Hi,
im pretty new to raw sockets and, obviously, im having a problem, take a look at this
Heres what tcpdump says
Code:
23:51:31.971322 (tos 0x0, ttl 64, length: 40) 192.168.***.***.23456 > beast.dierentuin.com.http: S [bad tcp cksum ff09 (->126b)!] 752722692:752722692(0) win 12000
and heres the code
Code:
#define __USE_BSD
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <stdlib.h>
#include <arpa/inet.h>
#define __FAVOR_BSD
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <errno.h>
#include <unistd.h>
#include <string.h>
unsigned short in_cksum( unsigned short *addr, int len );
int main()
{
int sockfd, packet_size, sport, dport;
int on = 1, data_len = 0;
struct in_addr srcaddr, dstaddr;
struct sockaddr_in sock_raw;
struct tcphdr *tcp;
struct ip *iphdr;
struct in_addr saddr, daddr;
char *packet;
saddr.s_addr = inet_addr("192.168.168.251");
daddr.s_addr = inet_addr("194.109.192.114");
sport = 23456;
dport = 80;
if(getuid() != 0)
{
printf("YOU MUST BE r00t!!\n");
exit(1);
}
if( ( sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW )) < 0 )
{
perror("socket");
printf("Prob socket\n");
exit(1);
}
if(setsockopt(sockfd, IPPROTO_IP, IP_HDRINCL,(char *)&on,sizeof(on)) < 0)
{
perror("setsockopt");
printf("Prob setsockopt\n");
exit(1);
}
memset(&sock_raw, '\0', sizeof(sock_raw) );
packet_size = (sizeof(struct ip) + sizeof(struct tcphdr));
packet = malloc(packet_size);
iphdr = (struct ip *)packet;
iphdr->ip_v = 4;
iphdr->ip_hl = 5;
iphdr->ip_len = packet_size;
iphdr->ip_off = 0;
iphdr->ip_ttl = IPDEFTTL;
iphdr->ip_p = IPPROTO_TCP;
iphdr->ip_src = saddr;
iphdr->ip_dst = daddr;
iphdr->ip_sum = (unsigned short)in_cksum((unsigned short *)iphdr, sizeof(struct ip));
tcp = (struct tcphdr *)(packet + sizeof ( struct ip ));
memset((char *)tcp,'\0',sizeof(struct tcphdr));
tcp->th_sport = htons(sport);
tcp->th_dport = htons(dport);
tcp->th_seq = htonl(random()%time(NULL));
tcp->th_ack = htonl(random()%time(NULL));
tcp->th_off = 5;
/* We won't use th_x2 (i don't know what it is) */
tcp->th_flags = TH_SYN;
tcp->th_win = htons(12000);
tcp->th_sum = (unsigned short)in_cksum((unsigned short *)tcp, (sizeof(struct tcphdr)));
sock_raw.sin_family = AF_INET;
sock_raw.sin_port = htons(dport);
sock_raw.sin_addr = daddr;
sendto(sockfd, packet, packet_size, 0x0, (struct sockaddr *)&sock_raw, sizeof(sock_raw));
exit(0);
}
unsigned short in_cksum(unsigned short *addr,int len)
{
register int sum = 0;
u_short answer = 0;
register u_short *w = addr;
register int nleft = len;
/*
* * Our algorithm is simple, using a 32 bit accumulator (sum), we add
* * sequential 16 bit words to it, and at the end, fold back all the
* * carry bits from the top 16 bits into the lower 16 bits.
* */
while (nleft > 1) {
sum += *w++;
nleft -= 2;
}
/* mop up an odd byte, if necessary */
if (nleft == 1) {
*(u_char *)(&answer) = *(u_char *)w ;
sum += answer;
}
/* add back carry outs from top 16 bits to low 16 bits */
sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
sum += (sum >> 16); /* add carry */
answer = ~sum; /* truncate to 16 bits */
return(answer);
}
As you noticed, the TCP checksum is incorrect, but i have no idea how it is incorrect,
any help is appreciated,
i allready got some help on other forums, but i couldnt get the program working.....
thanks
encrypted