diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..7bcaf70 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,15 @@ +FROM ubuntu +MAINTAINER Osbert Feng + +USER root +RUN apt-get update -qq && apt-get install -qq -y python-scapy tcpdump tcpreplay wireshark python-requests + +RUN useradd -m -s /bin/bash amzn-dash +RUN echo amzn-dash:amzn-dash | chpasswd + +USER root +ADD dash-listen.py /home/amzn-dash/dash-listen.py +CMD python /home/amzn-dash/dash-listen.py + +# NOTE: To run this, you must link against the host networking stack +# docker run --net=host -e DASH_MAC_ADDRESS= -e URL_CALLBACK=http://url/to/callback dash-listen diff --git a/dash-listen.py b/dash-listen.py index af6ba60..6bd9cc8 100644 --- a/dash-listen.py +++ b/dash-listen.py @@ -1,13 +1,26 @@ -from scapy.all import * - -def arp_display(pkt): - if pkt[ARP].op == 1: #who-has (request) - if pkt[ARP].psrc == '0.0.0.0': # ARP Probe - print "ARP Probe from: " + pkt[ARP].hwsrc - -print sniff(prn=arp_display, filter="arp", store=0, count=10) - # sudo apt-get install python-scapy tcpdump tcpreplay wireshark # Note that wireshark prompts during installation if non-root users # should be allowed to perform packed capture. + +from scapy.all import * +import os +import requests + +DASH_MAC_ADDRESS=os.environ.get('DASH_MAC_ADDRESS') +URL_CALLBACK=os.environ.get('URL_CALLBACK') + +def arp_display(pkt): + if pkt[ARP].op == 1: #who-has (request) + if pkt[ARP].psrc == '0.0.0.0': # ARP Probe + if pkt[ARP].hwsrc == DASH_MAC_ADDRESS: + requests.get(URL_CALLBACK) + else: + print "ARP Probe from unknown device: " + pkt[ARP].hwsrc + + +while True: + try: + print sniff(prn=arp_display, filter="arp", store=0, count=10) + except: + pass