I'm trying to implement IP fragmentation using Pcap.Net.
It is simple for packets that are already built as the L3 payload is just split into parts.
I have a code that does it. It returns the list of packet fragments for sending it into the wire.
private static List<Packet> FragmentPacket(Packet packet)
{
EthernetLayer ethernetLayer = (EthernetLayer)packet.Ethernet.ExtractLayer();
IpV4Layer ipV4Layer = (IpV4Layer)packet.Ethernet.IpV4.ExtractLayer();
PayloadLayer payload = (PayloadLayer)packet.Ethernet.IpV4.Payload.ExtractLayer();
// implement IP fragmentation
int totalLength = payload.Length;
int fragmentLength = 1480;
int fragmentOffset = 0;
IpV4FragmentationOptions FragOptions;
List<Packet> fragmentsList = new List<Packet>();
while (fragmentOffset < totalLength)
{
if (fragmentOffset + fragmentLength >= totalLength)
{
//last fragment
FragOptions = IpV4FragmentationOptions.None;
fragmentLength = totalLength - fragmentOffset;
}
else
{
//more fragments to go
FragOptions = IpV4FragmentationOptions.MoreFragments;
}
IpV4Layer newipV4Layer =
new IpV4Layer
{
Source = ipV4Layer.Source,
CurrentDestination = ipV4Layer.CurrentDestination,
Fragmentation = new IpV4Fragmentation(FragOptions, (ushort)fragmentOffset),
HeaderChecksum = null, // Will be filled automatically.
Identification = 123,
Options = IpV4Options.None,
Protocol = ipV4Layer.Protocol,
Ttl = ipV4Layer.Ttl, // 128,
TypeOfService = ipV4Layer.TypeOfService,
};
byte[] newBuffer = payload.Data.ToArray();
PayloadLayer fragmentedPayload = new PayloadLayer { Data = new Datagram(newBuffer, fragmentOffset, fragmentLength) };
PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, fragmentedPayload);
fragmentsList.Add(builder.Build(DateTime.Now));
fragmentOffset = fragmentOffset + fragmentedPayload.Length;
}
return fragmentsList;
}
But what I'm actually doing is:
1) receiving large packet via Loopback interface (it is usually bigger than physical interface's MTU)
2) disassembling it, modifying IP addresses
3) building a new packet and sending it via Ethernet interface
Unfortunately, if the IP payload is bigger than MTU, exception happens as the packet needs to be fragmented before sending.
Because I'm changing IP address, then for TCP/UDP packets, the L4 checksum must be recalculated and this recalculation must take into account L3 header. Therefore it is needed to build L3+L4+payload part (to have L4 checksum properly calculated) and then split L4+payload into parts to fit L3 MTU.
I came into a solution in which I'm building a new packet (which is bigger than MTU) and then push it via above function to tear it into parts, and then I'm sending it using:
foreach (Packet newpacket in packetList)
communicator.SendPacket(newpacket);
This, however, requires to build the same packet twice and I'm trying to find a way in Pcap.Net to partially build a packet (including recalculation of L4 checksum) and at the same time divide it into fragments to fit MTU.
I don't know how to (and if this is possible in Pcap.Net) prepare L3 payload that would consist of tcpLayer/udpLayer + L4 payload since TCP checksum is calculated during building and then finally build the rest of packet.
If that was possible, I would just need to build the packet once splitting it into parts at the same time.
Related
I want to create same message and send it with C# as I do it with C++ where all works. Note that I have C# client where I have troubles, C++ client where all works fine and C++ server that should read messages from both C# and C++ clients.
