{"id":29,"date":"2010-08-11T09:12:59","date_gmt":"2010-08-11T08:12:59","guid":{"rendered":"http:\/\/blogs.silicontechnix.com\/?p=29"},"modified":"2010-08-11T09:16:02","modified_gmt":"2010-08-11T08:16:02","slug":"simple-construction-of-a-raw-tcpip-packet","status":"publish","type":"post","link":"https:\/\/blogs.silicontechnix.com\/?p=29","title":{"rendered":"Simple Construction of a RAW TCP\/IP Packet"},"content":{"rendered":"<pre class=\"brush: perl;\">\r\n#!\/usr\/local\/bin\/perl\r\n\r\nuse Socket;\r\n\r\n$src_host = $ARGV[0]; # The source IP\/Hostname\r\n$src_port = $ARGV[1]; # The Source Port\r\n$dst_host = $ARGV[2]; # The Destination IP\/Hostname\r\n$dst_port = $ARGV[3]; # The Destination Port.\r\n\r\n if(!defined $src_host or !defined $src_port or !defined $dst_host or !defined $dst_port) {\r\n   print \"Usage: $0 &lt;source host&gt; &lt;source port&gt; &lt;dest host&gt; &lt;dest port&gt;\\n\";\r\n   exit;\r\n } \r\n else {\r\n  main();\r\n }\r\n \r\nsub main {\r\n my $src_host = (gethostbyname($src_host))[4];\r\n my $dst_host = (gethostbyname($dst_host))[4];\r\n\r\n socket(RAW, AF_INET, SOCK_RAW, 255) || die $!;\r\n setsockopt(RAW, 0, 1, 1);\r\n \r\n my ($packet) = makeheaders($src_host, $src_port, $dst_host, $dst_port);\r\n my ($destination) = pack('Sna4x8', AF_INET, $dst_port, $dst_host);\r\n send(RAW,$packet,0,$destination);\r\n}\r\n\r\nsub makeheaders {\r\n local($src_host,$src_port,$dst_host,$dst_port) = @_;\r\n my $zero_cksum = 0;\r\n # Lets construct the TCP half\r\n my $tcp_proto          = 6;\r\n my ($tcp_len)          = 20;\r\n my $syn                = 13456;\r\n my $ack                = 0;\r\n my $tcp_headerlen      = \"5\";\r\n my $tcp_reserved       = 0;\r\n my $tcp_head_reserved  = $tcp_headerlen .\r\n                          $tcp_reserved;\r\n my $tcp_urg            = 0; # Flag bits\r\n my $tcp_ack            = 0; # eh no\r\n my $tcp_psh            = 0; # eh no\r\n my $tcp_rst            = 0; # eh no\r\n my $tcp_syn            = 1; # yeah lets make a connexion! :)\r\n my $tcp_fin            = 0;\r\n my $null               = 0;\r\n my $tcp_win            = 124;\r\n my $tcp_urg_ptr        = 0;\r\n my $tcp_all            = $null . $null .\r\n                          $tcp_urg . $tcp_ack .\r\n                          $tcp_psh . $tcp_rst .\r\n                          $tcp_syn . $tcp_fin ;\r\n\r\n # In order to calculate the TCP checksum we have\r\n # to create a fake tcp header, hence why we did\r\n # all this stuff :) Stevens called it psuedo headers :)\r\n\r\n my ($tcp_pseudo) = pack('a4a4CCnnnNNH2B8nvn',\r\n  $tcp_len,$src_port,$dst_port,$syn,$ack,\r\n  $tcp_head_reserved,$tcp_all,$tcp_win,$null,$tcp_urg_ptr);\r\n\r\n my ($tcp_checksum) = &amp;checksum($tcp_pseudo);\r\n\r\n # Now lets construct the IP packet\r\n my $ip_ver             = 4;\r\n my $ip_len             = 5;\r\n my $ip_ver_len         = $ip_ver . $ip_len;\r\n my $ip_tos             = 00;\r\n my ($ip_tot_len)       = $tcp_len + 20;\r\n my $ip_frag_id         = 19245;\r\n my $ip_frag_flag       = \"010\";\r\n my $ip_frag_oset       = \"0000000000000\";\r\n my $ip_fl_fr           = $ip_frag_flag . $ip_frag_oset;\r\n my $ip_ttl             = 30;\r\n\r\n # Lets pack this baby and ship it on out!\r\n my ($pkt) = pack('H2H2nnB16C2na4a4nnNNH2B8nvn',\r\n  $ip_ver_len,$ip_tos,$ip_tot_len,$ip_frag_id,\r\n  $ip_fl_fr,$ip_ttl,$tcp_proto,$zero_cksum,$src_host,\r\n  $dst_host,$src_port,$dst_port,$syn,$ack,$tcp_head_reserved,\r\n  $tcp_all,$tcp_win,$tcp_checksum,$tcp_urg_ptr);\r\n\r\n return $pkt;\r\n}\r\n\r\nsub checksum {\r\n # This of course is a blatent rip from _the_ GOD,\r\n # W. Richard Stevens.\r\n  \r\n my ($msg) = @_;\r\n my ($len_msg,$num_short,$short,$chk);\r\n $len_msg = length($msg);\r\n $num_short = $len_msg \/ 2;\r\n $chk = 0;\r\n foreach $short (unpack(\"S$num_short\", $msg)) {\r\n  $chk += $short;\r\n }\r\n $chk += unpack(\"C\", substr($msg, $len_msg - 1, 1)) if $len_msg % 2;\r\n $chk = ($chk &gt;&gt; 16) + ($chk &amp; 0xffff);\r\n return(~(($chk &gt;&gt; 16) + $chk) &amp; 0xffff);\r\n}\r\n\r\n\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>#!\/usr\/local\/bin\/perl use Socket; $src_host = $ARGV[0]; # The source IP\/Hostname $src_port = $ARGV[1]; # The Source Port $dst_host = $ARGV[2]; # The Destination IP\/Hostname $dst_port = $ARGV[3]; # The Destination Port. if(!defined $src_host or !defined $src_port or !defined $dst_host or !defined $dst_port) { print &#8220;Usage: $0 &lt;source host&gt; &lt;source port&gt; &lt;dest host&gt; &lt;dest port&gt;\\n&#8221;; exit; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_s2mail":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12],"tags":[479,13,15,14],"class_list":["post-29","post","type-post","status-publish","format-standard","hentry","category-programming","tag-networking","tag-perl","tag-raw","tag-socket"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p12j6H-t","_links":{"self":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/29","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=29"}],"version-history":[{"count":3,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/29\/revisions"}],"predecessor-version":[{"id":32,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=\/wp\/v2\/posts\/29\/revisions\/32"}],"wp:attachment":[{"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=29"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=29"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.silicontechnix.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=29"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}