From 1341d62da436053b668effcb0105ba75746600af Mon Sep 17 00:00:00 2001 From: Jokob-sk Date: Sat, 31 Dec 2022 11:40:39 +1100 Subject: [PATCH] Added debugging output for when Pholus hangs --- dockerfiles/README.md | 19 +++++++++++++------ pholus/pholus3.py | 33 ++++++++++++++++++++++++--------- 2 files changed, 37 insertions(+), 15 deletions(-) diff --git a/dockerfiles/README.md b/dockerfiles/README.md index 90ff2ea4..65cb8000 100755 --- a/dockerfiles/README.md +++ b/dockerfiles/README.md @@ -18,7 +18,16 @@ ## 📕 Basic Usage -- You will have to run the container on the host network, e.g: `sudo docker run --rm --net=host jokobsk/pi.alert` +- You will have to run the container on the host network, e.g: + +```yaml +docker run -d --rm --network=host \ + -v local/path/pialert/config:/home/pi/pialert/config \ + -v local/path/pialert/db:/home/pi/pialert/db \ + -e TZ=Europe/Berlin + -e PORT=20211 + jokobsk/pi.alert:latest + ``` - The initial scan can take up-to 15min (with 50 devices and MQTT). Subsequent ones 3 and 5 minutes so wait that long for all of the scans to run. ### Docker environment variables @@ -185,8 +194,6 @@ Big thanks to @Macleykun for help and Disclaimer: Please only donate if you don't have any debt yourself. Support yourself first, then others. -Buy Me A Coffee -Support me on patreon - - - +Sponsor Me on GitHub +Buy Me A Coffee +Support me on patreon diff --git a/pholus/pholus3.py b/pholus/pholus3.py index 7ca8dc7c..f26b96fb 100644 --- a/pholus/pholus3.py +++ b/pholus/pholus3.py @@ -11,6 +11,7 @@ import codecs import ipaddress import os import sys +import datetime from scapy.utils import PcapWriter @@ -26,6 +27,11 @@ logPath = runPathTmp + '/front/log' # UTIL #=============================================================================== +#------------------------------------------------------------------------------- +def timeNow(): + return datetime.datetime.now().replace(microsecond=0) + + def write_file (pPath, pText): # Write the text depending using the correct python version if sys.version_info < (3, 0): @@ -119,6 +125,7 @@ class Sniffer(): def __init__ (self,filter,interface,sniffer_timeout,queue,dns,show_ttl,dos_ttl, conflict, ttl,d4, d6, target_mac, auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2,source_mac,hlimit,workstation,printer,googlecast,airtv,flood,flooding_timeout,flooding_interval, v4, v6): self.filter = filter self.interface = interface + file_print(">>>>>>> sniffer_timeout: ", sniffer_timeout) self.sniffer_timeout=sniffer_timeout self.queue=queue self.dns=dns @@ -861,18 +868,18 @@ def main(): else: file_print("Performing implicit DoS by sending automated spoofed DNS Answers with TTL=0" ) myfilter = "udp and port 5353" - file_print("Sniffer filter is:",myfilter) - file_print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C") + file_print("Sniffer filter is: ",myfilter) + file_print("I will sniff for ",values.sniffer_timeout," seconds, unless interrupted by Ctrl-C") file_print("Press Ctrl-C to exit") try: Sniffer(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4, values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2,source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6) except KeyboardInterrupt: - file_print("Exiting on user's request") + file_print("Exiting on user's request 1") exit(0) exit(0) myfilter = "not ether src " + source_mac + " and udp and port 5353" - file_print("Sniffer filter is:",myfilter) - file_print("I will sniff for",values.sniffer_timeout,"seconds, unless interrupted by Ctrl-C") + file_print("Sniffer filter is: ",myfilter) + file_print("I will sniff for ",values.sniffer_timeout," seconds, unless interrupted by Ctrl-C") pr = multiprocessing.Process(target=Sniffer, args=(myfilter, values.interface, float(values.sniffer_timeout),q,values.dns,values.show_ttl, values.dos_ttl, values.conflict, values.ttl,values.d4,values.d6, values.target_mac, values.auto_fake_responses,source_IPv6, source_IPv4, target_mac1, target_mac2, source_mac,values.hlimit,values.workstation,values.printer,values.googlecast,values.airtv,values.flood,values.flooding_timeout,values.flooding_interval,values.v4,values.v6)) pr.daemon = True pr.start() @@ -880,13 +887,17 @@ def main(): time.sleep(1)#to make sure than sniffer has started before we proceed, otherwise you may miss some traffic ########################################################################################################## if values.request: + file_print(">>>>>>> Timestamp 1: ", timeNow()) requests(values.interface,values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,values.d4,values.d6,values.hlimit,values.dns,values.domain,values.query,values.qtype,True,q_class,values.flood,values.flooding_interval,values.flooding_timeout) + file_print(">>>>>>> Timestamp 2: ", timeNow()) elif values.response: #qr=1=>Response, aa=1=>Server is an authority for the domain, rd=0=> Do not query recursively + file_print(">>>>>>> Timestamp 3: ", timeNow()) if values.dns: dns_packet=UDP(dport=53)/DNS(qr=1,aa=1,rd=0) else: dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=1,aa=1,rd=0) + file_print(">>>>>>> Timestamp 4: ", timeNow()) responses = values.dns_response.split(",") no_of_answers=0 no_of_additional_records=0 @@ -974,6 +985,7 @@ def main(): dns_packet[DNS].arcount=no_of_additional_records send_packets(values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,values.d4,source_IPv6,values.d6,values.interface,values.hlimit,dns_packet,values.flood,values.flooding_timeout,values.flooding_interval) elif values.rdns_scanning: + file_print(">>>>>>> Timestamp 5: ", timeNow()) dns_query=None ipn = ipaddress.ip_network(values.rdns_scanning) for ip in ipn.hosts(): @@ -987,15 +999,18 @@ def main(): else: dns_packet=UDP(sport=5353,dport=5353)/DNS(qr=0,qd=dns_query) send_packets(values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,values.d4,source_IPv6,values.d6,values.interface,values.hlimit,dns_packet,values.flood,values.flooding_timeout,values.flooding_interval) + file_print(">>>>>>> Timestamp 6: ", timeNow()) elif values.service_scan: + file_print(">>>>>>> Timestamp 7: ", timeNow()) requests(values.interface,values.v4,values.v6,source_mac,target_mac1,target_mac2,source_IPv4,source_IPv6,values.d4,values.d6,values.hlimit,values.dns,values.domain,values.query,values.qtype,True,q_class,values.flood,values.flooding_interval,values.flooding_timeout) + file_print(">>>>>>> Timestamp 8: ", timeNow()) ############################################################################################ ############################################################################################ if pr: try: pr.join() except KeyboardInterrupt: - file_print("Exiting on user's request") + file_print("Exiting on user's request 2") exit(0) #### AFTER EXITING, PRINT THE RESULTS #### @@ -1023,7 +1038,7 @@ def main(): try: pr2.join() except KeyboardInterrupt: - file_print("Exiting on user's request") + file_print("Exiting on user's request 3") while not q2.empty(): results.append(q2.get()) elif values.service_scan: @@ -1044,7 +1059,7 @@ def main(): try: pr2.join() except KeyboardInterrupt: - file_print("Exiting on user's request") + file_print("Exiting on user's request 4") while not q2.empty(): results.append(q2.get()) targets2=[] @@ -1067,7 +1082,7 @@ def main(): try: pr3.join() except KeyboardInterrupt: - file_print("Exiting on user's request") + file_print("Exiting on user's request 5") while not q3.empty(): results.append(q3.get()) file_print("\n*********************************************RESULTS*********************************************")