CSCIx250-F15 Assignment 4

Assignment 4: Forging Packets

Assignment Goals:
In this assignment, the goal is to forge IP/TCP/UDP/DNS packets.

Description:
You will need to generate a number of forged packets, as described below. For every Step, send at least 10 identical packets at a frequency of no more than one packet every 5 minutes. For example, for Step 1 you would send 10 IP packets, one every 5 minutes (the "distance" between packets can be more than 5 minutes, but not less!).

Notice that every time you send a packet to 172.17.152.61, you will receive an IP packet in response that contains the following message in the payload: "Received Packet from YOUR_VM_IP."

Step 1: Generate a forged IP packet for which the Destination IP is 172.17.152.61 and the Source IP is 10.0.0.YOUR_VM_NUMBER. For example, if your VM is vm58, the Source IP must be 10.0.0.58. The "raw" payload of the IP packet must contain your name (e.g., my payload would contain "Roberto Perdisci"). Also, the TTL in the IP header must be set to 100 hops, and the Protocol field (i.e., the next level protocol) needs to be set to 254.

Step 2: Similar to Step1, generate a TCP ACK packet for which the Destination IP is 172.17.152.61, the Source IP is 10.0.0.YOUR_VM_NUMBER and the IP TTL is 100. The ACK flag must be the only flag that is turned on in the TCP header. The Destination port must be 80, and the Srouce Port must be YOUR_VM_NUMBER. The ACK packet must include a TCP payload containing your name (similar to Step1).

Step 3: Generate a forged DNS response (over UDP), with the following parameters:

Destination IP = 172.17.152.61
Source IP = 10.0.0.YOUR_VM_NUMBER
Destination Port = 53
Source Port = YOUR_VM_NUMBER
DNS TXID = 12345
Authoritative Answer Flag ON
Question Section = www.example.com
Answer Section =
www.example.com resolves to YOUR_VM_IP
TTL is 86400 seconds
No Authority or Additional Sections

Step 4: Generate a forged DNS response (over UDP), with the following parameters:

Destination IP = 172.17.152.61
Source IP = 10.0.0.YOUR_VM_NUMBER
Destination Port = 53
Source Port = YOUR_VM_NUMBER
DNS TXID = 12345
Authoritative Answer Flag OFF
Question Section = xyz.example.com IN A
No Answer Section
Authority Section
domains under example.com can be resolved by www.example.com
Additional Section (glue records)
www.example.com maps to YOUR_VM_IP

Hints:
Though you could use any programming language, I highly encourage you to complete this assignment using Scapy.
You can install Scapy on your VM by installing the python-scapy package.

Grading:
This Assignment is worth 10 points:

Step1: 2 points
Step2: 2 points
Step3: 3 points
Step4: 3 points

Solution Submission::

1) Submit your code (e.g., sequence of Scapy commands, or Python script that uses the Scapy library) to nike as usual. Submit one separate file per step.

File name format: YOUUSERNAME_stepX