libtins icon indicating copy to clipboard operation
libtins copied to clipboard

Published 20 hours ago verified publisher icon mfontanini

Send SYN packet failed on Windows 10

Open WorstCodeWay opened this issue 1 year ago • 8 comments

Hi, I new to socket, but I want to scan ports which are opened on other host or not. I find libtins can do this. Thanks for your work!

I meet a problem when doing my work, the libtins complains cannot sent ip packet, where an exception that implies socket_write_error (error:10022 within sendto). I have looked into libtins sources, and found that socket is created normally, IP_HDRINCL is ok too. But it just cannot send packet.

And I also have run the example codes Scanner for scanning, same problem.

I need help, guys.

WorstCodeWay avatar Dec 04 '23 15:12 WorstCodeWay

I have same exception on win11 I think this is a socket limitation Raw sockets not allowed to work on 10 and 11

ahmedtalaat327 avatar Dec 10 '23 12:12 ahmedtalaat327

I have same exception on win11 I think this is a socket limitation Raw sockets not allowed to work on 10 and 11

@ahmedtalaat327 You're right. Confirmed by more than one ways. At last, I introduce Npcap into my project and work like a charm.

WorstCodeWay avatar Dec 11 '23 07:12 WorstCodeWay

I think its possible to send the UPD carrying the TCP sender.

ahmedtalaat327 avatar Dec 11 '23 12:12 ahmedtalaat327

@WorstCodeWay I think this works asasas

ahmedtalaat327 avatar Dec 12 '23 10:12 ahmedtalaat327

@WorstCodeWay I think this works

@ahmedtalaat327 Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

WorstCodeWay avatar Dec 12 '23 11:12 WorstCodeWay

@WorstCodeWay I think this works

@ahmedtalaat327 Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

this is the same libtins yeah But using EthernetII instead of sending packet directly ` EthernetII eth = EthernetII("a0:8c:fd:61:5a:1d","94:08:53:64:6c:63") / IP("192.168.100.140", "192.168.100.45") / TCP(100, 1521) / Tins::RawPDU("I'm payload!");;

// Retrieve a pointer to the stored TCP PDU
TCP* tcp = eth.find_pdu<TCP>();
tcp->set_flag(Tins::TCP::SYN, 1);
tcp->seq(1733878791);
tcp->ack_seq(0);



// You can also retrieve a reference. This will throw a
// pdu_not_found exception if there is no such PDU in this packet.
IP& ip = eth.rfind_pdu<IP>();



// The sender
PacketSender sender;
//sender.send(eth, iface);
// Send and receive the response.
(sender.send(eth, iface));`

ahmedtalaat327 avatar Dec 12 '23 11:12 ahmedtalaat327

@WorstCodeWay I think this works

@ahmedtalaat327 Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

this is the same libtins yeah But using EthernetII instead of sending packet directly ` EthernetII eth = EthernetII("a0:8c:fd:61:5a:1d","94:08:53:64:6c:63") / IP("192.168.100.140", "192.168.100.45") / TCP(100, 1521) / Tins::RawPDU("I'm payload!");;

// Retrieve a pointer to the stored TCP PDU
TCP* tcp = eth.find_pdu<TCP>();
tcp->set_flag(Tins::TCP::SYN, 1);
tcp->seq(1733878791);
tcp->ack_seq(0);



// You can also retrieve a reference. This will throw a
// pdu_not_found exception if there is no such PDU in this packet.
IP& ip = eth.rfind_pdu<IP>();



// The sender
PacketSender sender;
//sender.send(eth, iface);
// Send and receive the response.
(sender.send(eth, iface));`

Interesting! I tried very like this, but without raw payload field, and it didn’t work. I will try this later.

Besides, in practice, you need target MAC address to fill the first parameter of EthernetII constructor, how will you get that? In my case, broadcast arp message may help.

WorstCodeWay avatar Dec 12 '23 11:12 WorstCodeWay

@WorstCodeWay ARP reply

ahmedtalaat327 avatar Dec 12 '23 11:12 ahmedtalaat327