Presentation is loading. Please wait.

Presentation is loading. Please wait.

PLUS 내부 세미나 1/22 The Libnet Library 이병영 2004/05/06.

Published byEdwina Franklin Modified over 8 years ago

Similar presentations

Presentation on theme: "PLUS 내부 세미나 1/22 The Libnet Library 이병영 2004/05/06."— Presentation transcript:

1 PLUS 내부 세미나 1/22 The Libnet Library 이병영 override@plus.or.kr 2004/05/06

2 PLUS 내부 세미나 2/22 CONTENTS  Introduction of libnet  Building packets (with libnet-1.1)  Four steps to send a packet  Practical use example with libnet  ARP spoofing  TCP RESET attack

3 PLUS 내부 세미나 3/22 Introduction of Libnet  Libnet is a C library providing a high-level interface to packet injection.  Previous to libnet, programmers had to wrestle with confusing, obscure, and poorly documented interfaces to build and write network packets.

4 PLUS 내부 세미나 4/22 Introduction of Libnet

5 PLUS 내부 세미나 5/22 Introduction of Libnet  Libnet is a wonderful utility for writing security- related applications, tools and modules.  Many recent exploits and tools have been rapidly developed using libnet.

6 PLUS 내부 세미나 6/22 Building packets  Libnet contexts  typedef struct {... /* some declarations */ } libnet_t;

7 PLUS 내부 세미나 7/22 Building packets  Libnet pblock(packet block)  struct libnet_protocol_block { … /* some declarations */ }; typedef struct libnet_protocol_block libnet_pblock_t;

8 PLUS 내부 세미나 8/22 Building packets - our example’s plan  Suppose that we want to  build a simple UDP packet  work in link layer level  So we have to build a UDP, IPV4, ethernet header(pblock) in libnet contexts.

9 PLUS 내부 세미나 9/22

10 PLUS 내부 세미나 10/22 Building packets (1)Initializing the context  libnet_t* libnet_init ( int injection_type, char * device, char * err_buf)  injection type  Decides your working level  LIBNET_RAW4, LIBNET_LINK  device  Specify the device you will use  err_buf  Buffer to write the error message

11 PLUS 내부 세미나 11/22 Building packets (2)Building pblock (UDP)  Build a UDP header libnet_ptag_t libnet_build_udp( u_int16_t sp, // The src UDP port u_int16_t dp, // The dst UDP port u_int16_t len, // Length of UDP packet u_int16_t sum, // Checksum, 0 for libnet autofill u_int8_t *payload, // Optional payload u_int32_t payload_s, // Payload size libnet_t *l, // The libnet context pointer libnet_ptag_t ptag // Protocol tag );

12 PLUS 내부 세미나 12/22 Building packets (2)Building pblock (IPV4)  Build a IPV4 header libnet_ptag_t libnet_build_ipv4( u_int16_t len,// Length of IPV4 packet u_int8_t tos,// Type of service bits u_int16_t id, // IP identification u_int16_t frag, // Fragmentation bits u_int8_t ttl, // Time to live u_int8_t prot, // Upper layer protocol u_int16_t sum, // Checksum, 0 for libnet autofill u_int32_t src, // Src IP address u_int32_t dst, // Dst IP address u_int8_t *payload,// Optional payload u_int32_t payload_s,// Payload size libnet_t *l, // The libnet context pointer libnet_ptag_t ptag);// Protocol tag

13 PLUS 내부 세미나 13/22 Building packets (2)Building pblock (Ethernet)  Bulid a ethernet header libnet_ptag_t libnet_build_ethernet( u_int8_t *dst, // Dst ethernet address u_int8_t *src,// Src ethernet address u_int16_t type, // Upper layer type u_int8_t *payload, // Optional payload u_int32_t payload_s, // Payload size libnet_t *l,// The libnet context pointer libnet_ptag_t ptag);// Protocal tag

14 PLUS 내부 세미나 14/22 Building packets (3)Write the packet to wire  After building pblock, just call the function libnet_write with argument of libnet_t pointer.  int libnet_write ( libnet_t * )  Returns the amount of bytes written to the wire.

15 PLUS 내부 세미나 15/22 Building packets (4)Clean up a libnet context  void libnet_destroy ( libnet_t * )  This function frees memeory of libnet context.

