Resend all incoming packets
Question
I am writing an educational Man in the Middle application (Linux sockets). What I am struggling with is how to resend TCP/UDP and ICMP packets coming from victim1 to victim2? My approach below seems not to be working:
unsigned char buffer[BUF_SZ];
struct ethhdr *eth_head = (struct ethhdr *)(buffer);
struct sockaddr_ll sock_adr_resnd = {0};
sock_adr_resnd.sll_family = AF_PACKET;
sock_adr_resnd.sll_ifindex = interface_i;
sock_adr_resnd.sll_protocol = htons(ETH_P_ALL);
sock_adr_resnd.sll_halen = MAC_LEN;
memcpy(sock_adr_resnd.sll_addr, source_mac, MAC_LEN); // my MAC
if ((sct = socket(AF_PACKET, SOCK_DGRAM, 0)) < 0) { //recieve all
perror("Socket open error ");
exit (EXIT_FAILURE);
}
if (bind(sct, (struct sockaddr *) &sock_adr_resnd, sizeof(sock_adr_resnd)) < 0) {
printf("Failed to bind socket \n");
}
int res_len = sizeof(sock_adr_resnd);
if (recvfrom(sct, buffer, BUF_SZ, 0, (struct sockaddr*)&sock_adr_resnd, (socklen_t *)&res_len) < 0)
{
process = 0; // nothing accepted
}
// change mac address to actual destination
memcpy(sock_adr.sll_addr, vic_mac1, MAC_LEN);
memcpy(eth_head->h_source, vic_mac1, MAC_LEN);
if (process) {
if (sendto(sct, buffer, BUF_SZ, 0, (struct sockaddr *)&sock_adr_resnd, sizeof(sock_adr_resnd)) < 0)
{
close(sct);
perror("sendto: ");
exit (EXIT_FAILURE);
}
}
What I am confused about is how the socket should be set. Shouldn't it be SOCK_RAW ? Does the packet have to be proccessed differently based on type - UDP, TCP, ICMP?
1 answers
solution1
0 ACCPTED 2017-04-23 17:24:20
The issue was that it is better to use RAW packets - so u can get the dest/source IP and also when recieving, there is no need to post anything about the source recieveng from, so in the end the changes are like so:
- Change
SOCK_DGRAMtoSOCK_RAW - Pass just buffer to
recvfrom()function - State the type of socket when creating it
You don't have to bind
if ((sct = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ALL))) < 0) { perror("Socket open error "); exit (EXIT_FAILURE); } if (recvfrom(sct, buffer, BUF_SZ, 0, NULL, NULL) < 0) { process = 0; // nothing accepted }
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.