Here is how I send the message from C++:
void ConnectAuthserverCommand::SendLogin(tcp::socket &s, const flatbuffers::FlatBufferBuilder &builder) const {
ClientOpcode opc = CLIENT_LOGIN_REQUEST;
flatbuffers::FlatBufferBuilder builder2;
auto email = builder2.CreateString("test#abv.bg");
auto password = builder2.CreateString("test");
auto loginRequest = Vibranium::CreateLoginRequest(builder2, email, password);
builder2.FinishSizePrefixed(loginRequest);
size_t size2 = builder2.GetSize();
uint8_t *buf2 = builder2.GetBufferPointer();
uint8_t *actualBuffer2 = new uint8_t[size2 + 2];
actualBuffer2[1] = (opc >> 8);
actualBuffer2[0] = (opc&0xFF);
memcpy(actualBuffer2 + 2, buf2, size2);
boost::asio::write(s, boost::asio::buffer(actualBuffer2,size));
}
ClientOpcode is as follows:
enum ClientOpcode : uint16_t{
CLIENT_AUTH_CONNECTION = 0x001,
CLIENT_LOGIN_REQUEST = 0x002,
CLIENT_NUM_MSG_TYPES = 0x003,
};
What I do is the following: I get a ClientOpcode which I want to put infront of FlatBuffers message. So I create an array of uint8_t which I extend with exactly 2 bytes(Because the size of uint16_t is 2 bytes.) Than on the server I read the first 2 bytes in order to get the header and here is how I do that:
void Vibranium::Client::read_header() {
auto self(shared_from_this());
_packet.header_buffer.resize(_packet.header_size);
boost::asio::async_read(socket,
boost::asio::buffer(_packet.header_buffer.data(), _packet.header_size),
[this, self](boost::system::error_code ec,std::size_t bytes_transferred)
{
if ((boost::asio::error::eof == ec) || (boost::asio::error::connection_reset == ec))
{
Disconnect();
}
else
{
assert(_packet.header_buffer.size() >= sizeof(_packet.headerCode));
std::memcpy(&_packet.headerCode, &_packet.header_buffer[0], sizeof (_packet.headerCode));
if(_packet.headerCode)
read_size();
else
Logger::Log("UNKNOWN HEADER CODE", Logger::FatalError);
}
});
}
So far so good, however I am not able to send correctly formatted same message from the C# client. Note that I send exactly same data, take a look:
Client authClient = GameObject.Find("Client").GetComponent<AuthClient>().client; // This is how I get Client class instance.
ClientOpcode clientOpcode = ClientOpcode.CLIENT_LOGIN_REQUEST;
var builder = new FlatBuffers.FlatBufferBuilder(1);
var email = builder.CreateString("test#abv.bg");
var password = builder.CreateString("test");
var loginRequest = LoginRequest.CreateLoginRequest(builder, email, password);
builder.FinishSizePrefixed(loginRequest.Value);
authClient.Send(builder, clientOpcode);
And here is how I actually prepend the header and send the data in C#:
public static Byte[] PrependClientOpcode(FlatBufferBuilder byteBuffer, ClientOpcode code)
{
var originalArray = byteBuffer.SizedByteArray();
byte[] buffer = new byte[originalArray.Length + 2];
buffer[1] = (byte)((ushort)code / 0x0100);
buffer[0] = (byte)code;
Array.Copy(originalArray, 0, buffer, 2, originalArray.Length);
return buffer;
}
public void Send(FlatBufferBuilder builder, ClientOpcode opcode)
{
byte[] buffer = builder.SizedByteArray();
var bufferToSend = PrependClientOpcode(builder, opcode);
if (bufferToSend.Length > MaxMessageSize)
{
Logger.LogError("Client.Send: message too big: " + bufferToSend.Length + ". Limit: " + MaxMessageSize);
return;
}
if (Connected)
{
// respect max message size to avoid allocation attacks.
if (bufferToSend.Length <= MaxMessageSize)
{
// add to send queue and return immediately.
// calling Send here would be blocking (sometimes for long times
// if other side lags or wire was disconnected)
sendQueue.Enqueue(bufferToSend);
sendPending.Set(); // interrupt SendThread WaitOne()
}
}
else
{
Logger.LogWarning("Client.Send: not connected!");
}
}
ClientOpcode enum on C# is as follows:
public enum ClientOpcode : ushort
{
CLIENT_AUTH_CONNECTION = 0x001,
CLIENT_LOGIN_REQUEST = 0x002,
CLIENT_NUM_MSG_TYPES = 0x003,
}
I think I can use ushort as a replacement of uint16_t in C#. That is why ClientOpcode is ushort.
When I send the message I get error on the client saying UNKNOWN HEADER CODE. If you take a look at the C++ server code to read the header you'll see that this message is displayed when the server is unable to read the header code. So somehow I am unable to place the ClientOpcode header correctly infront of the TCP message send from the C# client.
