Invalid ICMP type 69
I'm writing a small UDP port scanner that just relys on an ICMP response to detect non-filtered/closed ports.
For some reason my code is returning an ICMP type 69 Code 1 which is not a valid type that I can see. I'd expect a type 3 ( Destination Unreachable ) not an undefined type.
Am I deciphering the ICMP packet I'm receiving wrong? Here is the code I am using:
#!/usr/bin/perl
use IO::Socket;
#
# Scan UDP ports
#
$|++;
my @ports = ( 53, 514, 15555 );
scan_udp_ports( 'localhost', \@ports );
sub scan_udp_ports {
my $host = shift;
my $ports = shift;
my($closed, $open, $filtered);
# Setup ICMP listen
my $icmp = IO::Socket::INET->new(
Proto => 'icmp',
Blocking => 0
) or die("No ICMP listen");
foreach my $port ( @$ports ) {
print "Scanning $port\n";
# Setup UDP send connection
$client = IO::Socket::INET->new(
PeerPort => $port,
PeerAddr => $host,
Proto => 'udp',
Blocking => 0
) or die("No server $!");
# Send UDP packet
$client->send( undef );
sleep( 5 );
my $icmpbuffer = icmp_recv( $icmp );
# Check for response
my $flags;
if( $client->recv( $dgram, 10, $flags ) ) {
print "This udp port $port at host $host responded!\n";
}
}
}
sub icmp_recv {
my $icmp = shift;
# Listen for ICMP response
my $icmpbuffer;
if( my $icmpr = $icmp->recv( $icmpbuffer, 1024, 0 ) ) {
print "ICMP Type: " . unpack("%8C", $icmpbuffer) . "\n";
print "ICMP Code: " . unpack("%8c", substr($icmpbuffer, 9)) . "\n";
print "ICMP Checksum: " . unpack("%8c", substr($icmpbuffer, 33)) . "\n";
}
return $icmpbuffer;
}
For some reason my code is returning an ICMP type 69 Code 1 which is not a valid type that I can see. I'd expect a type 3 ( Destination Unreachable ) not an undefined type.
Am I deciphering the ICMP packet I'm receiving wrong? Here is the code I am using:
#!/usr/bin/perl
use IO::Socket;
#
# Scan UDP ports
#
$|++;
my @ports = ( 53, 514, 15555 );
scan_udp_ports( 'localhost', \@ports );
sub scan_udp_ports {
my $host = shift;
my $ports = shift;
my($closed, $open, $filtered);
# Setup ICMP listen
my $icmp = IO::Socket::INET->new(
Proto => 'icmp',
Blocking => 0
) or die("No ICMP listen");
foreach my $port ( @$ports ) {
print "Scanning $port\n";
# Setup UDP send connection
$client = IO::Socket::INET->new(
PeerPort => $port,
PeerAddr => $host,
Proto => 'udp',
Blocking => 0
) or die("No server $!");
# Send UDP packet
$client->send( undef );
sleep( 5 );
my $icmpbuffer = icmp_recv( $icmp );
# Check for response
my $flags;
if( $client->recv( $dgram, 10, $flags ) ) {
print "This udp port $port at host $host responded!\n";
}
}
}
sub icmp_recv {
my $icmp = shift;
# Listen for ICMP response
my $icmpbuffer;
if( my $icmpr = $icmp->recv( $icmpbuffer, 1024, 0 ) ) {
print "ICMP Type: " . unpack("%8C", $icmpbuffer) . "\n";
print "ICMP Code: " . unpack("%8c", substr($icmpbuffer, 9)) . "\n";
print "ICMP Checksum: " . unpack("%8c", substr($icmpbuffer, 33)) . "\n";
}
return $icmpbuffer;
}
ASKER
I'm doing the $client->recv just in case any data actually gets returned over the UDP port, which would be a confirmation of the port being open.
In blocking mode, if there is no ICMP response ( ie. filtered port ) then the script would never receive a response.
In blocking mode, if there is no ICMP response ( ie. filtered port ) then the script would never receive a response.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My unpacking routine wasn't working at all. After looking at Net::Ping I understand that the actual start of the ICMP type in the returned packet starts 20 bytes into the packet. This line of code returns the proper ICMP Type and SubCode.
my($fromtype, $fromsubcode) = unpack("C2", substr($icmpbuffer, 20, 2) );
Thanks for pointing me in the right direction manav_mathur.
my($fromtype, $fromsubcode) = unpack("C2", substr($icmpbuffer, 20, 2) );
Thanks for pointing me in the right direction manav_mathur.
AFAIK, you should set the listening socket ($icmp) in blocking mode; and just test the value of $icmpbuffer to see if data has arrived....