Connect function in raw socket?
Yes, IPPROTO_TCP
creates TCP socket. To use raw socket, you need to pass SOCK_RAW as second argument to the socket
function.
is raw socket datagram socket or not?
That depends on the kind of IP header you will include in your packets (TCP or UDP). Actually it's more easier to include the UDP header since the kernel will manage some TCP mechanism.
So you have to add the UDP header in your packets, then it will be a datagram socket.
How Do I Use Raw Socket in Python?
You do it like this:
First you disable your network card's automatic checksumming:
sudo ethtool -K eth1 tx off
And then send your dodgy frame from python 2 (You'll have to convert to Python 3 yourself):
#!/usr/bin/env python
from socket import socket, AF_PACKET, SOCK_RAW
s = socket(AF_PACKET, SOCK_RAW)
s.bind(("eth1", 0))
# We're putting together an ethernet frame here,
# but you could have anything you want instead
# Have a look at the 'struct' module for more
# flexible packing/unpacking of binary data
# and 'binascii' for 32 bit CRC
src_addr = "\x01\x02\x03\x04\x05\x06"
dst_addr = "\x01\x02\x03\x04\x05\x06"
payload = ("["*30)+"PAYLOAD"+("]"*30)
checksum = "\x1a\x2b\x3c\x4d"
ethertype = "\x08\x01"
s.send(dst_addr+src_addr+ethertype+payload+checksum)
Done.
Using raw socket in Python
Reading from a raw socket and parsing out the IP_ID is trivial:
response, addr = s.recvfrom(65535)
response_id = struct.unpack('!H', response[4:6])
print response_id
The hard part is getting someone to send you a packet in the first place. I'm pretty sure you can't use the same socket in raw mode and stream mode at the same time, so you're going to need to replace that connect
and send
with a bunch of much more complicated code that constructs and sends the appropriate TCP packets to initiate the connection. There are libraries like scapy
that will do all that hard stuff for you, but if you want to do it manually, you just need to read RFC 791 and RFC 793 carefully, do all the tedious stuff (making sure you get all the endianness right), and you're on your way.
On *BSD (including OS X), the kernel will fill in the IP length, TCP length, and, best of all, the TCP checksum. It gets much more painful if you have to handle those yourself. (If this doesn't work on your platform, you probably do… either that, or I screwed up something else that OS X fixes for me automagically and your platform doesn't.)
import socket
import struct
def make_ip(proto, srcip, dstip, ident=54321):
saddr = socket.inet_aton(srcip)
daddr = socket.inet_aton(dstip)
ihl_ver = (4 << 4) | 5
return struct.pack('!BBHHHBBH4s4s' ,
ihl_ver, 0, 0, ident, 0, 255, proto, 0, saddr, daddr)
def make_tcp(srcport, dstport, payload, seq=123, ackseq=0,
fin=False, syn=True, rst=False, psh=False, ack=False, urg=False,
window=5840):
offset_res = (5 << 4) | 0
flags = (fin | (syn << 1) | (rst << 2) |
(psh <<3) | (ack << 4) | (urg << 5))
return struct.pack('!HHLLBBHHH',
srcport, dstport, seq, ackseq, offset_res,
flags, window, 0, 0)
srcip = dstip = '127.0.0.1'
srcport, dstport = 11001, 11000
payload = '[TESTING]\n'
ip = make_ip(socket.IPPROTO_TCP, srcip, dstip)
tcp = make_tcp(srcport, dstport, payload)
packet = ip + tcp + payload
s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW)
s.sendto(packet, (dstip, 0))
response, addr = s.recvfrom(65535)
response_id = struct.unpack('!H', response[4:6])
print response_id
Each time I run this, I get a nak (if no one's listening on port 11000) or ack packet with a randomized IP_ID
, just as you'd expect.
How do I use raw sockets in Perl?
Looks like Net::RawIP was what I was looking for:
use Net::RawIP;
$a = new Net::RawIP;
$a->set({ip => {saddr => 'my.target.lan',daddr => 'my.target.lan'},
tcp => {source => 139,dest => 139,psh => 1, syn => 1}});
$a->send;
$a->ethnew("eth0");
$a->ethset(source => 'my.target.lan',dest =>'my.target.lan');
$a->ethsend;
$p = $a->pcapinit("eth0","dst port 21",1500,30);
$f = dump_open($p,"/my/home/log");
loop $p,10,\&dump,$f;
Related Topics
How to Get Started Developing on *Nix
Ssh: Could Not Resolve Hostname [Hostname]: Nodename Nor Servname Provided, or Not Known
Replace Whitespaces with Tabs in Linux
How to Automatically Start a Node.Js Application in Amazon Linux Ami on Aws
Limiting Certain Processes to CPU % - Linux
What's the Accepted Method for Deploying a Linux Application That Relies on Shared Libraries
Why Does Ps O/P List the Grep Process After the Pipe
Starting Point for Clock_Monotonic
Syntax Error: End of File Unexpected (Expecting "Then")
How to Read from User Within While-Loop Read Line
How to Show Line Number When Executing Bash Script
What Are Stalled-Cycles-Frontend and Stalled-Cycles-Backend in 'Perf Stat' Result
Managing a User Password for Linux in Puppet
How to Simulate a Failed Disk During Testing
Bash Script to Detect When My Usb Is Plugged in and to Then Sync It with a Directory