Results 1 to 4 of 4

Thread: raw sockets, not getting reply

  1. #1
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default raw sockets, not getting reply

    Hi
    Not sure if this is a bug or i'm doing something wrong. I'm following http://www.tenouk.com/Module43a.html example and trying to send a syn packet to my router, but i'm not receiving a syn/ack reply.
    I've tried loopback to apache but it doesn't reply.

    Any help thanks

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: raw sockets, not getting reply

    Whilst I hope that it's obvious, 43 alpha is for UDP datagrams - a different layer header and the like. But skipping ahead a task should net you what you're after.

    All that aside, a good programmer will begin diagnosis of their issue. If you are trying to send data from your IP to someone else's use tcpdump (fine, wireshark.) to filter all host packets appropriately.

    Also, have some fun with SYN/ TCP generation. You can get some fun results out of RFC3514.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default Re: raw sockets, not getting reply

    Hi I was use the one below udp with some modification. wireshark says the packet is all right, i've also tried send a packet exactly the same as netcat to the port, netcat works and hping3 does but my still doesn't.. google says that timestamps and window scale were problem and removed them. Still no luck

  4. #4
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: raw sockets, not getting reply

    You need those fields they will be corrupting the packet entirely without them.

    My BSD server has LibNET installed on it: /usr/local/share/examples/libnet11/synflood.c looks interesting AND using the libnet libraries is a butt load easier than doing it yourself.

    Binary tides has a skiddie option available and so on and so forth. I think, though because I'm at work I don't have access to it, UNIX Network Programming Volume 1 contains pretty much everything you need in it to do the same thing.

    Re your page-message, sebek uses raw sockets itself, so unless it's intentionally neutering them I'd say no. That said, you should always develop on as open a machine as possible before you start locking it down. That will teach you better than anyone can what is and isn't capable in the various environments. SELinux might cause you grief, a standard firewall etc.

    Something that came up a long time ago for me was pretty easy too - the sending machine showed the packet as fine, the receiving machine disagreed. Turns out the packets were being corrupted on the way out because I wasn't calling the proper functions before delivery. Just a thought.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Similar Threads

  1. RAW Sockets questions host OS running BT Guest
    By dmshady001 in forum Beginners Forum
    Replies: 2
    Last Post: 07-18-2010, 01:05 PM
  2. Hijack msn (receive & reply)
    By tripfusion in forum OLD Newbie Area
    Replies: 1
    Last Post: 04-03-2010, 01:50 PM
  3. Ping reply
    By ivboy in forum OLD Newbie Area
    Replies: 3
    Last Post: 01-24-2010, 01:44 AM
  4. Ping reply
    By ivboy in forum BackTrack Bugs
    Replies: 0
    Last Post: 01-22-2010, 04:29 PM
  5. C Sockets
    By Mr-Protocol in forum OLD Programming
    Replies: 13
    Last Post: 11-10-2008, 06:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •