Security-Freak.Net No 1 on Google for "Packet Injection Basics"

Coming Soon:

Total Page Views
Since 05/22/2007


We Support:

cry logo

Packet Injection using raw sockets
Packet Injection, as we have seen in the raw sockets tutorial is a very important technique used in security research. In this video series we will look at how to inject packets into the network using raw sockets. We will cover the essentials of how to construct a full packet in memory and inject it into the network.

Let us begin by looking at a presentation which lays out the basic theory on this topic. Please download the presentation from here.
Let us begin writing our first Packet Injection program !

In this very first program, the idea is to demonstrate that in principle we can inject any packet into the network, regardless of the fact that it follows any known protocol specifications or not. Packet injection using raw sockets allows absolutely **anything** to be sent into the network and i really mean anything.

To demonstrate this we will create a packet of size 1024 bytes containing all A's in all byte positions into the network. As you can clearly imagine this packet does not contain any Ethernet header, or IP header or any known header for that matter. It simply contains garbage and we will see that it is happily inserted into the network.

Please download Wireshark and this code to follow the next video.

As you have clearly seen, what we can inject is only limited by our own imagination ! In subsequent videos we will create various headers - Ethernet, IP, TCP etc and inject them into the network. Follow the examples carefully !

n the next example we will construct an ethernet header and send it out into the network. Please download the code from here.

Now lets go ahead and add an IP header after the Ethernet header in the previous example. Please download the following code before using the next video.
Hope things are clear till now. If not i would request you to redo the above videos and make sure your understand how its done. The code is well commented and the variables aptly named, so hopefully after a couple of redos your understanding should be fine !

In the next video we will add a TCP header and some data after the IP header in the previous example and send it out into the network. We will be discussing how to implement the Pseduo Header while computing the TCP Checksum. If you are not familiar with the Pseudo Header concept - please read this. Please download this code and follow me.
Phew ! Finally we have traversed the entire network stack: Ethernet --> Data and custom built all the headers ! Congratulations !

Now that we have understood how to create your own packets using the header definitions in the /usr/include directory, lets try and add our own data structures for the headers and send the packets out.

In the next and final video of this series we will discuss how to make an ARP query tool. If you have forgotten ARP, then this might refresh your basics a bit.

Please download this code and follow the next video.

Congratulations ! You are now a certified packet injection expert :D

I hope you liked this series. Please let me know how i can improve by sending me your comments here.

©2007 Freak Labs