In order to find out what are the differences I installed WireShark on the host to track both messages. Here are they:
This one is from the correctly working C++ client:
And this one is the dump of the C# client:
As you can see on the second image of the TCP dump the Length of is bigger. C++ message is with length of 58 where C# message's length is 62. Why?
The C++ client is sending data:
0200340000000c00000008000c00040008000800000014000000040000000400000074657374000000000b00000074657374406162762e626700
When the C# client is sending:
0000003a0200340000000c00000008000c00040008000800000014000000040000000400000074657374000000000b00000074657374406162762e626700
The C# client is adding to it's message in front 0000003a. If I remove that messages should be the same and all will work.
Why is my C# client adding those extra data in front and how can I fix it?
I have a USB HID device that I would like to communicate with. I am successfully doing so on Windows using the HidSharp library (link: https://github.com/treehopper-electronics/HIDSharp). My Windows application is developed using the .NET Framework 4.5, C#, and Visual Studio.
I now want to communicate with this same USB HID device from an Android tablet instead of from the Windows desktop. I am encountering some problems doing so. When I have the device plugged in to my tablet, it reports a single interface with a single "read" endpoint. Here is what is reported to me:
Interface #0
Class: Human Interaction Device (0x3)
Endpoint: #0
Address : 0x81 (10000001)
Number : 1
Direction : Inbound (0x80)
Type : Intrrupt (0x3)
Poll Interval : 1
Max Packet Size: 64
Attributes : 000000011
As you can see, it only reports a single endpoint, which is an inbound endpoint. I need to be able to output simple commands to this device, which I was able to do so successfully on Windows using HidSharp.
HidSharp abstracted everything into a single "stream" object that you could read from and write to. Using the Android APIs, there isn't a single "stream" object, but rather there seem to be 3 different ways of reading/writing: bulk transfer, control transfer, and USB Request. I've tried sending out data using all 3, but with seemingly no success.
Any suggestions on what to do? Is there a reason why I could send out data to this device on Windows, but seemingly cannot do so from Android? Is there a way to use a single endpoint as both a read and a write endpoint? Is there something that I am just obviously missing and not understanding?
I am using Xamarin as my development environment (C#, Visual Studio 2017). Since code is always helpful, here is how I am connecting to the device:
int VendorID = 0x04d8;
int ProductID = 0x2742;
UsbManager USB_Manager = null;
UsbDevice USB_Device = null;
UsbDeviceConnection DeviceConnection = null;
UsbInterface DeviceInterface = null;
UsbEndpoint OutputEndpoint = null;
UsbEndpoint InputEndpoint = null;
//Grab the Android USB manager and get a list of connected devices
var USB_Manager = MyMainActivity.ApplicationContext.GetSystemService(Android.Content.Context.UsbService) as Android.Hardware.Usb.UsbManager;
var attached_devices = USB_Manager.DeviceList;
//Find the device in the list of connected devices
foreach (var d in attached_devices.Keys)
{
if (attached_devices[d].VendorId == VendorID && attached_devices[d].ProductId == ProductID)
{
USB_Device = attached_devices[d];
break;
}
}
//Assuming we found the correct device, let's set everything up
if (USB_Device != null)
{
for (int j = 0; j < USB_Device.InterfaceCount; j++)
{
DeviceInterface = USB_Device.GetInterface(j);
for (int i = 0; i < DeviceInterface.EndpointCount; i++)
{
var temp_ep = DeviceInterface.GetEndpoint(i);
