1

I have sniffed an IGMP packet and now I would like to send it with the help of python. Is there any way to just send packet like 

0x0000   01 00 5E 00 43 67 00 02-B3 C8 7F 44 81 00 00 DE   ..^.Cg..іИD?..Ю
0x0010   08 00 46 00 00 20 00 01-00 00 01 02 36 4C C0 A8   ..F.. ......6LАЁ
0x0020   00 7B EA 00 43 67 94 04-00 00 16 00 BC 97 EA 00   .{к.Cg”.....ј—к.
0x0030   43 67                                             Cg

without any packet generators like impacket?

UPD Ok, I tried to use raw sockets, like that:

dst = '234.0.67.103'

# Open a raw socket.
s = socket.socket(socket.AF_INET, socket.SOCK_RAW,2)

res=''

temp='01 00 5E 00 43 67 00 02 B3 C8 7F 44 81 00 00 DE 08 00 46 00 00 20 00 01 00 00 01 02 36 4C C0 A8 00 7B EA 00 43 67 94 04 00 00 16 00 BC 97 EA 00 43 67'
for i in temp.split(' '):
    res+=chr(int(i, 16))
print res
s.sendto(res, (dst, 0))

Everything is fine except one little thing... If I sniff that packet, it looks like that:

0x0000   01 00 5E 00 43 67 00 02-B3 C8 7F 44 08 00 45 00   ..^.Cg..іИD..E.
0x0010   00 46 07 06 00 00 01 02-C4 25 C0 A8 00 7B EA 00   .F......Д%АЁ.{к.
0x0020   43 67 01 00 5E 00 43 67-00 02 B3 C8 7F 44 81 00   Cg..^.Cg..іИDЃ.
0x0030   00 DE 08 00 46 00 00 20-00 01 00 00 01 02 36 4C   .Ю..F.. ......6L
0x0040   C0 A8 00 7B EA 00 43 67-94 04 00 00 16 00 BC 97   АЁ.{к.Cg”.....ј—
0x0050   EA 00 43 67                                       к.Cg

As you can see, for some reason python ignores my headers and creates its own. How can I fix it?

ivan_pozdeev
  • 33,874
  • 19
  • 107
  • 152
yegorov-p
  • 133
  • 1
  • 2
  • 14
  • 2
    This may help: http://stackoverflow.com/questions/316866/ping-a-site-in-python (there's pure python ping there - i assume you could adapt it) – sje397 Nov 30 '10 at 12:12
  • 1
    Have you tried [raw sockets](http://stackoverflow.com/questions/1117958/how-do-i-use-raw-socket-in-python)? – kichik Nov 30 '10 at 12:24
  • @sje397 Thanks for answer. Well, in that example they still calculate checksum, create headers and etc. But I already have ready packet and would just like to send it, without rebuilding it. – yegorov-p Nov 30 '10 at 12:28
  • Couldn't the problem be due to the fact that the underlying OS might not let you do that? – Bruno Nov 30 '10 at 13:32

3 Answers3

6

Due to Unix Network Programming (3th ed):

sockfd = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW)
# inform os about that program are compose ip header
sockfd.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, True)
denis4inet
  • 61
  • 1
  • 1
2

Well, as I understand, the only way to do that is to use scapy in a way like that:

from scapy.all import *
a=Ether(import_hexcap())
<some dumped hex>
sendp(a)
yegorov-p
  • 133
  • 1
  • 2
  • 14
1

The following is modification of your code that will send the raw packet:

import socket

s = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, 0x8100)
s.bind(('eth0', 0x8100))

res=''
temp='01 00 5E 00 43 67 00 02 B3 C8 7F 44 81 00 00 DE 08 00 46 00 00 20 00 01 00 00 01 02 36 4C C0 A8 00 7B EA 00 43 67 94 04 00 00 16 00 BC 97 EA 00 43 67'
for i in temp.split(' '):
    res+=chr(int(i, 16))
s.send(res)
Paweł Nadolski
  • 8,296
  • 2
  • 42
  • 32
  • Thanks for answer. This code runs fine in Ubuntu, but under Windows, AF_PACKET is said to be undefined. =( I tried to replace it with AF_INET, but now python tells me that that protocol (0x8100) is not supported. 0x8100 is IEEE 802.1Q and I just don't understand, why it isn't supported. I can generate packet with VLAN tag inside and send it with the help of pierf, for example and it's ok. In fact, I can generate and send the packet from my example with pierf and it runs just fine. =) Does it mean that Windows don't support raw sockets in a way Linux do that? – yegorov-p Dec 01 '10 at 20:41