Firewall Wizards mailing list archives
Re: Code recommendaion?
From: Robert Graham <robert_david_graham () yahoo com>
Date: Mon, 28 Jun 1999 16:55:01 -0700 (PDT)
The answer depends greatly on the underlying OS and programming language. http://www.rootshell.com This site has a number of exploits snippets that generate raw packets. Look for things like bonk, syndrop, teardrop, etc. Each is a single file exploit. You should probably running Linux for these to compile; they assume some underlying TCP/IP stack capabilities (many stacks don't allow RAW IP datagrams to be constructed). [Note: rootshell doesn't allow people to directly link to exploits on their site, which is why I don't have a direct link). http://www.insecure.org/nmap/ 'nmap' is the best portscanning tool and OS fingerprinter. It already might have many of the features you want, so you can probably just extend some of them, then pass your changes onto the author. However, the code is really, really rough/undocumented. It runs on virtually all UNIX systems, but does not run on Windows. There may be ways in PERL to construct such things. Basically, you need to call the following function equivelent in whatever language you are using: sckt = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); Using this socket, you must then create the binary information yourself. Again, note that Windows does not support "SOCK_RAW" unless you are doing ICMP packets. There is no 'easy' way of doing this on Windows (e.g. you have to create your own 'protocol' driver that links into the networking stack alongside the TCP/IP in order to send such packets: it's actually easy -- once you know all the details of NDIS drivers and Windows protocol drivers). Hope this helps, Rob. --- Lance Spitzner <spitzner () dimension net> wrote:
Any recommendations on code that will let me build my own packets? Specifically TCP SYN only packets with various flag settings. 'Statefull Inspection' is becoming a common standard in the Firewall industry. I want to test/verify what types of packets are added to a stateful table and when. Any recommendations would be greatly appreciated. The simpler the code the better (so I can hack it myself :) Thanks Lance Spitzner http://www.enteract.com/~lspitz/papers.html Internetworking & Security Engineer Dimension Enterprises Inc
_________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Current thread:
- Code recommendaion? Lance Spitzner (Jun 28)
- Re: Code recommendaion? Dug Song (Jun 28)
- <Possible follow-ups>
- Re: Code recommendaion? Ryan Russell (Jun 28)
- Re: Code recommendaion? Robert Graham (Jun 28)
- Re: Code recommendaion? Alla Bezroutchko (Jun 29)