small tips.
Here is how to storm UDP broadcast with Python.
# tail -1 /etc/lsb-release ;uname -ri
DISTRIB_DESCRIPTION="Ubuntu 12.04.3 LTS"
3.5.0-41-generic x86_64
# python --version
Python 2.7.3
|
Python script.
# cat UDP_broadcast_storm.py
#!/usr/bin/env python
from socket import *
# create an UDP socket
s = socket(AF_INET, SOCK_DGRAM)
# bind the socket to localhost Src Port 54321
s.bind(('',54321))
# allow you to reuse the socket whici is stuck in TIME_WAIT
s.setsockopt(SOL_SOCKET, SO_REUSEADDR, 1)
# set broadcast
s.setsockopt(SOL_SOCKET, SO_BROADCAST, 1)
# send UDP broadcast packets. Dst Port 12345
while 1:
s.sendto('this is only a test',('255.255.255.255',12345))
|
capture UDP 12345 port.
# tshark -i eth0 udp port 12345 -w a.pcap
|
send UDP broadcast packets
# ./UDP_broadcast_storm.py
|
confirm broadcast packets are sent.
# tshark -r a.pcap -R '(frame.number==1)' -V -n
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:45: dofile has been disabled
Running as user "root" and group "root". This could be dangerous.
Frame 1: 61 bytes on wire (488 bits), 61 bytes captured (488 bits)
Arrival Time: Oct 18, 2013 02:03:04.996780000 JST
Epoch Time: 1382029384.996780000 seconds
[Time delta from previous captured frame: 0.000000000 seconds]
[Time delta from previous displayed frame: 0.000000000 seconds]
[Time since reference or first frame: 0.000000000 seconds]
Frame Number: 1
Frame Length: 61 bytes (488 bits)
Capture Length: 61 bytes (488 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:udp:data]
Ethernet II, Src: 08:00:27:27:c5:f1 (08:00:27:27:c5:f1), Dst: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
Address: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
Source: 08:00:27:27:c5:f1 (08:00:27:27:c5:f1)
Address: 08:00:27:27:c5:f1 (08:00:27:27:c5:f1)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.11.20 (192.168.11.20), Dst: 255.255.255.255 (255.255.255.255)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 47
Identification: 0x0000 (0)
Flags: 0x02 (Don't Fragment)
0... .... = Reserved bit: Not set
.1.. .... = Don't fragment: Set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x6f02 [correct]
[Good: True]
[Bad: False]
Source: 192.168.11.20 (192.168.11.20)
Destination: 255.255.255.255 (255.255.255.255)
User Datagram Protocol, Src Port: 54321 (54321), Dst Port: 12345 (12345)
Source port: 54321 (54321)
Destination port: 12345 (12345)
Length: 27
Checksum: 0xc7fa [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Data (19 bytes)
0000 74 68 69 73 20 69 73 20 6f 6e 6c 79 20 61 20 74 this is only a t
0010 65 73 74 est
Data: 74686973206973206f6e6c7920612074657374
[Length: 19]
#
|
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.