if (temp_ep.Type == Android.Hardware.Usb.UsbAddressing.XferInterrupt)
{
if (temp_ep.Direction == Android.Hardware.Usb.UsbAddressing.In)
{
InputEndpoint = temp_ep;
}
if (temp_ep.Direction == Android.Hardware.Usb.UsbAddressing.Out)
{
OutputEndpoint = temp_ep;
}
}
}
}
//Request permission to communicate with this USB device
UsbReceiver receiver = new UsbReceiver();
PendingIntent pending_intent = PendingIntent.GetBroadcast(Game.Activity, 0, new Android.Content.Intent(UsbReceiver.ACTION_USB_PERMISSION), 0);
IntentFilter intent_filter = new IntentFilter(UsbReceiver.ACTION_USB_PERMISSION);
Game.Activity.RegisterReceiver(receiver, intent_filter);
USB_Manager.RequestPermission(USB_Device, pending_intent);
bool has_permission = USB_Manager.HasPermission(USB_Device);
var device_connection = USB_Manager.OpenDevice(USB_Device);
device_connection.ClaimInterface(DeviceInterface, true);
DeviceConnection = device_connection;
}
Next, here is how I attempt to read from the device:
//3 methods of attempting to read from the device
//Method 1:
byte[] inpt = new byte[64];
var request = new UsbRequest();
request.Initialize(DeviceConnection, InputEndpoint);
var byte_buffer = ByteBuffer.Allocate(64);
request.Queue(byte_buffer, 64);
DeviceConnection.RequestWait();
byte_buffer.Rewind();
for(int i = 0; i < 64; i++)
{
inpt[i] = (byte) byte_buffer.Get();
}
//Method 2:
byte[] inpt = new byte[64];
DeviceConnection.BulkTransfer(InputEndpoint, inpt, inpt.Length, 1000);
//Method 3:
byte[] inpt = new byte[64];
DeviceConnection.ControlTransfer(UsbAddressing.In, 0, 0, 0, inpt, 64, 1000);
And finally, here is how I attempt to write data to this device:
//Method 1:
byte[] output_msg; //This variable is assigned elsewhere in the code
DeviceConnection.BulkTransfer(OutputEndpoint, output_msg, output_msg.Length, 30);
//Method 2:
byte[] output_msg; //This variable is assigned elsewhere in the code
DeviceConnection.ControlTransfer(UsbAddressing.Out, 0, 0, 0, output_msg, output_msg.Length, 1000);
//Method 3:
byte[] output_msg; //This variable is assigned elsewhere in the code
var write_request = new UsbRequest();
write_request.Initialize(DeviceConnection, OutputEndpoint);
var byte_buffer_write = ByteBuffer.Wrap(output_msg);
request.Queue(byte_buffer_write, output_msg.Length);
DeviceConnection.RequestWait();
"OutputEndpoint" is typically null because there is no output endpoint, so I often replace "OutputEndpoint" with "InputEndpoint", but with no success.
Any help would be greatly appreciated! Thanks!!!
You are dealing with HID devices which means you should do Interrupt Transfers.
In Android, you should use UsbRequest to perform Interrupt Transfers (as it does Asynchronous NonBlocking IO).
The endpoints are unidirectional and can be used for both inbounds and outbound (but not at the same time)
If the endpoint is inbound then submit the Urb using UsbRequest and queue as you tried before but using empty buffer with expected bufferLength.
The RequestWait will return UsbRequest Object back upon completion.
If the usbRequest.getEndPoint().getDirection() is inbound then your buffer variable will be updated with read buffer from the device.
If the usbRequest.getEndpoint().getDirection() is outbound then you should pass your buffer to write data to the device
Core part of code is as below.
Actually, the code is copied from https://github.com/ECToo/world-opponent-network/blob/fbb35876ae26006606d07b6297d557bd53234066/%20world-opponent-network/TitanApi/Samples/ServerTest%20-%20Copy/Sniffer/main.cpp
The code can capture UDP both incoming/outgoing packets and TCP outgoing packets, but cannot capture any TCP incoming packets on Windows10.
however, it works quite well on Windows XP.
