTP servers. We are currently working in the background on another version which will be cleaner and probably even portable.
At the moment, all VIPs share the same ARP table. In the next major version, the ARP table will be per VIP, which serves the concept of VIPs better.
Another limitation is that the software only runs on Linux and requires the box to be his own. To achive throughput that can handle a fully loaded 100MBit network, we had to make it very "processor-hurting". Take a dedicated machine to run it - any 386 will do.
The tunnel intrusion part is still only for GRE. We will support GRE source routing attacks and several other encapsulation methods in the future. Additionally, we work in VLAN hop capability for VIPPR as well.
在使用Python来安装geopandas包时,由于geopandas依赖于几个其他的Python库(如GDAL, Fiona, Pyproj, Shapely等),因此安装过程可能需要一些额外的步骤。以下是一个基本的安装指南,适用于大多数用户: 使用pip安装 确保Python和pip已安装: 首先,确保你的计算机上已安装了Python和pip。pip是Python的包管理工具,用于安装和管理Python包。 安装依赖库: 由于geopandas依赖于GDAL, Fiona, Pyproj, Shapely等库,你可能需要先安装这些库。通常,你可以通过pip直接安装这些库,但有时候可能需要从其他源下载预编译的二进制包(wheel文件),特别是GDAL和Fiona,因为它们可能包含一些系统级的依赖。 bash pip install GDAL Fiona Pyproj Shapely 注意:在某些系统上,直接使用pip安装GDAL和Fiona可能会遇到问题,因为它们需要编译一些C/C++代码。如果遇到问题,你可以考虑使用conda(一个Python包、依赖和环境管理器)来安装这些库,或者从Unofficial Windows Binaries for Python Extension Packages这样的网站下载预编译的wheel文件。 安装geopandas: 在安装了所有依赖库之后,你可以使用pip来安装geopandas。 bash pip install geopandas 使用conda安装 如果你正在使用conda作为你的Python包管理器,那么安装geopandas和它的依赖可能会更简单一些。 创建一个新的conda环境(可选,但推荐): bash conda create -n geoenv python=3.x anaconda conda activate geoenv 其中3.x是你希望使用的Python版本。 安装geopandas: 使用conda-forge频道来安装geopandas,因为它提供了许多地理空间相关的包。 bash conda install -c conda-forge geopandas 这条命令会自动安装geopandas及其所有依赖。 注意事项 如果你在安装过程中遇到任何问题,比如编译错误或依赖问题,请检查你的Python版本和pip/conda的版本是否是最新的,或者尝试在不同的环境中安装。 某些库(如GDAL)可能需要额外的系统级依赖,如地理空间库(如PROJ和GEOS)。这些依赖可能需要单独安装,具体取决于你的操作系统。 如果你在Windows上遇到问题,并且pip安装失败,尝试从Unofficial Windows Binaries for Python Extension Packages网站下载相应的wheel文件,并使用pip进行安装。 脚本示例 虽然你的问题主要是关于如何安装geopandas,但如果你想要一个Python脚本来重命名文件夹下的文件,在原始名字前面加上字符串"geopandas",以下是一个简单的示例: python import os # 指定文件夹路径 folder_path = 'path/to/your/folder' # 遍历文件夹中的文件 for filename in os.listdir(folder_path): # 构造原始文件路径 old_file_path = os.path.join(folder_path, filename) # 构造新文件名 new_filename = 'geopandas_' + filename # 构造新文件路径 new_file_path = os.path.join(folder_path, new_filename) # 重命名文件 os.rename(old_file_path, new_file_path) print(f'Renamed "{filename}" to "{new_filename}"') 请确保将'path/to/your/folder'替换为你想要重命名文件的实际文件夹路径。
在使用Python来安装geopandas包时,由于geopandas依赖于几个其他的Python库(如GDAL, Fiona, Pyproj, Shapely等),因此安装过程可能需要一些额外的步骤。以下是一个基本的安装指南,适用于大多数用户: 使用pip安装 确保Python和pip已安装: 首先,确保你的计算机上已安装了Python和pip。pip是Python的包管理工具,用于安装和管理Python包。 安装依赖库: 由于geopandas依赖于GDAL, Fiona, Pyproj, Shapely等库,你可能需要先安装这些库。通常,你可以通过pip直接安装这些库,但有时候可能需要从其他源下载预编译的二进制包(wheel文件),特别是GDAL和Fiona,因为它们可能包含一些系统级的依赖。 bash pip install GDAL Fiona Pyproj Shapely 注意:在某些系统上,直接使用pip安装GDAL和Fiona可能会遇到问题,因为它们需要编译一些C/C++代码。如果遇到问题,你可以考虑使用conda(一个Python包、依赖和环境管理器)来安装这些库,或者从Unofficial Windows Binaries for Python Extension Packages这样的网站下载预编译的wheel文件。 安装geopandas: 在安装了所有依赖库之后,你可以使用pip来安装geopandas。 bash pip install geopandas 使用conda安装 如果你正在使用conda作为你的Python包管理器,那么安装geopandas和它的依赖可能会更简单一些。 创建一个新的conda环境(可选,但推荐): bash conda create -n geoenv python=3.x anaconda conda activate geoenv 其中3.x是你希望使用的Python版本。 安装geopandas: 使用conda-forge频道来安装geopandas,因为它提供了许多地理空间相关的包。 bash conda install -c conda-forge geopandas 这条命令会自动安装geopandas及其所有依赖。 注意事项 如果你在安装过程中遇到任何问题,比如编译错误或依赖问题,请检查你的Python版本和pip/conda的版本是否是最新的,或者尝试在不同的环境中安装。 某些库(如GDAL)可能需要额外的系统级依赖,如地理空间库(如PROJ和GEOS)。这些依赖可能需要单独安装,具体取决于你的操作系统。 如果你在Windows上遇到问题,并且pip安装失败,尝试从Unofficial Windows Binaries for Python Extension Packages网站下载相应的wheel文件,并使用pip进行安装。 脚本示例 虽然你的问题主要是关于如何安装geopandas,但如果你想要一个Python脚本来重命名文件夹下的文件,在原始名字前面加上字符串"geopandas",以下是一个简单的示例: python import os # 指定文件夹路径 folder_path = 'path/to/your/folder' # 遍历文件夹中的文件 for filename in os.listdir(folder_path): # 构造原始文件路径 old_file_path = os.path.join(folder_path, filename) # 构造新文件名 new_filename = 'geopandas_' + filename # 构造新文件路径 new_file_path = os.path.join(folder_path, new_filename) # 重命名文件 os.rename(old_file_path, new_file_path) print(f'Renamed "{filename}" to "{new_filename}"') 请确保将'path/to/your/folder'替换为你想要重命名文件的实际文件夹路径。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值