Python Raw sockets and packets

orphansec

Member

Reaction score: 2
Messages: 24

Hey guys
I'm trying to create an arp(4) monitoring script with no luck.

Code:
    import socket,struct

    def recvRaw(sock):
          raw = ''
          while True:
              try:
                  raw = sock.recvfrom(65000)
              except timeout:
                     data = ''
              except Exception as e:
                      print 'err, ', e
              return raw[0]


    raw = socket.socket(socket.AF_INET,socket.SOCK_RAW,0)

    rawData = recvRaw(raw)
    ethData = struct.unpack('!6s6s2s',rawData[:14])
    arpData = struct.unpack('2s2s1s1s2s6',rawData[14:42])
    print arpData

The script above is giving me an unpacking error, but that's not why I've posted today. Could someone point me in the right direction for simple FreeBSD networking materials. I am trying to master raw socket on FreeBSD.

Am I allowed to create a socket like I did above, using 0 as a default for everything on the network tap?
I am trying to receive everything off of the NIC and monitor it for learning purposes(I'm second year Info Sec) The end goal is arp(4) spoofing and packet injection(On my own Home Lab, I'm Ethical)

I'm not sure where to even begin researching this, outside of man(1) pages and RFC docs, which Ive read and am left utterly confused kinda.
 
Last edited:

Kiiski

Active Member

Reaction score: 35
Messages: 110

If I understood correctly what you're trying to do, I would advice you to use dtrace script for it. Of course you might have a good reason to do it some other way...
 
Top