Establish a TCP session without the need to manipulate the firewall

[xhdix]

To do better what we did here #22, one solution is to use Socket itself directly. As a result, we do not need to configure the firewall to prevent instant RST packets from being sent by our kernel. Although this problem does not appear to exist in the new Linux kernels (version 5), it may still be worth considering. An incomplete and slightly wrong code is:

try:
    s=socket.socket()
    s.settimeout(3)
    s.connect(("1.0.0.1",443))
    s2=socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_ICMP)
    s2.bind(('',0))
    s.setsockopt(socket.SOL_IP, socket.IP_TTL, 1)
    print(s.getsockname())
    print(s.getpeername())
    ss=StreamSocket(s,Raw)
    ans,unans=ss.sr(TCP(import_hexcap()),timeout=3)
    print(ans)
    print(unans)
    if len(ans) == 0:
        data, curr_addr = s2.recvfrom(1500)
        IP(data) # won't work here. ;)
        print(curr_addr)
finally:
    s.setsockopt(socket.SOL_IP, socket.IP_TTL, 68)
    s.close()
    s2.close()

But the main unsolvable problem I saw is that we in Python could not change TCP_RTO_MIN to prevent consecutive retransmissions (every 200 milliseconds). This can increase false positives as well as unpredictable behavior.

some good resources:

• https://blog.cloudflare.com/when-tcp-sockets-refuse-to-die/
• https://www.pythonsheets.com/notes/python-socket.html
• https://github.com/thewhiteh4t/FinalRecon/blob/master/modules/traceroute.py