Friday, October 21, 2022

[FIXED] How do I send a raw ethernet frame in python?

      , ,      No comments   

Issue

I need to have a project done in a few days, its a basic client and server interface. The catch is that it needs to be all raw sockets. I have no problem with creating that, I am just stuck on sending the packets.

First I tried to bind it to an interface 'en1' but it keeps giving me an error nodename not known. When I bind it to my local ip address it works fine. After completing this I created a raw packet class, its all in hex. I then did a sendto call to send it on the wire.

The problem is that when I capture the packet by using wireshark it shows up as being the payload of a ipv4 packet. I don't want it to make the headers automatically, that is what my raw packet class was for anyway. Do you know of any way I can take out these headers?

Here is my code - only the raw function:

def raw():
    HOST = gethostbyname('192.168.1.10')
    
    s = socket(AF_INET, SOCK_RAW, IPPROTO_IP)
    s.bind((HOST, 0))
    
    s.setsockopt(IPPROTO_IP, IP_HDRINCL, 0) #no headers - it wont work!!

    pckt = packet("\x68\x65\x6c\x6c\x6f")
    netpacket = pckt.getpacket()
    
    print("Sending.. ")
    print("")
    
    s.sendto(netpacket, ('192.168.1.1', 80))
    data = s.recv(4096)
    print(data)

And here is the captured packet with a hello at the end:

007f 2809 6da2 28cf daee 2156 0800 4500 004d 1bfc 0000 4000 db59 c0a8 010a c0a8 0101* 007f     

2809 6da2 28cf daee 2156 0800 4500 0036 2352 4000 4006 0000 c0a8 010a c0a8 0101 15c0 0050 

0000 0000 0000 0000 8010 813b 0000 68656c6c6f -hello

*This (the 0101) is the start of the payload even though it was supposed to be the start of the packet. Also I am not going to use any other modules, I have to use socket.


Solution

Thanks to the commenters, I managed to get a connection going with a server. All it took was changing the address family to af_packet in linux. Then I bound it to my nic and sent it. It worked.

here is some example code:

s = socket(AF_PACKET, SOCK_RAW)
s.bind(("en1", 0))
pckt = packet()  # my class that initializes the raw hex
data = pckt.getpacket()
s.send(data)
message = s.recv(4096)
print(s)
print(s.decode('hex'))

It needs to be in linux or debian. to my knowledge it doesn't work in mac osx. idk about windows. if u have a mac use pycap or scapy, they work fine.



Answered By - Noah Koster
Answer Checked By - Dawn Plyler (PHPFixing Volunteer)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...