goony has asked for the wisdom of the Perl Monks concerning the following question:

Hi all,
I would like try forging arp request packets with perl.
I'm using module Net::RawIP 0.1. I don't know if I can
specify "arp request type flag" with this module.

At this moment I've specified src/dest mac address and ip src/dest address.
Bu with tcpdump in can't see forget packets.
This on a Linux Trustix 2.0 with kernel 2.4.23.
...
$a->ethset(source => $hardaddr);
$a->ethset(dest   => $hardaddr2);

$a->set({ip =>{ saddr  => $ipsource, daddr  => $host }});

$a->ethsend;
...

[download]
Can anyone please help me?
Is it possibile to do the same thing without this module or in another way?

Tnx very much in adv,

Matteo Cantoni aka goony <goony@OpenBEER.it>
GnuPG PubKey : http://goony.OpenBEER.it/keys/goony.asc

Replies are listed 'Best First'.
Re: arp request forging
by dave_the_m (Monsignor) on Jun 03, 2004 at 16:29 UTC
    Well, for one thing, an ARP packet isn't a type of IP packet, so you can't set its IP src and dst addresses like that.

    But do you really want to be forging ARP requests?

    Dave.

[reply]
      Ok, I'm not sure of this. But I thinked that if I want send an arp request to an host, I must specify mac address destination and peraphs its ip address.

      I know that in C language is possible forging arp packets. In Net::RawIP I read:

      The ARGOFDEST and the ARGOFSOURCE can be given as a string which contain just 6 bytes of the real ethernet address or like the output of the ifconfig(8) e.g. 00:00:E8:43:0B:2A or just an ip address or a hostname of a target, then a mac address will be discovered automatically.

      Can you help me? tnx very much
[reply]
        Ok, I'm not sure of this
        Well, if you're not sure of this, then are you really in a postition to be sending out faked ARP packets onto the wire? I can't think of any reason why someone would normally want to do this, so unless you can convince me that (a) you aren't up to no good, (b) there is a valid reason for doing this, then I'm not keen to help you further.
        Sorry,

        Dave.

[reply]

Back to Seekers of Perl Wisdom