Assignment 4: Forging Packets
Assignment
Goals:
In this assignment, the goal is to forge IP/TCP/UDP/DNS packets.
Description:
You will need to generate a number of forged packets, as
described below. For every Step, send at least 10 identical packets
at a frequency of no more than one packet every 5 minutes. For
example, for Step 1 you would send 10 IP packets, one every 5
minutes (the "distance" between packets can be more than 5 minutes,
but not less!).
Notice that every time you send a packet to 172.17.152.61,
you will receive an IP packet in response that contains the
following message in the payload: "Received Packet from YOUR_VM_IP."
Step 1: Generate a forged IP packet for which the
Destination IP is 172.17.152.61 and the Source IP is
10.0.0.YOUR_VM_NUMBER. For example, if your VM is vm58, the Source
IP must be 10.0.0.58. The "raw" payload of the IP packet must
contain your name (e.g., my payload would contain "Roberto
Perdisci"). Also, the TTL in the IP header must be set to 100
hops, and the Protocol field (i.e., the next level protocol) needs
to be set to 254.
Step 2: Similar to Step1, generate a TCP ACK packet for
which the Destination IP is 172.17.152.61, the
Source IP is 10.0.0.YOUR_VM_NUMBER and the IP
TTL is 100. The ACK flag must be the only flag that is turned on
in the TCP header. The Destination port must be 80, and the Srouce
Port must be YOUR_VM_NUMBER. The ACK packet
must include a TCP payload containing your name (similar to
Step1).
Step 3: Generate a forged DNS response (over UDP), with the
following parameters:
Destination
IP = 172.17.152.61
Source IP
= 10.0.0.YOUR_VM_NUMBER
Destination Port = 53
Source Port = YOUR_VM_NUMBER
DNS TXID = 12345
Authoritative
Answer Flag ON
Question Section = www.example.com
Answer Section =
www.example.com resolves to YOUR_VM_IP
TTL is 86400 seconds
No Authority or Additional Sections
Step
4: Generate a forged DNS response (over
UDP), with the following parameters:
Destination IP = 172.17.152.61
Source IP
= 10.0.0.YOUR_VM_NUMBER
Destination Port = 53
Source Port = YOUR_VM_NUMBER
DNS TXID =
12345
Authoritative Answer Flag OFF
Question Section = xyz.example.com IN A
No Answer Section
Authority Section
domains under example.com can be
resolved by www.example.com
Additional Section (glue records)
www.example.com maps to YOUR_VM_IP
Hints:
Though you could use any programming language, I highly encourage
you to complete this assignment using Scapy.
You can install Scapy on your VM by installing the python-scapy
package.
Grading:
This Assignment is worth 10 points:
Step1: 2 points
Step2: 2 points
Step3: 3 points
Step4: 3 points
Solution Submission::
1) Submit your code (e.g., sequence of Scapy commands, or Python
script that uses the Scapy library) to nike as usual. Submit one
separate file per step.
File name format: YOUUSERNAME_stepX