I'm playing with scapy. I'm trying to forge JUST PSH/ACK and ACK packets in sequence
I coded two tools: A which sends PSH/ACK packets and then sniffs the result ACK, writing the sequence in a file to use it later
The first two packets are perfect:
https://imgur.com/a/LZnwXdS
Is there any issue in how I handle the sequence number/ ack number?
This makes me crazy
I coded two tools: A which sends PSH/ACK packets and then sniffs the result ACK, writing the sequence in a file to use it later
..... bitack = random.randrange(1,656787969) bitseq = random.randrange(1,4294967295) if os.path.exists('test.txt'): with open('test.txt','r') as f: bitseq = int(f.read()) else: with open('test.txt','w') as f: f.write(str(bitseq)) ..... text = "Ok" TSval = int(time.time()) TSecr = TSval acker = IP(src="127.0.0.1",dst=destinazione"127.0.0.1")/TCP(sport=88,dport=8888, flags="PA", seq=bitseq, ack=bitack, options=[('Timestamp', (TSval, TSecr))])/text send(acker) ..... rx = sniff(filter="host 127.0.0.1 and src port 8888", iface="lo", count=1) seqcc = rx[0].getlayer(TCP).seq ackcc = rx[0].getlayer(TCP).ack with open('test.txt','w') as f: f.write(str(ackcc)) print("SEQFINALE=", ackcc)B: which sends ACK packets AFTER it sniffs a PSH/ACK packet from A. I know the ack packets contain text ( in this example the same ), but this is what I want
.... rx = sniff(filter="host 127.0.0.1 and dst port 8888", iface="lo", count=1) seqcc = rx[0].getlayer(TCP).seq print("seq:", seqcc) ackcc = rx[0].getlayer(TCP).ack print("ack:", ackcc) var = rx[0][Raw].load.decode(encoding='utf-8', errors='ignore') acker = IP(src="127.0.0.1",dst="127.0.0.1")/TCP(sport=8888,dport=88, flags="A", seq=ackcc, ack=seqcc + int(len(var)), options=[('Timestamp', (TSval, TSecr))])/var send(acker) .....Everything works fine expect that wireshark gives some warning and I don't understand why:
The first two packets are perfect:
https://imgur.com/a/LZnwXdS
Is there any issue in how I handle the sequence number/ ack number?
This makes me crazy