B
billie
Hi all. I'd need to send a TCP SYN packet having a certain string as
payload. I'm
using Python and an high level packet building library called "Impacket" to
build TCP and IP datagrams. I wrote this simple code that works on Linux but
not on Windows XP SP2, probably because of SP2 security limitations. Do you
got any idea about how could I solve this problem?
I found an article of Fyodor (author of nmap port scanner) about how to
solve this kind of SP2 limitations:
http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0003.html
....that says:
Do you got any idea about how could I implement a stuff like this?
Best regards.
from impacket import ImpactPacket
from socket import *
src = '10.0.0.1'
dst = '10.0.0.25'
s = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)
s.setsockopt(IPPROTO_IP, IP_HDRINCL, 1)
ip = ImpactPacket.IP()
ip.set_ip_src(src)
ip.set_ip_dst(dst)
tcp = ImpactPacket.TCP()
tcp.set_SYN()
tcp.set_th_sport(43749)
tcp.set_th_dport(1000)
tcp.contains(ImpactPacket.Data('hello there'))
ip.contains(tcp)
s.sendto(ip.get_packet(), (dst, 0))
++++++++++ ERROR ++++++++++
s.sendto(ip.get_packet(), (dst, 0))
socket.error: (10022, 'Invalid argument')
payload. I'm
using Python and an high level packet building library called "Impacket" to
build TCP and IP datagrams. I wrote this simple code that works on Linux but
not on Windows XP SP2, probably because of SP2 security limitations. Do you
got any idea about how could I solve this problem?
I found an article of Fyodor (author of nmap port scanner) about how to
solve this kind of SP2 limitations:
http://seclists.org/lists/nmap-hackers/2004/Jul-Sep/0003.html
....that says:
"Instead of sending raw IP packets, we move one layer down and send our
raw IP packets in raw ethernet frames."
Do you got any idea about how could I implement a stuff like this?
Best regards.
from impacket import ImpactPacket
from socket import *
src = '10.0.0.1'
dst = '10.0.0.25'
s = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)
s.setsockopt(IPPROTO_IP, IP_HDRINCL, 1)
ip = ImpactPacket.IP()
ip.set_ip_src(src)
ip.set_ip_dst(dst)
tcp = ImpactPacket.TCP()
tcp.set_SYN()
tcp.set_th_sport(43749)
tcp.set_th_dport(1000)
tcp.contains(ImpactPacket.Data('hello there'))
ip.contains(tcp)
s.sendto(ip.get_packet(), (dst, 0))
++++++++++ ERROR ++++++++++
s.sendto(ip.get_packet(), (dst, 0))
socket.error: (10022, 'Invalid argument')