dongshenyu4638 2017-07-11 14:07
浏览 79

如何在不使用sudo的情况下发送自定义“ TCP”数据包-无需三路握手

I am trying to send a TCP (and later an ICMP) packet that does not use raw sockets, does not go through the three-way handshake, and does not use sudo. I have tried various methods in python's scapy module, and in python's socket module, without success.

I understand that without the three-way handshake, TCP isn't necessarily TCP - it is basically UDP, but I am testing various ways to exfiltrate data from a network, that may go undetected.

Basically this is the working UDP version, I need working ICMP and TCP versions that do not use a raw socket, and therefore do not require admin/root privileges.

A solution in GO or Python is preferable, ideally I need to run on MacOS, Linux, and (mainly) Windows.

UDP_IP = "127.0.0.1"
UDP_PORT = 5005
MESSAGE = "Data to exfiltrate"

sock = socket.socket(socket.AF_INET, # Internet
             socket.SOCK_DGRAM) # UDP
sock.sendto(MESSAGE, (UDP_IP, UDP_PORT))
  • 写回答

2条回答 默认 最新

  • dongwan5381 2017-07-11 16:06
    关注

    TCP is a connection-oriented protocol. In order to establish a TCP connection, you must perform a three-way handshake. The TCP module in you OS will not send data until a connection is established, and any device receiving a TCP segment for a non-existent connection will ignore it.

    TCP without the connection is not TCP, but neither is it UDP. TCP and UDP have different protocol headers. You will notice that the TCP header has more fields than the UDP header, and many of those fields will be populated by information from the handshake.

    RFC 793, Transmission Control Protocol:

    TCP Header Format

     0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Source Port          |       Destination Port        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Sequence Number                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Acknowledgment Number                      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Data |           |U|A|P|R|S|F|                               |
| Offset| Reserved  |R|C|S|S|Y|I|            Window             |
|       |           |G|K|H|T|N|N|                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Checksum            |         Urgent Pointer        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Options                    |    Padding    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                             data                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                        TCP Header Format

    RFC 768, User Datagram Protocol:

    Format

                  0      7 8     15 16    23 24    31
             +--------+--------+--------+--------+
             |     Source      |   Destination   |
             |      Port       |      Port       |
             +--------+--------+--------+--------+
             |                 |                 |
             |     Length      |    Checksum     |
             +--------+--------+--------+--------+
             |
             |          data octets ...
             +---------------- ...

                  User Datagram Header Format
    评论

报告相同问题?

悬赏问题

  • ¥60 求一个简单的网页(标签-安全|关键词-上传)
  • ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
  • ¥15 基于卷积神经网络的声纹识别
  • ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
  • ¥100 为什么这个恒流源电路不能恒流?
  • ¥15 有偿求跨组件数据流路径图
  • ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
  • ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
  • ¥15 一直显示正在等待HID—ISP
  • ¥15 Python turtle 画图