UDP / Rawlayer exceed data
53 views
Skip to first unread message
Eric Viseur
May 8, 2014, 9:54:40 AM5/8/14
to libcr...@googlegroups.com
Hi,
I've created a little application using libcrafter and I have a slight problem with it. Basically, the application takes as its input, amongst other things, the hex payload of the packet. I revert it to ASCII in order to insert it into the packet :
// Here we'll beed some preprocessing
// We transform the hex input into ASCII
char* hexPayload = argv[8];
char a,b,buf;
int len = strlen(hexPayload);
char asciiPayload[len/2];
for(int i = 0; i < len; i = i +2) {
a = hexPayload[i];
b = hexPayload[i+1];
buf = hexToAscii(a,b);
sprintf(asciiPayload, "%s%c", asciiPayload, buf);
}
// And we set the result as the packet payload
RawLayer payload;
payload.SetPayload(asciiPayload);
The hexToAscii function:
char hexToAscii(char first, char second)
{
char hex[2], *stop, result;
hex[0] = first;
hex[1] = second;
result = (char) strtol(hex, NULL, 16);
return result;
}
The hex-ascii conversion works well, but when my packet in generated, I get extra data between the UDP headers and this payload. For instance, still in hex : 588560cf3c.
What am I missing ?
Thanks and best regards,
Eric
I've created a little application using libcrafter and I have a slight problem with it. Basically, the application takes as its input, amongst other things, the hex payload of the packet. I revert it to ASCII in order to insert it into the packet :
// Here we'll beed some preprocessing
// We transform the hex input into ASCII
char* hexPayload = argv[8];
char a,b,buf;
int len = strlen(hexPayload);
char asciiPayload[len/2];
for(int i = 0; i < len; i = i +2) {
a = hexPayload[i];
b = hexPayload[i+1];
buf = hexToAscii(a,b);
sprintf(asciiPayload, "%s%c", asciiPayload, buf);
}
// And we set the result as the packet payload
RawLayer payload;
payload.SetPayload(asciiPayload);
The hexToAscii function:
char hexToAscii(char first, char second)
{
char hex[2], *stop, result;
hex[0] = first;
hex[1] = second;
result = (char) strtol(hex, NULL, 16);
return result;
}
The hex-ascii conversion works well, but when my packet in generated, I get extra data between the UDP headers and this payload. For instance, still in hex : 588560cf3c.
What am I missing ?
Thanks and best regards,
Eric
Esteban Pellegrino
May 8, 2014, 3:56:22 PM5/8/14
to libcr...@googlegroups.com
The following code seems to work fine. I added a memset to initialize asciiPayload to NULL characters, and read the string from argv[1].
$ cat udp.cpp
#include <iostream>
#include <cstdlib>
#include <crafter.h>
using namespace Crafter;
$ cat udp.cpp
#include <iostream>
#include <cstdlib>
#include <crafter.h>
using namespace Crafter;
char hexToAscii(char first, char second)
{
char hex[2], *stop, result;
hex[0] = first;
hex[1] = second;
result = (char) strtol(hex, NULL, 16);
return result;
}
int main (int argc, char* argv[]) {
// Here we'll beed some preprocessing
// We transform the hex input into ASCII
char* hexPayload = argv[1];
char a,b,buf;
int len = strlen(hexPayload);
char asciiPayload[len/2];
memset(asciiPayload, 0, len/2);
for(int i = 0; i < len; i = i + 2) {
a = hexPayload[i];
b = hexPayload[i+1];
buf = hexToAscii(a,b);
sprintf(asciiPayload, "%s%c", asciiPayload, buf);
}
// And we set the result as the packet payload
RawLayer payload;
payload.SetPayload(asciiPayload);
Packet pck = Ethernet() / IP() / UDP() / payload;
pck.Print();
return 0;
}
$ g++ udp.cpp -o udp -lcrafter
$ ./udp $(echo -n "hellohex" | od -A n -t x1 |sed 's/ //g')
< Ethernet (14 bytes) :: DestinationMAC = ff:ff:ff:ff:ff:ff , SourceMAC = 00:00:00:00:00:00 , Type = 0x800 , >
< IP (20 bytes) :: Version = 4 , HeaderLength = 5 , DiffServicesCP = 0 , ExpCongestionNot = 0 , TotalLength = 0 , Identification = 0x0 , Flags = 2 , FragmentOffset = 0 , TTL = 64 , Protocol = 0x6 , CheckSum = 0x0 , SourceIP = 0.0.0.0 , DestinationIP = 0.0.0.0 , >
< UDP (8 bytes) :: SrcPort = 0 , DstPort = 53 , Length = 0 , CheckSum = 0x0 , >
< RawLayer (8 bytes) :: Payload = hellohex>
$ ./udp 588560cf3c
< Ethernet (14 bytes) :: DestinationMAC = ff:ff:ff:ff:ff:ff , SourceMAC = 00:00:00:00:00:00 , Type = 0x800 , >
< IP (20 bytes) :: Version = 4 , HeaderLength = 5 , DiffServicesCP = 0 , ExpCongestionNot = 0 , TotalLength = 0 , Identification = 0x0 , Flags = 2 , FragmentOffset = 0 , TTL = 64 , Protocol = 0x6 , CheckSum = 0x0 , SourceIP = 0.0.0.0 , DestinationIP = 0.0.0.0 , >
< UDP (8 bytes) :: SrcPort = 0 , DstPort = 53 , Length = 0 , CheckSum = 0x0 , >
< RawLayer (5 bytes) :: Payload = \x58\x85\x60\xcf\x3c>
