Jump to content
Nytro

TCP Packet Injection with Python

By Nytro, in Programare

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

[h=1]TCP Packet Injection with Python[/h]

[h=2]TCP Packet Injection with Python[/h]

injected.png

Packet injection is the process of interfering with an established network connection by constructing arbitrary protocol packets (TCP, UDP, ...) and send them out through raw sockets

it's used widely in network penetration testing such as DDoS, TCP reset attacks, port scanning...

A Packet is a combination of IP header, TCP/UDP header and data:

Packet = IP Header + TCP/UDP Header + Data

Most operating systems that implements socket API supports packet injection, especially those based on Berkeley Sockets. Microsoft limited raw sockets capabilities to packet sniffing, after Windows XP release. This tutorial is implemented on Unix-Like operating systems.

[h=3]TCP Header[/h]The TCP protocol is the most used transport protocol in the world wide web, it provides a reliable, ordered and error-checked delivery of a stream of bytes between programs running on computers connected to network.

0                   1                   2                   3 
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Source Port          |       Destination Port        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Sequence Number                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Acknowledgment Number                      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Data |           |U|A|P|R|S|F|                               |
| Offset| Reserved  |R|C|S|S|Y|I|            Window             |
|       |           |G|K|H|T|N|N|                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Checksum            |         Urgent Pointer        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Options                    |    Padding    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                             data                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  • Sequence Number (32 bits): the sequence number of the first data byte in this segment. if the SYN flag is set, the sequence number should be the initial sequence number (ISN: usually 0), and the first data byte in the first data stream should be ISN+1 (1).
  • Acknowledgment Number (32 bits): If the ACK flag is set, this field contains the value of the next sequence number the destination machine is expecting to receive.
    for every packet contains data is sent, an acknowledgment packet should be received, to acknowledge that the last packet is successfully received.
  • Data Offset (4 bits): The length of TCP header by providing the number of 32-bit words. this indicates where the data begins.
  • Reserved (6 bits): Usually cleared to zero
  • Control Bits (6 bits):
    ACK: Acknowledgment packet
    SYN: Request to establish a connection
    RST: Request to reset connection
    FIN: Request to interrupt (close) a connection
    PSH: Informs TCP that data should be sent immediately (Useful in real-time applications)
    URG: Urgent Pointer field is significant
  • Window: The number of data bytes you can send before you should stop and wait for acknowledgement
  • Checksum: used for error-checking of the header and data
  • Urgent Pointer: If the URG control flag is set, this field is an offset from the sequence number indicating the last urgent data byte
    This feature is used when some information has to reach it's destination as soon as possible.

Articol: TCP Packet Injection with Python | Python for Pentesting

Mexic Newbie

Mexic

Posted
Posted

Mda, multe exprimari confuze pe acolo "Packet injection is the process of interfering with an established network connection by constructing arbitrary protocol packets (TCP, UDP, ...) and send them out through raw sockets it's used widely in network penetration testing such as DDoS, TCP reset attacks, port scanning..."

Injecteaza pachete chiar si intr-o "conexiune UDP", ceea ce trebuie sa recunosti ca e tare.

Dupa titlu ai zice ca face cine stie ce operatiune complicata, macar drop la vreun pachet trimis ca sa ii foloseasca sequence numberul sa injecteze alt pachet in conexiunea tcp existenta... dar din ce am inteles eu de acolo, doar trimite un pachet...

Totusi, din articol e bun codul ca exemplu, daca vrei sa inveti python.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...