How can i use RAW Sockets in Ruby?

Question

I'm trying to create a raw socket using Ruby.

The problem is, there isn't anything called "raw socket" there and, on the other hand, the Socket class itself is not fully documented.

Does anybody have some code samples for that kind of socket in Ruby, or maybe some kind of a documentation for that?

By the way, I already know how to work with TCPSocket and TCPServer classes, and what I need is particularly a raw socket.

score 3 · Answer 1 · answered Aug 28 '09 at 18:57

3

Google brings up the following result: http://www.ruby-forum.com/topic/90408

Short version:

require 'socket'

rsock = Socket.open(Socket::PF_INET, Socket::SOCK_RAW, Socket::IPPROTO_RAW)

rsock.send(string, flags)

rsock.recv(1024)

More documentation on the various Socket classes: http://www.rubycentral.com/pickaxe/lib_network.html

(The whole raw sockets thing is rather nasty on unices since it usually requires root access. I did not test this code. You may need to construct the whole packet yourself if you're not using IPSocket)

answered Aug 28 '09 at 18:57

hhaamu

6,851
3
19
13

Thanx dude ..... but i already seen this "http://www.ruby-forum.com/topic/90408" ,it's useless crap, and it's full of mistakes. the Pickaxe 3rd edition was the most useful thing, thanx again. – Raafat Aug 29 '09 at 02:20
It does work, sort of. The problem is the sample code you wind up with on google has an ./ip include. the thing they don't tell you is that it's a common template bitstruct class. also, it just sits there and continues to block if it gets less than 1024 of data. just saying that calling it useless crap is probably excessive. – RobotHumans Feb 06 '11 at 03:15
Where do you get the ip class used in the ruby-forum example? – Joost Oct 22 '11 at 14:41

score 2 · Answer 2 · edited Nov 27 '14 at 04:32

2

Have a look at PacketFu. It is very well maintained and used by the Metasploit Project.

edited Nov 27 '14 at 04:32

the Tin Man

158,662
42
215
303

answered May 06 '12 at 21:38

threatagent

190
1
7

First thing in readme (https://github.com/todb/packetfu/blob/master/README.rdoc) is about libpcap, do you realy want to write non diagnostic/test apps to have pcap dependencies? – nhed Aug 30 '12 at 13:10

score 2 · Answer 3 · edited Nov 26 '12 at 10:41

2

Have a look at the racket gem (https://rubygems.org/gems/racket). It seems to be a bit outdated since the last version was released in 2009 but its also used in the metasploit framework.

edited Nov 26 '12 at 10:41

Andro Selva

53,910
52
193
240

answered Mar 25 '11 at 16:21

Dominik Elsbroek

21
1

How can i use RAW Sockets in Ruby?

3 Answers3

Linked