All geek questions in one place

How to use source sockets in Perl?

How can you get a raw socket in Perl, and then what is the best way to create a package to use it?

+4
source share
7 answers

It looks like Net :: RawIP was what I was looking for:

use Net::RawIP; $a = new Net::RawIP; $a->set({ip => {saddr => 'my.target.lan',daddr => 'my.target.lan'}, tcp => {source => 139,dest => 139,psh => 1, syn => 1}}); $a->send; $a->ethnew("eth0"); $a->ethset(source => 'my.target.lan',dest =>'my.target.lan'); $a->ethsend; $p = $a->pcapinit("eth0","dst port 21",1500,30); $f = dump_open($p,"/my/home/log"); loop $p,10,\&dump,$f;
+4
source

The same thing you do in C ... by setting the type of socket when creating the socket.

In the CPAN example, use SOCK_RAW rather than SOCK_DGRAM (UDP) or SOCK_STREAM (TCP).

NOTE. Creating raw sockets usually requires administrative privileges (i.e. root on UNIX). Windows may disable the ability to create raw sockets, you just need to test it and see.

+7
source

Perhaps a CPAN search might help? IO :: Socket comes to mind.

+6
source
At first, I thought most of the previous answers did not answer the question. After further reflection, I think the author probably does not ask the right question.

If you are writing an application, you usually do not think about "creating packages." you just open sockets, format the data payload, and this is the protocol stack that creates packets with your data. Well, if you use datagrams, you need to identify, generate and analyze your payloads. But you usually allow the kernel to encapsulate it at the network level (for example, add an IP header) or the link layer (for example, add Ethernet framing). Usually you do not use pcap. Sometimes just pack and unpack and maybe enough vec.

If you are writing an unusual batch processor, such as an active tool of an aggressive attack, a person in the middle process, or a traffic shaping device, you are likely to โ€œcreate packetsโ€ and use pcap, Net :: Packet may also be for you.

+5
source

As austirg and others said, Socket will do it just fine:

 use Socket; socket my $socket, PF_INET, SOCK_RAW, 0 or die "Couldn't create raw socket: $!"; send $socket, $message, $flags, $to or die "Couldn't send packet: $!"; my $from = recv $socket, $message, $length, $flags or die "Couldn't receive from socket: $!";
+3
source

The main call to get the socket is ... socket (). It comes standard with perl 5. perl 5 basically gives you the standard socket (), bind (), listen (), accept () calls that traditional UNIX makes.

For a more object oriented model, check out IO :: Socket.

+1
source

Keep in mind that if you are trying to use raw sockets to send a bunch of SYN packets, you just use Socket; which are going to fill your ARP tables and run "No Buffer Free Space" and the CLOSE_WAIT record stack in "netstat" (which stops your machine on any connection of any type until some of them are freed).

Or, in other words, you really need Net :: RawIP - it matters.

0
source

Source: https://habr.com/ru/post/1277709/

More articles:


All Articles