BREAKING CHANGE: Complete refactor of architecture to prepare BJORN V2 release, APIs, assets, and UI, webapp, logics, attacks, a lot of new features...

actions/heimdall_guard.py

@@ -0,0 +1,318 @@
+# Stealth operations module for IDS/IPS evasion and traffic manipulation.a
+# Saves settings in `/home/bjorn/.settings_bjorn/heimdall_guard_settings.json`.
+# Automatically loads saved settings if arguments are not provided.
+# -i, --interface   Network interface to use (default: active interface).
+# -m, --mode       Operating mode (timing, random, fragmented, all).
+# -d, --delay      Base delay between operations in seconds (default: 1).
+# -r, --randomize  Randomization factor for timing (default: 0.5).
+# -o, --output     Output directory (default: /home/bjorn/Bjorn/data/output/stealth).
+
+import os
+import json
+import argparse
+from datetime import datetime
+import logging
+import random
+import time
+import socket
+import struct
+import threading
+from scapy.all import *
+from collections import deque
+
+# Configure logging
+logging.basicConfig(level=logging.INFO, format='%(asctime)s - %(levelname)s - %(message)s')
+
+
+
+
+
+b_class       = "HeimdallGuard"
+b_module      = "heimdall_guard"
+b_enabled    = 0
+
+# Default settings
+DEFAULT_OUTPUT_DIR = "/home/bjorn/Bjorn/data/output/stealth"
+DEFAULT_SETTINGS_DIR = "/home/bjorn/.settings_bjorn"
+SETTINGS_FILE = os.path.join(DEFAULT_SETTINGS_DIR, "heimdall_guard_settings.json")
+
+class HeimdallGuard:
+    def __init__(self, interface, mode='all', base_delay=1, random_factor=0.5, output_dir=DEFAULT_OUTPUT_DIR):
+        self.interface = interface
+        self.mode = mode
+        self.base_delay = base_delay
+        self.random_factor = random_factor
+        self.output_dir = output_dir
+        
+        self.packet_queue = deque()
+        self.active = False
+        self.lock = threading.Lock()
+        
+        # Statistics
+        self.stats = {
+            'packets_processed': 0,
+            'packets_fragmented': 0,
+            'timing_adjustments': 0
+        }
+
+    def initialize_interface(self):
+        """Configure network interface for stealth operations."""
+        try:
+            # Disable NIC offloading features that might interfere with packet manipulation
+            commands = [
+                f"ethtool -K {self.interface} tso off",  # TCP segmentation offload
+                f"ethtool -K {self.interface} gso off",  # Generic segmentation offload
+                f"ethtool -K {self.interface} gro off",  # Generic receive offload
+                f"ethtool -K {self.interface} lro off"   # Large receive offload
+            ]
+            
+            for cmd in commands:
+                try:
+                    subprocess.run(cmd.split(), check=True)
+                except subprocess.CalledProcessError:
+                    logging.warning(f"Failed to execute: {cmd}")
+                    
+            logging.info(f"Interface {self.interface} configured for stealth operations")
+            return True
+            
+        except Exception as e:
+            logging.error(f"Failed to initialize interface: {e}")
+            return False
+
+    def calculate_timing(self):
+        """Calculate timing delays with randomization."""
+        base = self.base_delay
+        variation = self.random_factor * base
+        return max(0, base + random.uniform(-variation, variation))
+
+    def fragment_packet(self, packet, mtu=1500):
+        """Fragment packets to avoid detection patterns."""
+        try:
+            if IP in packet:
+                # Fragment IP packets
+                frags = []
+                payload = bytes(packet[IP].payload)
+                header_length = len(packet) - len(payload)
+                max_size = mtu - header_length
+                
+                # Create fragments
+                offset = 0
+                while offset < len(payload):
+                    frag_size = min(max_size, len(payload) - offset)
+                    frag_payload = payload[offset:offset + frag_size]
+                    
+                    # Create fragment packet
+                    frag = packet.copy()
+                    frag[IP].flags = 'MF' if offset + frag_size < len(payload) else 0
+                    frag[IP].frag = offset // 8
+                    frag[IP].payload = Raw(frag_payload)
+                    
+                    frags.append(frag)
+                    offset += frag_size
+                
+                return frags
+            return [packet]
+            
+        except Exception as e:
+            logging.error(f"Error fragmenting packet: {e}")
+            return [packet]
+
+    def randomize_ttl(self, packet):
+        """Randomize TTL values to avoid fingerprinting."""
+        if IP in packet:
+            ttl_values = [32, 64, 128, 255]  # Common TTL values
+            packet[IP].ttl = random.choice(ttl_values)
+        return packet
+
+    def modify_tcp_options(self, packet):
+        """Modify TCP options to avoid fingerprinting."""
+        if TCP in packet:
+            # Common window sizes
+            window_sizes = [8192, 16384, 32768, 65535]
+            packet[TCP].window = random.choice(window_sizes)
+            
+            # Randomize TCP options
+            tcp_options = []
+            
+            # MSS option
+            mss_values = [1400, 1460, 1440]
+            tcp_options.append(('MSS', random.choice(mss_values)))
+            
+            # Window scale
+            if random.random() < 0.5:
+                tcp_options.append(('WScale', random.randint(0, 14)))
+            
+            # SACK permitted
+            if random.random() < 0.5:
+                tcp_options.append(('SAckOK', ''))
+            
+            packet[TCP].options = tcp_options
+            
+        return packet
+
+    def process_packet(self, packet):
+        """Process a packet according to stealth settings."""
