send_arp | Poison victim 's ARP table | Hacking library
kandi X-RAY | send_arp Summary
kandi X-RAY | send_arp Summary
Poison victim's ARP table
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of send_arp
send_arp Key Features
send_arp Examples and Code Snippets
Community Discussions
Trending Discussions on send_arp
QUESTION
The following program uses a PF_PACKET
socket to send a TCP SYN
packet to web server read from a file which is a list of web server IPv4 addresses - one address per line. The code is quite long because it takes a lot of code to obtain the gateway router MAC and IP address necessary for filling in the ethernet and IP headers. The good news is you can just skip all the functions in the preamble and just go to main which is where the problem is.
My program works perfectly for the first iteration of the while loop in main. Here is the output:
...ANSWER
Answered 2022-Jan-11 at 23:42If you are going to use PACKET_TX_RING
, then you must play by its rules: that means you can't use the same buffer spot over and over: you must advance to the next buffer location within the ring buffer: build the first packet in slot 0, the second in slot 1, etc. (wrapping when you get to the end of the buffer).
But you're building every packet in slot 0 (i.e. at ps_header_start
) but after sending the first packet, the kernel is expecting the next frame in the subsequent slot. It will never find the (second) packet you created in slot 0 until it has processed all the other slots. But it's looking at slot 1 and seeing that the tp_status
in that slot hasn't been set to TP_STATUS_SEND_REQUEST
yet so... nothing to do.
Note that your sendto
call is not providing a buffer address to the kernel. That's because the kernel knows where the next packet will come from, it must be in the next slot in the ring buffer following the one you just sent.
This is why I suggested in your other question that you not use PACKET_TX_RING
unless you really need it: it's more complicated to do correctly. It's much easier to just create your frame in a static buffer and call sendto(fd, buffer_address, buffer_len, ...)
. And if you are going to call sendto
for each created frame, there is literally no advantage to using PACKET_TX_RING
anyway.
QUESTION
I have a program which uses PF_PACKET
raw sockets to send TCP SYN
packets to a list of web servers. The program reads in a file which has an IPv4 address on each line of a web server. The program is the beginnings of an attempt to connect to multiple servers in a high performance manner. However, currently the program is only sending about 10 packets/second. This despite the program using non blocking socket. It should be running orders of magnitude faster. Any ideas why it could be running so slowly.
I include a full code listing below. Warning - the code is quite long. That's because it takes a surprisingly large amount of code to get the IP and MAC address of the gateway router. The good news is you can skip all the functions before main because they just do the necessary work of getting the IP and MAC address of the router as well as the local IP address. Anyway, here's the code:
...ANSWER
Answered 2022-Jan-11 at 20:59If I follow the code correctly, you're redoing a ton of work for every IP address that doesn't need to be redone. Every time through the main loop you're:
- creating a new packet socket
- binding it
- setting up a tx packet ring buffer
- mmap'ing it
- sending a single packet
- unmapping
- closing the socket
That's a huge amount of work you're causing the system to do for one packet.
You should only create one packet socket at the beginning, set up the tx buffer and mmap once, and leave it open until the program is done. You can send any number of packets through the interface without closing/re-opening.
This is why your top time users are setsockopt
, mmap
, unmap
, etc. All of those operations are heavy in the kernel.
Also, the point of PACKET_TX_RING
is that you can set up a large buffer and create one packet after another within the buffer without making a send
system call for each packet. By using the packet header's tp_status
field you're telling the kernel that this frame is ready to be sent. You then advance your pointer within the ring buffer to the next available slot and build another packet. When you have no more packets to build (or you've filled the available space in the buffer [i.e. wrapped around to your oldest still-in-flight frame]), you can then make one send/sendto
call to tell the kernel to go look at your buffer and (start) sending all those packets.
You can then start building more packets (being careful to ensure they are not still in use by the kernel -- through the tp_status
field).
That said, if this were a project I were doing, I would simplify a lot - at least for the first pass: create a packet socket, bind it to the interface, build packets one at a time, and use send
once per frame (i.e. not bothering with PACKET_TX_RING
). If (and only if) performance requirements are so tight that it needs to send faster would I bother setting up and using the ring buffer. I doubt you'll need that. This should go a ton faster without the excess setsockopt
and mmap
calls.
Finally, a non-blocking socket is only useful if you have something else to do while you're waiting. In this case, if you have the socket set to be non-blocking and the packet can't be sent because the call would block, the send
call will fail and if you don't do something about that (enqueue the packet somewhere, and retry later, say), the packet will be lost. In this program, I can't see any benefit whatsoever to using a non-blocking socket. If the socket blocks, it's because the device transmit queue is full. After that, there's no point in you continuing to produce packets to be sent, you won't be able send those packets either. Much simpler to just block at that point until the queue drains.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install send_arp
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page