16 PLUS 내부 세미나 16/22

17 PLUS 내부 세미나 17/22 Building packets - confirm with tcpdump

18 PLUS 내부 세미나 18/22 Practical use – (1) ARP spoofing

19 PLUS 내부 세미나 19/22 Practical use – (2) TCP RESET attack  In a traditional sequence number attack, the exact sequence number considered valid and accepted by the receiving TCP endpoint.  The utilization of the TCP window size to reduce the number of sequence numbers that must be guessed.  More details are in document “Slippling in the window : TCP Reset Attacks”.

20 PLUS 내부 세미나 20/22 Practical use – (2) TCP RESET attack

21 PLUS 내부 세미나 21/22 Practical use – (2) TCP RESET attack

22 PLUS 내부 세미나 22/22 References  1. Libnet reference manual  http://www.packetfactory.net/libnet/dist/deprecated/manual http://www.packetfactory.net/libnet/dist/deprecated/manual  2. Building packets for dummies and others with libnet  http://www.security-labs.org/index.php3?page=libnet http://www.security-labs.org/index.php3?page=libnet  3. TCP/IP Illustrated, Volume1 by Stevens  4. Slippling in the window : TCP Reset Attacks  http://www.frame4.com/php/printout2615.html http://www.frame4.com/php/printout2615.html

Download ppt "PLUS 내부 세미나 1/22 The Libnet Library 이병영 2004/05/06."

Similar presentations

Discussion Monday (11-3-2014). ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier header checksum time to live.

Discussion Monday ( ). ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier header checksum time to live.
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
ECE Department: University of Massachusetts, Amherst ECE 354 Lab 3: Transmitting and Receiving Ethernet Packets.

ECE Department: University of Massachusetts, Amherst ECE 354 Lab 3: Transmitting and Receiving Ethernet Packets.
Introduction1-1 message segment datagram frame source application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M destination application.

Introduction1-1 message segment datagram frame source application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M destination application.
UDP & TCP Where would we be without them!. UDP User Datagram Protocol.

UDP & TCP Where would we be without them!. UDP User Datagram Protocol.
Instructor: Sam Nanavaty TCP/IP protocol. Instructor: Sam Nanavaty Version – Allows for the evolution of the protocol IHL (Internet header length) – Length.

Instructor: Sam Nanavaty TCP/IP protocol. Instructor: Sam Nanavaty Version – Allows for the evolution of the protocol IHL (Internet header length) – Length.
CP476 Internet Computing TCP/IP 1 Lecture 3. TCP / IP Objective: A in-step look at TCP/IP Purposes and operations Header specifications Implementations.

CP476 Internet Computing TCP/IP 1 Lecture 3. TCP / IP Objective: A in-step look at TCP/IP Purposes and operations Header specifications Implementations.
Network Layer Packet Forwarding IS250 Spring 2010

Network Layer Packet Forwarding IS250 Spring 2010
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.

The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
ECE Department: University of Massachusetts, Amherst ECE 354 Spring 2009 Lab 3: Transmitting and Receiving Ethernet Packets.

ECE Department: University of Massachusetts, Amherst ECE 354 Spring 2009 Lab 3: Transmitting and Receiving Ethernet Packets.
1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.

1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.
Source Port # (16)Destination Port # (16) Sequence Number (32 bits) Acknowledgement Number (32 bits) Hdr Len (4) Flags (6)Window Size (16) Options (if.

Source Port # (16)Destination Port # (16) Sequence Number (32 bits) Acknowledgement Number (32 bits) Hdr Len (4) Flags (6)Window Size (16) Options (if.
Chapter 3 Review of Protocols And Packet Formats

Chapter 3 Review of Protocols And Packet Formats
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
ECE-6612 Prof. John A. Copeland 404 894-5177 fax 404 894-0035 Office: Klaus 3362.

ECE Prof. John A. Copeland fax Office: Klaus 3362.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Module A Panko and Panko Business Data Networks and Security, 9 th Edition © 2013 Pearson.

Module A Panko and Panko Business Data Networks and Security, 9 th Edition © 2013 Pearson.

Similar presentations

Ads by Google