Path: blob/master/modules/auxiliary/spoof/replay/pcap_replay.rb
19500 views
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Auxiliary6include Msf::Exploit::Remote::Capture78def initialize9super(10'Name' => 'Pcap Replay Utility',11'Description' => %q{12Replay a packet capture (PCAP) file.13},14'Author' => 'amaloteaux',15'License' => MSF_LICENSE,16'Notes' => {17'Stability' => [SERVICE_RESOURCE_LOSS],18'SideEffects' => [IOC_IN_LOGS],19'Reliability' => []20}21)2223register_options([24OptPath.new('FILENAME', [true, 'The local pcap file to process']),25OptString.new('FILE_FILTER', [false, 'The filter string to apply on the file']),26OptInt.new('LOOP', [true, 'The number of times to loop through the file', 1]),27OptInt.new('DELAY', [true, 'the delay in millisecond between each loop', 0]),28OptInt.new('PKT_DELAY', [true, 'the delay in millisecond between each packet', 0]),29])3031deregister_options('SNAPLEN', 'FILTER', 'PCAPFILE', 'RHOST', 'TIMEOUT', 'SECRET', 'GATEWAY_PROBE_HOST', 'GATEWAY_PROBE_PORT')32end3334def run35filename = datastore['FILENAME']3637unless File.exist?(filename) && File.file?(filename)38print_error('Pcap File does not exist')39return40end4142check_pcaprub_loaded4344open_pcap4546vprint_status('Sending file...')4748pkt_delay = datastore['PKT_DELAY']49delay = datastore['DELAY']50iterations = datastore['LOOP']51infinity = true if iterations <= 052file_filter = datastore['FILE_FILTER']53count = 054while (iterations > 0) || infinity55vprint_status("Sending file (iterations: #{count += 1})")56inject_pcap(filename, file_filter, pkt_delay)57iterations -= 1 unless infinity58Kernel.select(nil, nil, nil, (delay * 1.0) / 1000) if (iterations > 0) || infinity59end6061close_pcap62end63end646566