search

phaethon / kamene

Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
GNU General Public License v2.0
867 stars 192 forks source link

srp1 not capturing response #149

Open ghost opened 7 years ago

ghost commented 7 years ago

Team,

I am unable to get srp/srp1 to capture the response of the below packet.

p = Ether(dst='ff:ff:ff:ff:ff:ff')/IP(src='1.1.1.1', dst='255.255.255.255')/UDP(sport=53222, dport=2010)/Raw(load=b'{"stuff"}') ans = srp1(p,iface='Bond1')

I can sniff the packets and see the response packet

Packet sent:

[ Ethernet ]

dst= ff:ff:ff:ff:ff:ff src= 11:11:11:11:11:11 type= 0x800

[ IP ]

 version= 4
 ihl= 5
 tos= 0x0
 len= 76
 id= 1
 flags= 
 frag= 0
 ttl= 64
 proto= udp
 chksum= 0xd81e
 src= 1.1.1.1
 dst= 255.255.255.255
 \options\

[ UDP ]

    sport= 53222
    dport= 2010
    len= 56
    chksum= 0x8e04

[ Raw ]

       load= '{"stuff"}'

Packet response:

[ Ethernet ]

dst= 11:11:11:11:11:11 src= 22:22:22:22:22:22 type= 0x800

[ IP ]

 version= 4
 ihl= 5
 tos= 0x0
 len= 207
 id= 0
 flags= DF
 frag= 0
 ttl= 64
 proto= udp
 chksum= 0xf507
 src= 2.2.2.2
 dst= 1.1.1.1
 \options\

[ UDP ]

    sport= 2010
    dport= 53222
    len= 187
    chksum= 0xc61e

[ Raw ]

       load= '{"stuff response"}'

I assume i am doing something wrong as i do not have issues with srp1 using other protocols. Note I changes ip mac and load info but it is being generated correctly. Anything helps!

ghost commented 7 years ago

I have determined that if I set the IP dst to a known address the response stimuli are correctly matched. However, I still need to figure out how to get srp1 to catch the response when using broadcast in the IP layer. Any help would be great.