Custom Packets

[Ari Brown]

Hey all,
So if packets are just streams of bytes sent out to a device....

Why is crafting custom packets so hard? Couldn't you just formulate a
string of the information, and then send it to the device?

From the Curiously strong mint,
Ari
--------------------------------------------|
If you're not living on the edge,
then you're just wasting space.

 

[Bill Kelly]

So if packets are just streams of bytes sent out to a device....

Why is crafting custom packets so hard? Couldn't you just formulate a
string of the information, and then send it to the device?

Hi,

What is this in reference to? Or what is the context?

If you use UDP instead of TCP, you are in effect crafting
your own custom packets. That isn't in itself difficult,
but such packets are not guaranteed to be delivered (and/or
may be delivered multiple times.)

So the tricky part in dealing with "custom packets" usually
centers around what steps you take to ensure reliable and
sequential receipt of the data on the remote end. (If you
care about reliable and sequential delivery, that is.)

Do you have a particular application in mind?


Regards,

Bill

 

[Ari Brown]

What is this in reference to? Or what is the context?

I just don't want to have to install a bunch of libraries on a bunch
of different computers to craft packets. Just looking for a simple In-
Ruby method of doing custom packets.

Do you have a particular application in mind?

No, not really. Just basic usage.
~ Ari
English is like a pseudo-random number generator - there are a
bajillion rules to it, but nobody cares.

 

[Bill Kelly]

I just don't want to have to install a bunch of libraries on a bunch
of different computers to craft packets. Just looking for a simple In-
Ruby method of doing custom packets.



No, not really. Just basic usage.

Alright. Well I was asking for specifics because your answer
would dictate which approach I would recommend.

For now I will take you literally when you say you want to do
"custom packets".

For that, you'd generally use the UDP transport layer.

http://en.wikipedia.org/wiki/Transport_layer
http://en.wikipedia.org/wiki/TCP/IP_reference_model


Here is a ruby example using UDP to create a custom packet, and
query the status of a public Quake II server:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#!/bin/env ruby

require 'socket'

abort "Usage: server_addr, server_port, cmd_str" unless ARGV.length == 3

UDP_RECV_TIMEOUT = 3 # seconds

def q2cmd(server_addr, server_port, cmd_str)
resp, sock = nil, nil
begin
cmd = "\377\377\377\377#{cmd_str}\0"
sock = UDPSocket.open
sock.send(cmd, 0, server_addr, server_port)
resp = if select([sock], nil, nil, UDP_RECV_TIMEOUT)
sock.recvfrom(65536)
end
if resp
resp[0] = resp[0][4..-1] # trim leading 0xffffffff
end
rescue IOError, SystemCallError
ensure
sock.close if sock
end
resp ? resp[0] : nil
end

server, port, cmd = *ARGV
result = q2cmd(server, port, cmd)
puts result

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

$ ruby q2cmd.rb tastyspleen.net 27912 status
print
\Q2Admin\1.17.44-tsmod-2\mapname\outpost\anticheat\1\maxspectators\5\gamedate\
May 24 2007\gamename\baseq2\INFO2\NO BOTS, HACKS, CHETS PLEASE\INFO1\
All Skill Levels Welcome\cheats\0\timelimit\20\fraglimit\30\dmflags\16404\
deathmatch\1\version\R1Q2 b7260 i386 Feb 6 2007 Linux\
hostname\tastyspleen.net::vanilla\maxclients\32
0 10 "WallFly[BZZZ]"
18 61 "PeterCottontail"
7 131 "Jago"
0 84 "Turbojugend"
0 22 "crusty"
13 129 "Pnshr"
8 45 "Scratch"
19 61 "Thief"
4 223 "Javier"
0 0 "ScrotBag_Nut"
0 44 "_DrinA_AK-47_"
10 60 "Fore[SIR]"
22 56 "ANALGASSES{KEA}"
16 205 "{TNP}Dukie"
5 146 "Hacho"
10 75 "M^leSkinner BS"
0 133 "M][M Prototype"
8 64 "gro~~ovy"
4 129 "St George"
7 76 "Windows Vista"


Note: If you use UDP, you will need to understand that the packets
you send may or may not arrive at the remote end. Specifically,
they may arrive:

- not at all
- multiple times (duplicates)
- out of sequence


Does this sound like what you were looking for? Or did you have
something else in mind?


Regards,

Bill

 

[Ari Brown]

Does this sound like what you were looking for? Or did you have
something else in mind?

You are a god among mortals. Thank you!

Quick two questions:
- Can UDP packets be used to emulate basic IP or TCP packets?
- Is there a (slightly) easier way to do it, or should I just start
writing a wrapper?

Ari
--------------------------------------------|
If you're not living on the edge,
then you're just wasting space.

 

[Peña, Botp]

From: Ari Brown [mailto:[email protected]]=20
# - Is there a (slightly) easier way to do it, or should I just start =20
# writing a wrapper?

you might want to take a peek at EventMachine..
kind regards -botp

 

[Bill Kelly]

- Can UDP packets be used to emulate basic IP or TCP packets?

Not exactly. UDP is a transport layer protocol, at the same
level as TCP. You could emulate the *behavior* of TCP in UDP,
by writing your own streaming protocol on top of UDP.

If you really want to manually construct your own IP packets,
it's possible to use raw sockets.

