SendIP makes it possible to prepare and send network packets using the NTP, BGP, RIP, RIPng, TCP, UDP and ICMP protocols, as well as raw IPv4 and IPv6 packets with user-supplied parameters and arbitrary data.

SendIP makes it possible to prepare and send network packets using the NTP, BGP, RIP, RIPng, TCP, UDP and ICMP protocols, as well as raw IPv4 and IPv6 packets with user-supplied parameters and arbitrary data.

Quickstart: Imagine you're conducting a training session and you need to demonstrate how an operating system reacts to an unusual network packet, but you don't want to waste time writing a custom application. Let's see how SendIP could be used to send an RST packet to port 22 of a host with an IP address of 10.10.10.57.

The basic SendIP syntax is:

# sendip 10.10.10.57

The above command would cause an empty packet to be sent to host 10.10.10.57, without headers or data. However, the program doesn't allow empty packets to be sent, so the command wouldn't actually work.

Adding headers (and possibly data) requires additional program options. Our RST packet should consist of:

• an IP header (with the necessary information, such as source address, target address etc.),

• a TCP header (with the necessary information and the RST flag set).

We won't need to include any data in this packet.

To add a header to the packet, use the option -p <header_name>. A list of available header types and names can be obtained by running man sendip and looking up Modules available at compile time. We need an IPv4 header, so we will specify the option -p ipv4.

The prepared packet will have all its header fields set to default values. To change the field values, we will need some more command-line options (run man sendip and look up Arguments for module ./ipv4.so). Browsing through the options list, we see that the source IP field is by default set to 127.0.0.1. We want our real address to appear the packet, so we need to add the following option: -is 10.10.10.62.

After the IP header is in place, we need to append a TCP header. This is done using the same switch, so we add the option -p tcp. We also want to set some header fields. The option to set the RST flag is -tfr 1, while the target port can be set to 22 using -td 22.

And that's it - just hit [Enter] to send the complete packet:

# sendip -p ipv4 -p tcp -is 10.10.10.62 -id 10.10.10.57 \

-td 22 -tfr 1 10.10.10.57

To check if the packet looks as it should and whether it was replied to, run a sniffer (tcpdump, Ethereal, Netwox or other) on the target host prior to sending the packet.

Note! The order of the options does matter! If you swap the -p ipv4 and -p tcp options, you will create a packet with the TCP header preceding the IP header.

Disadvantages: SendIP command line syntax is pretty complicated, so crafting packets is somewhat error-prone.

 

Figure 1. Subsequent command-line options cause corresponding elements to be added to the final packet

 

sum:

0 €