+        processed_packets = []
+        
+        try:
+            if self.mode in ['all', 'fragmented']:
+                fragments = self.fragment_packet(packet)
+                processed_packets.extend(fragments)
+                self.stats['packets_fragmented'] += len(fragments) - 1
+            else:
+                processed_packets.append(packet)
+            
+            # Apply additional stealth techniques
+            final_packets = []
+            for pkt in processed_packets:
+                pkt = self.randomize_ttl(pkt)
+                pkt = self.modify_tcp_options(pkt)
+                final_packets.append(pkt)
+            
+            self.stats['packets_processed'] += len(final_packets)
+            return final_packets
+            
+        except Exception as e:
+            logging.error(f"Error processing packet: {e}")
+            return [packet]
+
+    def send_packet(self, packet):
+        """Send packet with timing adjustments."""
+        try:
+            if self.mode in ['all', 'timing']:
+                delay = self.calculate_timing()
+                time.sleep(delay)
+                self.stats['timing_adjustments'] += 1
+            
+            send(packet, iface=self.interface, verbose=False)
+            
+        except Exception as e:
+            logging.error(f"Error sending packet: {e}")
+
+    def packet_processor_thread(self):
+        """Process packets from the queue."""
+        while self.active:
+            try:
+                if self.packet_queue:
+                    packet = self.packet_queue.popleft()
+                    processed_packets = self.process_packet(packet)
+                    
+                    for processed in processed_packets:
+                        self.send_packet(processed)
+                else:
+                    time.sleep(0.1)
+                    
+            except Exception as e:
+                logging.error(f"Error in packet processor thread: {e}")
+
+    def start(self):
+        """Start stealth operations."""
+        if not self.initialize_interface():
+            return False
+        
+        self.active = True
+        self.processor_thread = threading.Thread(target=self.packet_processor_thread)
+        self.processor_thread.start()
+        return True
+
+    def stop(self):
+        """Stop stealth operations."""
+        self.active = False
+        if hasattr(self, 'processor_thread'):
+            self.processor_thread.join()
+        self.save_stats()
+
+    def queue_packet(self, packet):
+        """Queue a packet for processing."""
+        self.packet_queue.append(packet)
+
+    def save_stats(self):
+        """Save operation statistics."""
+        try:
+            os.makedirs(self.output_dir, exist_ok=True)
+            timestamp = datetime.now().strftime("%Y-%m-%d_%H-%M-%S")
+            
+            stats_file = os.path.join(self.output_dir, f"stealth_stats_{timestamp}.json")
+            
+            with open(stats_file, 'w') as f:
+                json.dump({
+                    'timestamp': datetime.now().isoformat(),
+                    'interface': self.interface,
+                    'mode': self.mode,
+                    'stats': self.stats
+                }, f, indent=4)
+                
+            logging.info(f"Statistics saved to {stats_file}")
+            
+        except Exception as e:
+            logging.error(f"Failed to save statistics: {e}")
+
+def save_settings(interface, mode, base_delay, random_factor, output_dir):
+    """Save settings to JSON file."""
+    try:
+        os.makedirs(DEFAULT_SETTINGS_DIR, exist_ok=True)
+        settings = {
+            "interface": interface,
+            "mode": mode,
+            "base_delay": base_delay,
+            "random_factor": random_factor,
+            "output_dir": output_dir
+        }
+        with open(SETTINGS_FILE, 'w') as f:
+            json.dump(settings, f)
+        logging.info(f"Settings saved to {SETTINGS_FILE}")
+    except Exception as e:
+        logging.error(f"Failed to save settings: {e}")
+
+def load_settings():
+    """Load settings from JSON file."""
+    if os.path.exists(SETTINGS_FILE):
+        try:
+            with open(SETTINGS_FILE, 'r') as f:
+                return json.load(f)
+        except Exception as e:
+            logging.error(f"Failed to load settings: {e}")
+    return {}
+
+def main():
+    parser = argparse.ArgumentParser(description="Stealth operations module")
+    parser.add_argument("-i", "--interface", help="Network interface to use")
+    parser.add_argument("-m", "--mode", choices=['timing', 'random', 'fragmented', 'all'], 
+                        default='all', help="Operating mode")
+    parser.add_argument("-d", "--delay", type=float, default=1, help="Base delay between operations")
+    parser.add_argument("-r", "--randomize", type=float, default=0.5, help="Randomization factor")
+    parser.add_argument("-o", "--output", default=DEFAULT_OUTPUT_DIR, help="Output directory")
+    args = parser.parse_args()
+
+    settings = load_settings()
+    interface = args.interface or settings.get("interface")
+    mode = args.mode or settings.get("mode")
+    base_delay = args.delay or settings.get("base_delay")
+    random_factor = args.randomize or settings.get("random_factor")
+    output_dir = args.output or settings.get("output_dir")
+
+    if not interface:
+        interface = conf.iface
+        logging.info(f"Using default interface: {interface}")
+
+    save_settings(interface, mode, base_delay, random_factor, output_dir)
+
+    guard = HeimdallGuard(
+        interface=interface,
+        mode=mode,
+        base_delay=base_delay,
+        random_factor=random_factor,
+        output_dir=output_dir
+    )
+
+    try:
+        if guard.start():
+            logging.info("Heimdall Guard started. Press Ctrl+C to stop.")
+            while True:
+                time.sleep(1)
+    except KeyboardInterrupt:
+        logging.info("Stopping Heimdall Guard...")
+        guard.stop()
+
+if __name__ == "__main__":
+    main()