sniffer = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
if (sniffer == INVALID_SOCKET) {
printf("Failed to create raw socket.\n");
return 1;
}
memset(&dest, 0, sizeof(dest));
memcpy(&dest.sin_addr.s_addr, local->h_addr_list[in], sizeof(dest.sin_addr.s_addr));
dest.sin_family = AF_INET;
dest.sin_port = 0;
printf("\nBinding socket to local system and port 0 ...");
if (bind(sniffer, (struct sockaddr *)&dest, sizeof(dest)) == SOCKET_ERROR) {
printf("bind(%s) failed.\n", inet_ntoa(addr));
return 1;
}
printf("Binding successful");
//Enable this socket with the power to sniff : SIO_RCVALL is the key Receive ALL ;)
j = 1;
printf("\nSetting socket to sniff...");
if (WSAIoctl(sniffer, SIO_RCVALL, &j, sizeof(j), 0, 0, (LPDWORD)&in, 0, 0) == SOCKET_ERROR) {
printf("WSAIoctl() failed.\n");
perror("Error:");
return 1;
}
printf("Socket set.");
//Begin
printf("\nStarted Sniffing\n");
printf("Packet Capture Statistics...\n");
StartSniffing(sniffer); //Happy Sniffing
//End
closesocket(sniffer);
WSACleanup();
Then, I tried https://www.netresec.com/?page=RawCap which is written in C#, same result as C++ code.
At last, I tried raw socket in python, it works quite well on Win10.
import socket
from struct import *
host = '10.0.0.18'
# create a raw socket and bind it to the public interface
socket_protocol = socket.IPPROTO_IP
sniffer = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket_protocol)
sniffer.bind((host, 0))
# we want the IP headers included in the capture
#sniffer.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1)
sniffer.ioctl(socket.SIO_RCVALL, socket.RCVALL_ON)
while True:
packet = sniffer.recvfrom(65565)
#packet string from tuple
packet = packet[0]
#take first 20 characters for the ip header
ip_header = packet[0:20]
#now unpack them :)
iph = unpack('!BBHHHBBH4s4s' , ip_header)
version_ihl = iph[0]
version = version_ihl >> 4
ihl = version_ihl & 0xF
iph_length = ihl * 4
total_len = iph[2]
ttl = iph[5]
protocol = iph[6]
s_addr = socket.inet_ntoa(iph[8]);
d_addr = socket.inet_ntoa(iph[9]);
if protocol == 6:
print 'Length : ' + str(total_len) + ' Source Address : ' + str(s_addr) + ' Destination Address : ' + str(d_addr)
Quite strange, is there any mistake I made for the C++ code?
I am building a Wake On Lan program in C# i have found lots of code for WOL but whatever i have found thus far does not work. i believe this is because i cannot enable IP directed broadcast (The customer's security policy will not enable this in order to prevent DOS attacks).
i am looking for a way to send the magic packet over ethernet directly to the requested mac address - right now it seems to be sending over UDP to 255.255.255.255
(What i am don't understand is why it needs to send to 255.255.255.255 and not to the mac itself)
here is the code i have as of now (can't remember where i found it).
public static bool WakeOnLan(string MacAddress)
{
try
{
MacAddress = MacAddress.Replace("-", "");
MacAddress = MacAddress.Replace(":", "");
if (MacAddress.Length != 12)
{
return false;
}
byte[] mac = new byte[6];
for (int k = 0; k < 6; k++)
{
mac[k] = Byte.Parse(MacAddress.Substring(k * 2, 2), System.Globalization.NumberStyles.HexNumber);
}
// WOL packet is sent over UDP 255.255.255.0:40000.
System.Net.Sockets.UdpClient client = new System.Net.Sockets.UdpClient();
client.Connect(System.Net.IPAddress.Broadcast, 4000);
byte[] packet = new byte[17 * 6];
for (int i = 0; i < 6; i++)
packet[i] = 0xFF;
for (int i = 1; i <= 16; i++)
for (int j = 0; j < 6; j++)
packet[i * 6 + j] = mac[j];
client.Send(packet, packet.Length);
return true;
}
catch
{
return false;
}
}
Any help would be greatly appreciated.
thanx
WoL frames are sent to the broadcast MAC address, ffff:ffff:ffff. To do that, you must send the IP packet to either the network or limited broadcast address. Broadcasts do not cross routers because this is a huge security hole.
Implementation that must send WoL from different network do this by placing a WoL server on the LAN, and send commands to the WoL server that will then send WoL frames on the LAN.
Edit:
If you are trying to do WoL with the source and destination on the same LAN, you can use either the LAN or limited broadcast because the frames will not try to cross a router.
You really should not use UDP. This can be accomplished with an ethernet frame. Just send the frame to ffff:ffff:ffff. IP addresses are only needed to get a packet from one network to another network. Data on a LAN is delivered in layer-2, e.g. ethernet, frames.
