Created
October 15, 2015 14:11
-
-
Save x4lldux/681412747332dfd7c360 to your computer and use it in GitHub Desktop.
Generates phontom connections in conntrack just as described in http://www.spinics.net/lists/netfilter/msg43912.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| my $target = '192.241.81.52'; | |
| my $port = 80; | |
| use DDP; | |
| use Net::Frame::Device; | |
| use Net::Write::Layer qw(:constants); | |
| use Net::Write::Layer3; | |
| use Net::Frame::Simple; | |
| use Net::Frame::Dump::Online; | |
| use Net::Frame::Layer::ETH qw(:consts); | |
| use Net::Frame::Layer::IPv4 qw(:consts); | |
| use Net::Frame::Layer::TCP qw(:consts); | |
| # my $oDevice = Net::Frame::Device->new(target => $target); | |
| my $oDevice = Net::Frame::Device->new(dev => "wlp3s0"); | |
| my $eth = Net::Frame::Layer::ETH->new( | |
| src => $oDevice->mac, | |
| dst => $oDevice->gatewayMac, | |
| type => NF_ETH_TYPE_IPv4, | |
| ); | |
| my $ip4 = Net::Frame::Layer::IPv4->new( | |
| src => $oDevice->ip, | |
| dst => $target, | |
| ); | |
| my $tcp = Net::Frame::Layer::TCP->new( | |
| flags => NF_TCP_FLAGS_SYN, | |
| dst => $port, | |
| ); | |
| my $oWrite = Net::Write::Layer2->new( | |
| dev => $oDevice->dev, | |
| ); | |
| my $oDump = Net::Frame::Dump::Online->new(dev => $oDevice->dev); | |
| $oDump->start; | |
| my $oSimple = Net::Frame::Simple->new( | |
| layers => [ $eth, $ip4, $tcp ], | |
| ); | |
| $oWrite->open; | |
| $oSimple->send($oWrite); | |
| until ($oDump->timeout) { | |
| if (my $recv = $oSimple->recv($oDump)) { | |
| print "RECV:\n".$recv->print."\n"; | |
| my @x=$recv->layers; | |
| my $reply_tcp=$x[2]; | |
| $tcp = Net::Frame::Layer::TCP->new( | |
| src => $tcp->src, | |
| dst => $tcp->dst, | |
| ack => $reply_tcp->seq+1, | |
| seq => $tcp->seq, | |
| flags => NF_TCP_FLAGS_ACK, | |
| ); | |
| $oSimple = Net::Frame::Simple->new( layers => [ $eth, $ip4, $tcp ] ); | |
| $oSimple->send($oWrite); | |
| sleep 1; | |
| $tcp = Net::Frame::Layer::TCP->new( | |
| src => $tcp->src, | |
| dst => $tcp->dst, | |
| ack => $reply_tcp->seq+2, | |
| seq => $tcp->seq+1, | |
| flags => NF_TCP_FLAGS_FIN, | |
| ); | |
| $oSimple = Net::Frame::Simple->new( layers => [ $eth, $ip4, $tcp ] ); | |
| $oSimple->send($oWrite); | |
| last | |
| } | |
| } | |
| $oWrite->close; | |
| $oDump->stop; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Don't exactly know why, but when I was using interface for my ethernet connection, kernel ways replying RST before my script could reply ACK, even though it is a RAW socket. This issue was not happening when I was using wifi interface - probably some kernel setting that I'm missing.