search

mfontanini / libtins

High-level, multiplatform C++ network packet sniffing and crafting library.
http://libtins.github.io/
BSD 2-Clause "Simplified" License
1.91k stars 377 forks source link

Traceroute example not working on OS X #42

Closed diogomonica closed 9 years ago

diogomonica commented 9 years ago

I'm on a Macbook Pro running 10.9.5, connected to a wireless network and trying to sniff from en0.

Compiling the latest version from github (master): $ g++ traceroute.cpp -o traceroute -O3 -std=c++11 -lpthread -ltins

Running with any IPs:

$ ./traceroute 10.0.1.1
libc++abi.dylib: terminating
Abort trap: 6

It seems that the error is spewed out on this line:

sender.send(ip);

Which is strange because I can get the simple a simple packet sending program to work:

using namespace Tins;
int main() {
    NetworkInterface iface = NetworkInterface::default_interface();
    NetworkInterface::Info info = iface.addresses();
    EthernetII eth("77:22:33:11:ad:ad", info.hw_addr);
    eth /= IP("192.168.0.1", info.ip_addr);
    eth /= TCP(13, 15);
    eth /= RawPDU("I'm a payload!");
    PacketSender sender;
    sender.send(eth, iface);
}

The main difference from both these programs seems to be the call to send receiving the extra "iface" argument. However, since we are sending L3 packets, we shouldn't need it.

mfontanini commented 9 years ago

You need to run it as root. Have you tried that? On Oct 31, 2014 7:15 PM, "Diogo Mónica" notifications@github.com wrote:

Im on a Macbook Pro running 10.9.5.

Compiling the latest version from github (master): $ g++ traceroute.cpp -o traceroute -O3 -std=c++11 -lpthread -ltins Running with any IPs: $ ./traceroute 10.0.1.1 libc++abi.dylib: terminating Abort trap: 6

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42.

diogomonica commented 9 years ago

I haven't tried that, but if I've been able run the example above that also creates a packet from scratch without root privileges, why would trac route require it?! Is it because we changing the TTL field?! On Fri, Oct 31, 2014 at 8:34 PM Matias Fontanini notifications@github.com wrote:

You need to run it as root. Have you tried that? On Oct 31, 2014 7:15 PM, "Diogo Mónica" notifications@github.com wrote:

Im on a Macbook Pro running 10.9.5.

Compiling the latest version from github (master): $ g++ traceroute.cpp -o traceroute -O3 -std=c++11 -lpthread -ltins Running with any IPs: $ ./traceroute 10.0.1.1 libc++abi.dylib: terminating Abort trap: 6

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42.

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42#issuecomment-61355692.

mfontanini commented 9 years ago

You need root to send an receive raw packets. Just like you implicitly need root to run ping or traceroute (implicitly because they're both SUID binaries). On Oct 31, 2014 8:37 PM, "Diogo Mónica" notifications@github.com wrote:

I haven't tried that, but if I've been able run the example above that also creates a packet from scratch without root privileges, why would trac route require it?! Is it because we changing the TTL field?! On Fri, Oct 31, 2014 at 8:34 PM Matias Fontanini notifications@github.com

wrote:

You need to run it as root. Have you tried that? On Oct 31, 2014 7:15 PM, "Diogo Mónica" notifications@github.com wrote:

Im on a Macbook Pro running 10.9.5.

Compiling the latest version from github (master): $ g++ traceroute.cpp -o traceroute -O3 -std=c++11 -lpthread -ltins Running with any IPs: $ ./traceroute 10.0.1.1 libc++abi.dylib: terminating Abort trap: 6

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42.

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42#issuecomment-61355692.

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42#issuecomment-61356919.

diogomonica commented 9 years ago

Traceroute does work with sudo, sorry for not checking that first.

I guess my question still maintains though, why can I run this program without root:

using namespace Tins;
int main() {
    NetworkInterface iface = NetworkInterface::default_interface();
    NetworkInterface::Info info = iface.addresses();
    EthernetII eth("77:22:33:11:ad:ad", info.hw_addr);
    eth /= IP("192.168.0.1", info.ip_addr);
    eth /= TCP(13, 15);
    eth /= RawPDU("I'm a payload!");
    PacketSender sender;
    sender.send(eth, iface);
}

Isn't this a raw packet too?

einarjon commented 9 years ago

Hi

I'm no expert and I haven't used PacketSender, but the raw packet is wrapped into an IP/TCP header, so it is no longer a raw packet - it's just a payload.

Cheers Einar Jón

On 2 November 2014 00:33, Diogo Mónica notifications@github.com wrote:

Traceroute does work with sudo, sorry for not checking that first.

I guess my question still maintains:

Why can I run this program without root:

using namespace Tins; int main() { NetworkInterface iface = NetworkInterface::default_interface(); NetworkInterface::Info info = iface.addresses(); EthernetII eth("77:22:33:11:ad:ad", info.hw_addr); eth /= IP("192.168.0.1", info.ip_addr); eth /= TCP(13, 15); eth /= RawPDU("I'm a payload!"); PacketSender sender; sender.send(eth, iface); }

Isn't this a raw packet too?

— Reply to this email directly or view it on GitHub https://github.com/mfontanini/libtins/issues/42#issuecomment-61387819.

Regards Einar Jón +36 30 31 43 665

mfontanini commented 9 years ago

I've just tested that and I'm surprised that it works. I'm not very used to OSX, so I don't really know which permissions you would need to do this, but you shouldn't be able to use it without root. That won't work on Linux for sure.

diogomonica commented 9 years ago

Agreed, that is exactly what threw me off. Thank you Matias.