1#!/usr/local/bin/python3 2 3print("non-overlapping ping6 fragments with ethernet padding") 4 5# |--------|XX| 6# |----|XX| 7 8import os 9from addr import * 10from scapy.all import * 11 12pid=os.getpid() 13eid=pid & 0xffff 14payload=b"ABCDEFGHIJKLMNOP" 15padding=b"0123" 16packet=IPv6(src=LOCAL_ADDR6, dst=REMOTE_ADDR6)/ \ 17 ICMPv6EchoRequest(id=eid, data=payload) 18frag=[] 19fid=pid & 0xffffffff 20frag.append(IPv6ExtHdrFragment(nh=58, id=fid, m=1)/bytes(packet)[40:56]) 21frag.append(IPv6ExtHdrFragment(nh=58, id=fid, offset=2)/bytes(packet)[56:64]) 22eth=[] 23for f in frag: 24 pkt=bytes(IPv6(src=LOCAL_ADDR6, dst=REMOTE_ADDR6)/f) + padding 25 eth.append(Ether(src=LOCAL_MAC, dst=REMOTE_MAC, type=0x86dd)/pkt) 26 27if os.fork() == 0: 28 time.sleep(1) 29 sendp(eth, iface=LOCAL_IF) 30 os._exit(0) 31 32ans=sniff(iface=LOCAL_IF, timeout=3, filter= 33 "ip6 and src "+REMOTE_ADDR6+" and dst "+LOCAL_ADDR6+" and icmp6") 34for a in ans: 35 if a and a.type == ETH_P_IPV6 and \ 36 ipv6nh[a.payload.nh] == 'ICMPv6' and \ 37 icmp6types[a.payload.payload.type] == 'Echo Reply': 38 id=a.payload.payload.id 39 print("id=%#x" % (id)) 40 if id != eid: 41 print("WRONG ECHO REPLY ID") 42 exit(2) 43 data=a.payload.payload.data 44 print("payload=%s" % (data)) 45 if data == payload: 46 exit(0) 47 print("PAYLOAD!=%s" % (payload)) 48 exit(1) 49print("NO ECHO REPLY") 50exit(2) 51