Solved

Packet Injector in C

Posted on 2004-08-20
3
269 Views
Last Modified: 2010-04-15
My question is simple yet it is urgent;

I am using Redhat Linux 8 with kernel 2.4.18 (original supplied). I will write a program that reads from and writes raw data to network interfaces. The method should be absolutely "raw";

As an example I should be able to;

- Get any arbitrary data from interface eth0 (as tcpdump does but without any formatting)
- Put any arbitrary data to interface eth0 (also without any formatting)

Also as a sub-question I should ask this;

How the system knows that one packet ends and the other packet starts, I mean how the data is separated as packets? Is there a terminator at the end of each packet ? When I program this application, how will my application know that when a packet terminates ?
0
Comment
Question by:Xephyr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Accepted Solution

by:
iagorubio earned 500 total points
ID: 11859987
Hi  Xephyr,

To get incoming packets you can use the libpcap library - also used by tcpdump - and to write raw data to the network device you can use the linet library, that supports packet wire injection.

http://www.tcpdump.org/ - libpcap
http://libnet.sourceforge.net/ - libnet

For your sub-question, as you're using raw packets you know you have 65.535 bytes each with header ( 65.515 of data ), you must set yourself the data terminator and let unused bytes as pad data.
0
 

Author Comment

by:Xephyr
ID: 11860086
Well I also had found out these two libraries on the net. I think they should do what I want, but I have to do something quickly. Any source code to begin with would be greatly appreciated. If the main code is supplied, I think I can do necessary additions. Any reference to a source that does the following;

- Get the packet from an interface (eth0 inbound for example)
- Inject the same packet without any modification back to this interface, but the data will not be sent over the line, it will be just re-injected back to eth0's inbound path. That means the system will receive the packet once again. (It is like choosing a packet that has arrived at the system and re-inject it back to system using Commview for Windows)

If I get this source code, I can write some custom additions to manipulate the data, the scheme I require could be depiceted as such;

---- > Packet #1 ----> Eth0 ----> System ----> Application
                                 |               ^
                              Pcap -------> |

This way the original packet will also arrive at the system, but it is not an issue since I could create some firewall rules to tell the system to drop it. Instead the system will receive the packet received by libpcap, manipulated by my code and re-injected back to system by Libnet.

I think it is a simple operation, but the problem is that I have never used these two libraries before. I think I can take care of the manipulation part using standard C libraries, but I have no knowledge on devices and low-level protocols to handle packet capture and packet injection.

So any source code I can compile right away to test whether it works  ?
0
 
LVL 22

Expert Comment

by:grg99
ID: 11863691
One way is to look at another packet-filtering application, like ipchains or ipfilter, source code available with any Linux distribution CD.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
The goal of this video is to provide viewers with basic examples to understand and use pointers in the C programming language.
The goal of this video is to provide viewers with basic examples to understand how to create, access, and change arrays in the C programming language.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question