Login/Register
How to make Netcat display Payload of packet
Asked Answered
Solved pythonscapynetcat
F

1

3

I don't know if this is possible but I am wondering?

I am doing some internal pentesting and using Scapy and Netcat, and I created a TCP packet with the payload "testing". I want to get the payload content piped into Netcat's listening port, using this example code:

test = IP(src="192.168.4.134")/TCP(dport=1234)/"testing"
send(test)

but all that ever prints is:

.
Sent 1 packets

Which is what Scapy spits out after its sent the packet. I've been trying to figure out what I need to use in my code to show this. I know Netcat used stdin and stdout, but I don't properly know how to code in Python yet, I'm just practising!

Can anyone help? Regards,

Frady answered 21/8, 2012 at 20:46 Comment(5)
Run nc -l -p 1234 on the dst machine... Which doesn't look like you've set in your Scapy IP object.Folia
Hi mate, I should have said I have run nc -l -p 1234 on the dst machine. You can't set the destination port in the IP header (object), only in the TCP/UDP layerFrady
you set the dst machine (ip) address in the IP layer. dst=123.123.123.123Folia
Bah! Jeez yeah I know what you mean now. Anyway I did change it, but no response from Netcat at all. TCPDUMP did display information though. HmmmFrady
iptables? libpcap will see data even if dropped by a kernel traffic filter.Folia
F
3

TCP is session based. Machines that want to communicate, must first synchronize (setup a session) with one another.

This process is whats called a 3-way-handshake using the steps: SYN, SYN-ACK, ACK.

1.) Machine A ====SYN====> Machine B (Machines A, running scapy, tries to synch with B, running netcat)
2.) Machine B ==SYN-ACK==> Machine A (Machine B ACKs and SYNs with Machine A)
3.) Machine A ====ACK====> Machine B (Machine A ACKs the SYN-ACK from Machine B)

The machines now have a session (connection) and can send data to one another.

Running netcat on a listening machine and trying to send it a single packet from scapy fails because your machine (A) fails to sync with machine (B) running netcat.

IP 10.22.4.45.20 > 10.1.2.3:1234: Flags [S], seq 0:7, win 8192, length 7
IP 10.1.2.3:1234 > 10.22.4.45:20: Flags [S.], seq 2668993358, ack 1, win 14600, options [mss 1460], length 0
IP 10.22.4.45:20 > 10.1.2.3:1234: Flags [R], seq 1, win 0, length 0

As you can see, machine B (netcat) tries to syn-ack with your machine, but since you just sent it a single packet and aren't listening for the returning SYN-ACK, your machine generates a RST (Reset) and the attempted connection is shutdown before the 3-way-handshake was completed.

There are two options. Either use UDP which is connectionless and doesn't require this connection setup, or do a complete TCP handshake. Scapy has a few ways to help you manage the TCP session creation should you choose the latter: http://trac.secdev.org/scapy/wiki/TCP

Folia answered 22/8, 2012 at 20:8 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.