Thread: Raw Packet (sorry tripple weird Post)

  1. #1
    Registered User
    Join Date
    Jul 2003
    Posts
    110

    Raw Packet (sorry tripple weird Post)

    Hello all, in a previous thread I was trying to figure out how to send raw packets thru one of my devices. Well since I want to use C# I found a C# version of WinPcap.

    http://www.tamirgal.com/home/dev.aspx?Item=SharpPcap

    Since WinPcap is used by C++'rs I have a question using it.

    I built an application to (well just read the tutorial and moved code around) resend IRC msgs when it reads one with its sniffer.

    So example...

    The application sees the packet Im sending to the IRC server with the msg MSG CHANNEL TEXT. I have it resent that EXACT packet to the server. The problem is eather the server drops it or doesnt get it.

    So my theory is you just cant resend the same packet to the same location and there is something in the header I need to change to send a packet properly.

    So, according to this website.

    http://www.erg.abdn.ac.uk/users/gorr...ip-packet.html

    The header is 20 bytes long and there are diffrent parts to the packet.

    The only thing I could find was this.

    Identification ( 16-bit number which together with the source address uniquely identifies this packet - used during reassembly of fragmented datagrams)
    So maybe I can only send 1 packet with the same ID number.

    So if I can only send 1 packet with that ID number how to I generate a new ID number? Can I use a random number? Is there a sequence I follow?

    Thankyou for your help.

    Rick

  2. #2
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    For a tcp connection this approach will have problems. Each time a new tcp packet is sent it is given a sequence number 1 higher then the last packet. So if you sent a packet or packets with the correct sequence number and they were accepted by the receiver then the senders packets would now have incorrect sequence numbers and would probably result in a disconnect.

  3. #3
    Registered User
    Join Date
    Jul 2003
    Posts
    110
    Whats the better way of doing it? Will it still work with the librarys im using?

    Also, with a memory editor I could in theory edit the memory of the sequence number? What part of the header contains the sequence number?
    Last edited by Coder87C; 03-01-2006 at 04:32 AM.

  4. #4
    Registered User
    Join Date
    Jan 2005
    Posts
    847
    The tcp header follows the IP header. You'll find the sequence number in the tcp header (google tcp header).

    What exacly are you trying to create? If you want to examine data and then alter it/add to it before it reaches the internet then you could do that by creating a proxy server that your application connects to and the proxy server receivs the data and changes it/adds to it then sends to the server. This would avoid having to deal with raw packets.

  5. #5
    Registered User
    Join Date
    Jul 2003
    Posts
    110
    The IRC server I connect to only allows 1 connection. I wanted to make a bot in C# that would monitor the stream and do things according to it. Even at times sending data down the stream. Im researching this proxy server thing right now. Also thank you for explaining the IP TCP header.

  6. #6
    Registered User
    Join Date
    Jul 2003
    Posts
    110
    Ok, So I did some toying with Ethreal and this program. I can to a point where Im like whats this.

    When I read ethreal it says its sequence number is 38 and the next is 78. How does it know this? when I click the sequence number to get the portion of the packet its stored, it returns

    2D 3A F6 93 Is its 4 bytes long making it a int.

    How does that equal 38 and how does it know the next packet is 78?

  7. #7
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,268
    WinPcap does not allow you to send raw packets.

    Each time a new tcp packet is sent it is given a sequence number 1 higher then the last packet.
    No, sequence numbers do not increase by one each time. They increase by the number of data bytes in the packet.

    When I read ethreal it says its sequence number is 38 and the next is 78.
    Because it knows how many data bytes are being sent in the current packet, therefore it knows what the next sequence number will be.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Global Variables
    By Taka in forum C Programming
    Replies: 34
    Last Post: 11-02-2007, 03:25 AM
  2. weird checksum function
    By sagitt13 in forum C Programming
    Replies: 7
    Last Post: 10-31-2006, 01:25 AM
  3. New compiler - Weird errors -,-.
    By Blackroot in forum C++ Programming
    Replies: 8
    Last Post: 08-27-2006, 07:23 AM
  4. ping program
    By lithium in forum Networking/Device Communication
    Replies: 6
    Last Post: 10-28-2005, 12:47 AM