Scapy Raw Sockets

Question

I try to implement 3-way-hadnshake with a raw socket in Python and using Scapy.

The code is:

s=socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.IPPROTO_TCP)
ss=StreamSocket(s)
iph=IPheader()
syn = TCP(sport=TCP_SOURCE_PORT,dport=TCP_DESTINATION_PORT, flags="S")
synack = ss.sr1(iph/syn)
myack = iph/TCP(dport=synack[TCP].sport, sport=synack[TCP].dport, seq=synack[TCP].ack, ack=synack[TCP].seq+1, flags="A")
ss.send(myack)

IPheader() method return a scapy IP header.

When running the script i get this error:

ERROR: --- Error in child 3057
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 89, in sndrcv
pks.send(p)
File "/usr/lib/python2.7/dist-packages/scapy/supersocket.py", line 34, in send
return self.outs.send(sx)
error: [Errno 6] No such device or address

Answer 1

I see a couple of possible problems with your code:

• before invoking StreamSocket() you need to establish a connection with a regular socket. So you need to make a connection, something like s.connect(("10.1.1.1",9000)) before the line ss=StreamSocket(s). Further information can be found here

• You may need to correct base socket type. I would suggest something like s=socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_TCP). For further information check this

Answer 2

The device is not responding to your SYN packet because a RAW socket does not do that. You have to send the SYN-ACK manually. Also, Wireshark and TCP show sequence numbers as RELATIVE. In order to show the ACTUAL number you must turn this option off. Thirdly, you can set the sequence number manually or randomize it using

TCP(sport = port1, dport = port2, flags="A", seq = random.getrandbits(32), ack = MY_ACK)

or

TCP(sport = port1, dport = port2, flags="A", seq = 01395, ack = MY_ACK)