The IPPROTO_ constants ruby knows about are:

=> ["IPPROTO_GGP", "IPPROTO_ICMP", "IPPROTO_IDP", "IPPROTO_IGMP",
"IPPROTO_IP", "IPPROTO_MAX", "IPPROTO_ND", "IPPROTO_PUP", "IPPROTO_RAW",
"IPPROTO_TCP", "IPPROTO_UDP"]

For example, this would be creating an ICMP packet:

sock = Socket.new(Socket:F_INET, Socket::SOCK_RAW, Socket::IPPROTO_ICMP)

To see an example using ICMP packets, gem install net-ping, and look at:
lib/net/ping/icmp.rb.

You could similarly create your own TCP packet:

sock = Socket.new(Socket:F_INET, Socket::SOCK_RAW, Socket::IPPROTO_TCP)

...constructing the data for a TCP packet properly, I'll leave
to you. (Note: On some operating systems, I think you may
need admin privileges to use RAW sockets.)

From: Ari Brown [mailto:[email protected]]
# - Is there a (slightly) easier way to do it, or should I just start
# writing a wrapper?

you might want to take a peek at EventMachine..

I'd second that recommendataion! (Although, if Ari is really
wanting to do raw sockets, EventMachine doesn't support that.)


Regards,

Bill

 

[Phlip]

Quick two questions:
- Can UDP packets be used to emulate basic IP or TCP packets?

TCP is (roughly) a layer on UDP. UDP is like a barnacle spawning, sending
thousands of tiny eggs into the currents, so that most can be eaten. TCP is
like a bird sitting on a very few large eggs in a nest, and taking care of
them until they reach adulthood.

You can invent TCP by adding tickets and acknowledgements on UDP. Each
datagram goes out with a relatively unique ticket number, the receiver sends
back a UDP with the ticket and an ACK, and the sender resends the
unacknowledged tickets.

- Is there a (slightly) easier way to do it, or should I just start
writing a wrapper?

I didn't read the whole thread but what is your actual problem? Inventing
network layer protocols in Ruby is not going to be pretty...

 

[Ari Brown]

I didn't read the whole thread but what is your actual problem?
Inventing network layer protocols in Ruby is not going to be pretty...

Heh, No, I don't want to invent a network protocol however awesome
that would be. Reimplement all of my computer's current protocols in
ruby? That would be amazing.

No, I'm just trying to replace Rubyforger (notice the extra r) and
pcap with a truly native library.

Well, thanks for the help everyone!

~ Ari
English is like a pseudo-random number generator - there are a
bajillion rules to it, but nobody cares.

 

[Dido Sevilla]

T24gOS8xMC8wNywgQmlsbCBLZWxseSA8YmlsbGtAY3RzLmNvbT4gd3JvdGU6Cj4gLi4uY29uc3Ry
dWN0aW5nIHRoZSBkYXRhIGZvciBhIFRDUCBwYWNrZXQgcHJvcGVybHksIEknbGwgbGVhdmUKPiB0
byB5b3UuICA6LSkgIChOb3RlOiBPbiBzb21lIG9wZXJhdGluZyBzeXN0ZW1zLCBJIHRoaW5rIHlv
dSBtYXkKPiBuZWVkIGFkbWluIHByaXZpbGVnZXMgdG8gdXNlIFJBVyBzb2NrZXRzLikKCllvdSBu
ZWVkIHRvIGJlIHJvb3Qgb24gVW5peC9MaW51eCBzeXN0ZW1zIHRvIGJlIGFibGUgdG8gdXNlIHJh
dwpzb2NrZXRzLiAgT24gV2luZG93cyBYUCBTUDIgcmF3IHNvY2tldHMgYXJlIGxpbWl0ZWQgZm9y
IHNlY3VyaXR5CnJlYXNvbnMsIGV2ZW4gd2l0aCBhZG1pbmlzdHJhdG9yIHByaXZpbGVnZToKCmh0
dHA6Ly90ZWNobmV0Lm1pY3Jvc29mdC5jb20vZW4tdXMvbGlicmFyeS9iYjQ1NzE1Ni5hc3B4Cgot
LSAK5pmu6YCa44GY44KD44Gq44GE44Gu44GM5b2T54S244Gq44KJ562U44GI44KL56eB44Gv5L2V
44GM44Gn44GN44KL77yfCuaZrumAmuOBp+OCguaZrumAmuOBmOOCg+OBquOBj+OBpuaEn+OBmOOC
i+OBvuOBvuaEn+OBmOOCi+OBk+OBqOOBoOOBkeOCkuOBmeOCi+OCiO+8gQpodHRwOi8vc3Rvcm13
eXJtLmJsb2dzcG90LmNvbQo=

 

[Eleanor McHugh]

Heh, No, I don't want to invent a network protocol however awesome
that would be. Reimplement all of my computer's current protocols
in ruby? That would be amazing.

No, I'm just trying to replace Rubyforger (notice the extra r) and
pcap with a truly native library.

Well, thanks for the help everyone!

You might be interested in some of the code in my RailsConf Europe
presentation on DNS and network programming (http://slides.games-with-
brains.net/) although it's mostly focused on doing custom encrypted
network messaging there are some ideas in the UDP client/server
examples that might give you a good starting point. Incidentally if
you want to do reliable transmission with UDP take a look at the RUDP
protocol spec as that has lower overhead than TCP and is easily
implemented.


Ellie

Being and Doing are merely useful abstractions for the 'time'-
dependent asymmetries of phase space.