You can just use an EtherType of 0x0842, then in the frame payload, put in 0xffffffffffff followed immediately by 16 repetitions of the target MAC address. That is all that is necessary for a "Magic Packet" because it is really a frame, not a packet.
I read the tutorials and so, but I am not getting it. It does let you send packets, but how can you tell Winpcap where to send those packets? Is there any header I should put on the packets so it will know to which ip/port's to forward it? I mean. Let's imagine I want to send some data to my MSN, as if I had wrote something to someone on my list. I can use the sendpacket(), but it will only take the packet/byte array as argument, not specifing to which app/ip/port so send it.
Thanks
You don't tell Winpcap where to send packets. You tell it to put a packet on the wire. The network switch will send the packet to the right destination. The TCP stack on the receiving end will send the packet to the right application/service. Obviously this means the routing information has to be in the packet itself.
To take your example, you'd need to put the IP address and TCP port of the appropriate MSN server in the packet. If you don't, your networking hardware will discard or misroute that packet.
This is how i sent an ARP request over the wire.
1. Define structures for the protocols i.e if you want to send ARP packets you will need a structure that will contain the data link layer(Ethernet header) and network layer (ARP Header). Correspondingly if you want to send a tcp packet over IP you will need a data structure for the ethernet header, ip header and tcp header.
once you defined the structures, initialize an instance of the structure with values you want i.e. if you want the packet to go to all machines in the network set the destination mac value of the Ethernet header to ff:ff:ff:ff:ff:ff if you want to send the packet to machine X with(IP address 192.168.0.88) then set the destination address in the ip layer to that value.
Once done you will need to declare a char* array and copy all the structures to the char* array to create a byte sequence and send it over the wire.
//Just to show you what i mean by defining structures doesn't //relate to the rest of the code snippet
typedef struct IP_header
{
u_char VersionNInternetHeaderLength; // Version (4 bits) + Internet header length (4 bits)
/*u_char version:4;
u_char HeaderLength:4;*/
u_char Type; // Type of service
u_short TotalLength; // Total length
u_short Identification; // Identification
u_char rsv : 1;
u_char df : 1;
u_char mf : 1;
u_char FragmentOffset1 : 5;
u_char FragmentOffset2;
//u_short Flags_fo; // Flags (3 bits) + Fragment offset (13 bits)
u_char TimeToLive; // Time to live
u_char Protocol; // Next level Protocol of the encapsulated payload
u_short Checksum; // Header checksum
IP_address SourceAddress; // Source address
IP_address DestinationAddress; // Destination address
u_int OptionNPadding; // Option + Padding
IP_header()
{
mf = 0;
rsv = 0;
df = 0;
FragmentOffset1 = 0;
FragmentOffset2 = 0;
TimeToLive = 128;
TotalLength = sizeof(IP_header);
Identification = 0xABCD;
Checksum = 0xABCD;
OptionNPadding = 0;
}
}IP_header;
Ethernet_header EthernetHeader;// = (Ethernet_header*)malloc(sizeof(Ethernet_header));
ARP_header ARPHeader ;//= (ARP_header*)malloc(sizeof(ARP_header));
ARPHeader.HardwareType = htons(1);
ARPHeader.ProtocolType = htons(0x800);
ARPHeader.OPCODE = htons(1);
ARPHeader.HeaderLength = 6;
ARPHeader.ProtocolLength = 4;
ARPHeader.SenderMAC = MY_FAKE_MAC;
ARPHeader.SenderIP = MY_IP;
ARPHeader.TargetMAC = MAC_address();
ARPHeader.TargetIP = Whose;
EthernetHeader.DestinationMAC = BROADCASTMAC;
EthernetHeader.SourceMAC = MY_FAKE_MAC;
EthernetHeader.EtherType = htons(0x806);
u_char* packet = (u_char*)malloc(sizeof(EthernetHeader) + sizeof(ARPHeader));
memcpy(packet, &EthernetHeader, sizeof(EthernetHeader));
memcpy(packet + sizeof(EthernetHeader), &ARPHeader, sizeof(ARPHeader));
SendPacket(packet);