Last active
January 19, 2024 20:46
-
-
Save davidlares/e841c0f9d9b31f3cd8859575d061c467 to your computer and use it in GitHub Desktop.
Raw Sockets with Python: Sniffing and network packet injections.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import socket | |
| import struct | |
| # creating a rawSocket for communications | |
| # PF_SOCKET (packet interface), SOCK_RAW (Raw socket) - htons (protocol) 0x08000 = IP Protocol | |
| rawSocket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(0x0800)) | |
| # deciding interface - packet sniffing and then injection | |
| rawSocket.bind(("eth0", socket.htons(0x0800))) | |
| # create a ethernet packet | |
| packet = struct.pack("!6s6s2s", '\xaa\xaa\xaa\xaa\xaa\xaa', '\xbb\xbb\xbb\xbb\xbb\xbb', '\x08\x00') | |
| # 6 dest address, 6 source address and 2 for ethtype = IP | |
| # inject a random string after the header | |
| rawSocket.send(packet + "Marico el que lo lea") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import socket | |
| import struct | |
| import binascii | |
| # creating a rawSocket for communications | |
| # PF_SOCKET (packet interface), SOCK_RAW (Raw socket) - htons (protocol) 0x08000 = IP Protocol | |
| rawSocket = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.htons(0x0800)) | |
| # read a packet with recvfrom method | |
| pkt = rawSocket.recvfrom(2048) # tuple return | |
| # Ethernet Header tuple segmentation | |
| eHeader = pkt[0][0:14] | |
| # parsing using unpack | |
| eth_hdr = struct.unpack("!6s6s2s", eHeader) # 6 dest MAC, 6 host MAC, 2 ethType | |
| # using hexify to convert the tuple value NBO into Hex format | |
| binascii.hexlify(eth_hdr[0]) | |
| binascii.hexlify(eth_hdr[1]) | |
| binascii.hexlify(eth_hdr[2]) | |
| ipHeader = pkt[0][14:34] | |
| ip_hdr = struct.unpack("!12s4s4s", ipHeader) # 12s represents Identification, Time to Live, Protocol | Flags, Fragment Offset, Header Checksum | |
| print "Source IP address %s" % socket.inet_ntoa(ip_hdr[1]) # network to ascii convertion | |
| print "Destination IP address %s" % socket.inet_ntoa(ip_hdr[2]) # network to ascii convertion | |
| # unapck the TCP header (source and destination port numbers) | |
| tcpHeader = pkt[0][34:54] | |
| tcp_hdr = struct.unpack("!HH16s", tcpHeader) | |
| print "Source Source Port: %s" % tcp_hdr[0] | |
| print "Source Destination Port: %s" % tcp_hdr[1] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
thank for the help