1 / 22

The Libnet Library

The Libnet Library. 이병영 override@plus.or.kr 2004/05/06. CONTENTS. Introduction of libnet Building packets (with libnet-1.1) Four steps to send a packet Practical use example with libnet ARP spoofing TCP RESET attack. Introduction of Libnet. Libnet is a C library providing

zariel
Download Presentation

The Libnet Library

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Libnet Library 이병영 override@plus.or.kr 2004/05/06 PLUS 내부 세미나

  2. CONTENTS • Introduction of libnet • Building packets (with libnet-1.1) • Four steps to send a packet • Practical use example with libnet • ARP spoofing • TCP RESET attack PLUS 내부 세미나

  3. Introduction of Libnet • Libnet is a C library providing a high-level interface to packet injection. • Previous to libnet, programmers had to wrestle with confusing, obscure, and poorly documented interfaces to build and write network packets . PLUS 내부 세미나

  4. Introduction of Libnet PLUS 내부 세미나

  5. Introduction of Libnet • Libnet is a wonderful utility for writing security-related applications, tools and modules. • Many recent exploits and tools have been rapidly developed using libnet. PLUS 내부 세미나

  6. Building packets • Libnet contexts • typedef struct { ... /* some declarations */ } libnet_t; PLUS 내부 세미나

  7. Building packets • Libnet pblock(packet block) • struct libnet_protocol_block { … /* some declarations */ }; typedef struct libnet_protocol_block libnet_pblock_t; PLUS 내부 세미나

  8. Building packets - our example’s plan • Suppose that we want to • build a simple UDP packet • work in link layer level • So we have to build a UDP, IPV4, ethernet header(pblock) in libnet contexts. PLUS 내부 세미나

  9. PLUS 내부 세미나

  10. Building packets (1)Initializing the context • libnet_t* libnet_init (intinjection_type, char *device, char *err_buf) • injection type • Decides your working level • LIBNET_RAW4, LIBNET_LINK • device • Specify the device you will use • err_buf • Buffer to write the error message PLUS 내부 세미나

  11. Building packets (2)Building pblock (UDP) • Build a UDP header libnet_ptag_t libnet_build_udp( u_int16_t sp, // The src UDP port u_int16_t dp, // The dst UDP port u_int16_t len, // Length of UDP packet u_int16_t sum, // Checksum, 0 for libnet autofill u_int8_t *payload, // Optional payload u_int32_t payload_s, // Payload size libnet_t *l, // The libnet context pointer libnet_ptag_t ptag // Protocol tag ); PLUS 내부 세미나

  12. Building packets (2)Building pblock (IPV4) • Build a IPV4 header libnet_ptag_t libnet_build_ipv4( u_int16_t len, // Length of IPV4 packet u_int8_t tos, // Type of service bits u_int16_t id, // IP identification u_int16_t frag, // Fragmentation bits u_int8_t ttl, // Time to live u_int8_t prot, // Upper layer protocol u_int16_t sum, // Checksum, 0 for libnet autofill u_int32_t src, // Src IP address u_int32_t dst, // Dst IP address u_int8_t *payload, // Optional payload u_int32_t payload_s, // Payload size libnet_t *l, // The libnet context pointer libnet_ptag_t ptag); // Protocol tag PLUS 내부 세미나

  13. Building packets (2)Building pblock (Ethernet) • Bulid a ethernet header libnet_ptag_t libnet_build_ethernet( u_int8_t *dst, // Dst ethernet address u_int8_t *src, // Src ethernet address u_int16_t type, // Upper layer type u_int8_t *payload, // Optional payload u_int32_t payload_s, // Payload size libnet_t *l, // The libnet context pointer libnet_ptag_t ptag); // Protocal tag PLUS 내부 세미나

  14. Building packets (3)Write the packet to wire • After building pblock, just call the function libnet_write with argument of libnet_t pointer. • int libnet_write (libnet_t * ) • Returns the amount of bytes written to the wire. PLUS 내부 세미나

  15. Building packets (4)Clean up a libnet context • void libnet_destroy (libnet_t * ) • This function frees memeory of libnet context. PLUS 내부 세미나

  16. PLUS 내부 세미나

  17. Building packets - confirm with tcpdump PLUS 내부 세미나

  18. Practical use – (1) ARP spoofing PLUS 내부 세미나

  19. Practical use – (2) TCP RESET attack • In a traditional sequence number attack, the exact sequence number considered valid and accepted by the receiving TCP endpoint. • The utilization of the TCP window size to reduce the number of sequence numbers that must be guessed. • More details are in document “Slippling in the window : TCP Reset Attacks”. PLUS 내부 세미나

  20. Practical use – (2) TCP RESET attack PLUS 내부 세미나

  21. Practical use – (2) TCP RESET attack PLUS 내부 세미나

  22. References • 1. Libnet reference manual • http://www.packetfactory.net/libnet/dist/deprecated/manual • 2. Building packets for dummies and others with libnet • http://www.security-labs.org/index.php3?page=libnet • 3. TCP/IP Illustrated, Volume1 by Stevens • 4. Slippling in the window : TCP Reset Attacks • http://www.frame4.com/php/printout2615.html PLUS 내부 세미나

More Related