In the last execution (with 588560cf3c) libcrafter show the characters in hex because it can't be converted to ASCII.pck.Print();
return 0;
}
$ g++ udp.cpp -o udp -lcrafter
$ ./udp $(echo -n "hellohex" | od -A n -t x1 |sed 's/ //g')
< Ethernet (14 bytes) :: DestinationMAC = ff:ff:ff:ff:ff:ff , SourceMAC = 00:00:00:00:00:00 , Type = 0x800 , >
< IP (20 bytes) :: Version = 4 , HeaderLength = 5 , DiffServicesCP = 0 , ExpCongestionNot = 0 , TotalLength = 0 , Identification = 0x0 , Flags = 2 , FragmentOffset = 0 , TTL = 64 , Protocol = 0x6 , CheckSum = 0x0 , SourceIP = 0.0.0.0 , DestinationIP = 0.0.0.0 , >
< UDP (8 bytes) :: SrcPort = 0 , DstPort = 53 , Length = 0 , CheckSum = 0x0 , >
< RawLayer (8 bytes) :: Payload = hellohex>
$ ./udp 588560cf3c
< Ethernet (14 bytes) :: DestinationMAC = ff:ff:ff:ff:ff:ff , SourceMAC = 00:00:00:00:00:00 , Type = 0x800 , >
< IP (20 bytes) :: Version = 4 , HeaderLength = 5 , DiffServicesCP = 0 , ExpCongestionNot = 0 , TotalLength = 0 , Identification = 0x0 , Flags = 2 , FragmentOffset = 0 , TTL = 64 , Protocol = 0x6 , CheckSum = 0x0 , SourceIP = 0.0.0.0 , DestinationIP = 0.0.0.0 , >
< UDP (8 bytes) :: SrcPort = 0 , DstPort = 53 , Length = 0 , CheckSum = 0x0 , >
< RawLayer (5 bytes) :: Payload = \x58\x85\x60\xcf\x3c>
--
You received this message because you are subscribed to the Google Groups "libcrafter" group.
To unsubscribe from this group and stop receiving emails from it, send an email to libcrafter+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Eric Viseur
May 9, 2014, 2:59:40 AM5/9/14
to libcr...@googlegroups.com
Thank you for the quick answer ! It does solve this part of the problem, but reveals another one: when I have 00 (double zero) hexa in my input, it's just dropped.
It kinda makes sense, granted the ASCII meaning of 0x00. Using asciiPayload[i/2]=buf instead of sprintf() doesn't solve the problem, as 0x00 is interpreted as an end of string.
Basically, what I'm trying to do is make a hex payload generated outside my program the payload of a packet created using libcrafter, as the tool I was using first (mausezahn) has problems with checksums.
I'm fully aware that the best option would be to make libcrafter use the hex payload directly without any kind of conversion, but a quick study of the lib structure made me reach the conclusion it wouldn't be possible, hence the hex-ASCII conversion.
I'm kinda stuck here. Do you have an idea for me ?
Thanks and best regards,
Thanks and best regards,
--
You received this message because you are subscribed to a topic in the Google Groups "libcrafter" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/libcrafter/fM2Ch2rEXKg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to libcrafter+...@googlegroups.com.
Esteban Pellegrino
May 10, 2014, 1:27:28 PM5/10/14
to libcr...@googlegroups.com
Ok, and why you don't copy the payload as raw bytes instead of treating it as a string? The SetPayload function can have an extra argument of a byte array + the length of the data. Something like this is working for me :
#include <iostream>
#include <cstdlib>
#include <crafter.h>
using namespace Crafter;
char hexToAscii(char first, char second)
{
char hex[2], *stop, result;
hex[0] = first;
hex[1] = second;
result = (char) strtol(hex, NULL, 16);
return result;
}
int main (int argc, char* argv[]) {
// Here we'll beed some preprocessing
// We transform the hex input into ASCII
char* hexPayload = argv[1];
char a,b,buf;
int len = strlen(hexPayload);
byte asciiPayload[len/2];
memset(asciiPayload, 0, len/2);
for(int i = 0; i < len; i = i + 2) {
a = hexPayload[i];
b = hexPayload[i+1];
buf = hexToAscii(a,b);
asciiPayload[i/2] = buf;
}
// And we set the result as the packet payload
RawLayer payload;
payload.SetPayload(asciiPayload, len/2);
Packet pck = Ethernet() / IP() / UDP() / payload;
pck.Print();
return 0;
}
./udp 68656c6c6f00000068656c6c6f0068656c6c6f0000
< Ethernet (14 bytes) :: DestinationMAC = ff:ff:ff:ff:ff:ff , SourceMAC = 00:00:00:00:00:00 , Type = 0x800 , >
< IP (20 bytes) :: Version = 4 , HeaderLength = 5 , DiffServicesCP = 0 , ExpCongestionNot = 0 , TotalLength = 0 , Identification = 0x0 , Flags = 2 , FragmentOffset = 0 , TTL = 64 , Protocol = 0x6 , CheckSum = 0x0 , SourceIP = 0.0.0.0 , DestinationIP = 0.0.0.0 , >
< UDP (8 bytes) :: SrcPort = 0 , DstPort = 53 , Length = 0 , CheckSum = 0x0 , >
< RawLayer (21 bytes) :: Payload = hello\x0\x0\x0hello\x0hello\x0\x0>
Eric Viseur
May 12, 2014, 2:43:30 AM5/12/14
to libcr...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages