#!/usr/bin/python
from scapy.all import *
from optparse import OptionParser
import os,sys,socket,fcntl,struct

class fakeRst:
	def __init__(self, options):
		self.options = options
		self.options.port = int(self.options.port)
		self.srcIP = self.getIP()
		self.sport = 9000
		self.isn   = 162352

	def getIP(self):
		s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
		return socket.inet_ntoa(fcntl.ioctl(s.fileno(),0x8915,struct.pack('256s', "eth0"))[20:24])

	def main(self):
		#Send the initial SYN packet
		p = IP(src=self.srcIP, dst=self.options.addr)/TCP(sport=self.sport, dport=self.options.port, flags="S", seq=self.isn)
		synack = sr1(p)
		if not synack:
			print "SYN-ACK not received"
			return 0

		print "Received SYN-ACK"
		#Here is the tricky part
		#What we need to do is ACK back with the ACK number + 1
		#Usually we would do ack = synack.seq+1, but we want to get a RST back
		ack = IP(src=self.srcIP, dst=self.options.addr)/TCP(sport=self.sport, dport=self.options.port, flags="A", seq=self.isn+1, ack=synack.seq+2)

		print "Sending Modified ACK..."
		send(ack)
		
		#Build the payload packet
		#But we ACK the previous syn-ack packet
		p = IP(src=self.srcIP, dst=self.options.addr)/TCP(sport=self.sport, dport=self.options.port, flags="PA", seq=ack.seq, ack=synack.seq+1)/self.options.data

		print "Sending Payload"
		ackPacket = sr1(p, timeout=1)

		if not ackPacket:
			print "No ACK Received"
			return 0
		
		#Double check to see if it was ACK'd correctly
		if not ackPacket.flags == 2 or not ackPacket.ack == p.seq + len(self.options.data):
			print "Error with return ACK"
			return 0

		print "Payload Sent Successfully"

def parseArgs():
	usage = """python fakerst.py -a IP_DEST -p PORT -d PAYLOAD

Example: python fakerst.py -a 192.168.1.100 -p 80 -d "GET / HTTP/1.1\\r\\n"

Required IPTables Rule:
	iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP"""

	parser = OptionParser(usage)
	parser.add_option("-a", help="Send payload to IP", action="store", type="string", dest="addr")
	parser.add_option("-p", help="Send payload to PORT", action="store", type="string", dest="port")
	parser.add_option("-d", help="Send data", action="store", type="string", dest="data")

	if len(sys.argv) != 7:
		parser.print_help()
		sys.exit(1)
	
	(options, args) = parser.parse_args(sys.argv)

	f = fakeRst(options)
	f.main()

if __name__ == "__main__":
	parseArgs()