-
May 14th, 2008, 10:10 PM
#1
Junior Member
libnet packet construction - wrong values = infinite loop?!
im not sure if this is the right place to ask for help, so please let me know...
i am trying to do the following using libnet & libpcap:
- sniff a specific port for a syn packet
- if detected, construct a syn/ack packet
from the sniffed packet i got out the source and destination port & address, and also the sequence number. i thought it was pretty straight forward, until something weird happens:
- A detects packet from B,
- A builds packet, send it back to B
- A detects packet it just made
- A builds packet... STUCK FOREVER
as shown in my output...
Code:
Packet detected at: Tue May 13 14:33:58 2008
From: 192.168.1.103 39809 To: 192.168.1.102 123
Length: 44
Flags: SYN
---------------------------------------------------
Packet detected at: Tue May 13 14:33:58 2008
From: 160.166.245.183 123 To: 160.166.245.183 39809
Length: 40
Flags: SYN
---------------------------------------------------
Packet detected at: Tue May 13 14:33:58 2008
From: 160.166.245.183 39809 To: 160.166.245.183 123
Length: 40
Flags: SYN
---------------------------------------------------
Packet detected at: Tue May 13 14:33:58 2008
From: 160.166.245.183 123 To: 160.166.245.183 39809
Length: 40
Flags: SYN
---------------------------------------------------
my guess is that i put in the wrong values in during the packet construction...? here's my code:
Code:
#include <stdlib.h>
#include <errno.h>
#include <stdio.h>
#include <unistd.h>
#include <pcap.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <netinet/ether.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <sys/socket.h>
#include <netdb.h>
#include <time.h>
#include <libnet.h>
void handler(char *, const struct pcap_pkthdr *, const u_char *);
int main(int argc, char **argv)
{
struct in_addr net, mask;
struct bpf_program filter;
int buffsize = 65535;
int promisc = 1;
int timeout = 1000;
char *dev;
char pcap_err[PCAP_ERRBUF_SIZE];
char filter_app[] = "port 123";
u_char buffer[255];
pcap_t *pcap_nic;
time_t date_time;
time(&date_time);
printf("\nSession started at: %s\n", ctime(&date_time));
//looks for valid device
if(!(dev = pcap_lookupdev(pcap_err))){
perror(pcap_err);
exit (-1);
}
printf("Listening on device: %s\n\n", dev);
//opens interface for live capture
if((pcap_nic = pcap_open_live(dev, buffsize, promisc, timeout, pcap_err)) == NULL){
perror(pcap_err);
exit(-1);
}
//returns subnet & netmask of interface
if(pcap_lookupnet(dev, &net.s_addr, &mask.s_addr, pcap_err) == -1){
perror(pcap_err);
exit(-1);
}
//compiles packet filter
if(pcap_compile(pcap_nic, &filter, filter_app, 0, net.s_addr) == -1){
perror(pcap_err);
exit(-1);
}
//set filter for capturing
if(pcap_setfilter(pcap_nic, &filter) == -1){
perror(pcap_err);
exit(-1);
}
//calls handler to capture packets
//set '-1' for indefinite capture
//handles one packet at a time
while(1){
pcap_loop(pcap_nic, -1, (pcap_handler)handler, buffer);
}
fclose(fp);
}
//captures packet
//passes src/dest port & address to injector()
void handler(char *usr, const struct pcap_pkthdr *header, const u_char *pkt)
{
struct iphdr *ipheader = (struct iphdr *)(pkt + LIBNET_ETH_H);
struct tcphdr *tcpheader = (struct tcphdr *)(pkt + LIBNET_IPV4_H + LIBNET_ETH_H);
struct in_addr source, dest;
int src_port, dest_port, seq_num;
time_t date_time;
time(&date_time);
if(tcpheader->syn){
source.s_addr = ipheader->saddr;
dest.s_addr = ipheader->daddr;
printf("Packet detected at: %s\n", ctime(&date_time));
printf("From: %s \t%i\t", inet_ntoa(source), ntohs(tcpheader->source));
printf("To: %s \t%i\n", inet_ntoa(dest), ntohs(tcpheader->dest));
printf("Length: %i\n", ntohs(ipheader->tot_len));
printf("Flags: SYN\n\n");
src_port = ntohs(tcpheader->source);
dest_port = ntohs(tcpheader->dest);
seq_num = ntohl(tcpheader->seq);
injector(src_port, dest_port, seq_num, source, dest);
}
}
//builds and sends tcp & ip packet
void injector(int src_port, int dest_port, int seq_num, struct in_addr source, struct in_addr dest)
{
char *dev;
char pcap_err[PCAP_ERRBUF_SIZE];
char libnet_errbuf[LIBNET_ERRBUF_SIZE];
//looks up valid device
if(!(dev = pcap_lookupdev(pcap_err))){
perror(pcap_err);
exit (-1);
}
libnet_t *l; //libnet context
libnet_ptag_t tcp = 0, ipv4 = 0; //libnet protocol blocks
//initialize libnet to interface
l = libnet_init(LIBNET_RAW4, dev, libnet_errbuf);
if (l == NULL){
fprintf(stderr, "Error opening context: %s", libnet_errbuf);
exit(1);
}
//builds tcp packet
tcp = libnet_build_tcp(dest_port, //1 src port
src_port, //2 dest port
libnet_get_prand(LIBNET_PRu16), //3 seq num
(seq_num + 1), //4 ack num
TH_SYN|TH_ACK, //5 flags
7, //6 window
0, //7 checksum
0, //8 urgent
LIBNET_TCP_H, //9 hdr len
NULL, //10 payload
0, //11 payload len
l, //12 libnet context
tcp);
if (tcp == -1){
fprintf(stderr, "Error building TCP header: %s\n", libnet_errbuf);
exit(1);
}
//build ip packet
ipv4 = libnet_build_ipv4(LIBNET_TCP_H + LIBNET_IPV4_H, //1 length
0, //2 TOS
libnet_get_prand(LIBNET_PRu16), //3 ip id
0, //4 flag offset
127, //5 ttl
IPPROTO_TCP, //6 upper layer protocol
0, //7 checksum
(inet_ntoa(source)),
(inet_ntoa(dest)),
NULL, //10 payload
0, //11 payload length
l, //12 libnet context
ipv4);
if (ipv4 == -1){
fprintf(stderr, "Error building IP header: %s\n", libnet_errbuf);
exit(1);
}
//send packets
if ((libnet_write(l)) == -1){
fprintf(stderr, "Error writing packet: %s\n", libnet_errbuf);
exit(1);
}
//shutdown libnet
libnet_destroy(l);
}
thanks for your time!
Similar Threads
-
By heatwave in forum AntiOnline's General Chit Chat
Replies: 4
Last Post: October 12th, 2012, 08:53 AM
-
By qod in forum The Security Tutorials Forum
Replies: 6
Last Post: February 27th, 2004, 03:03 AM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By Zonewalker in forum AntiOnline's General Chit Chat
Replies: 5
Last Post: August 21st, 2002, 04:50 AM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|