Implement 3 way handshake for TCP...

Dec 3, 2013 at 2:17 AM
HI..


I want to implement 3-way handshake using pcap.net and request iis web server

my code...

using (PacketCommunicator communicator = selectedDevice.Open(100, // name of the device
                                                                     PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
                                                                     1000)) // read timeout
        {
            string oMac = "4c:72:b9:58:c0:6b";
            string oIP = "192.168.0.4";

           communicator.SendPacket(BuildTcpPacketSyn(oMac, oIP));  // OK
            System.Threading.Thread.Sleep(10);
            communicator.SendPacket(BuildTcpPacketAck(oMac, oIP)); // Fail : ACK but RST
            System.Threading.Thread.Sleep(10);
            communicator.SendPacket(BuildTcpPacketPushAck(oMac, oIP));
         } 
       }
       System.Console.ReadKey();

private static Packet BuildTcpPacketSyn(string mac, string ip)
    {
        EthernetLayer ethernetLayer =
            new EthernetLayer
            {
                Source = new MacAddress(mac),
                Destination = new MacAddress(dMac),
                EtherType = EthernetType.None, // Will be filled automatically.
            };

        IpV4Layer ipV4Layer =
            new IpV4Layer
            {
                Source = new IpV4Address(ip), 
                CurrentDestination = new IpV4Address(dIP), 
                Fragmentation = IpV4Fragmentation.None,
                HeaderChecksum = null, // Will be filled automatically.
                Identification = 1608,
                Options = IpV4Options.None,
                Protocol = null, // Will be filled automatically.
                Ttl = 128,
                TypeOfService = 0,
            };

        TcpLayer tcpLayer =
            new TcpLayer
            {                    
                SourcePort = 12113,
                DestinationPort = 80,
                Checksum = null, // Will be filled automatically.
                SequenceNumber = 0,
                AcknowledgmentNumber = 0,
                ControlBits = TcpControlBits.Synchronize,
                Window = 8192,                    
                Options = new TcpOptions(new TcpOptionMaximumSegmentSize(1460), new TcpOptionWindowScale(2), new TcpOptionSelectiveAcknowledgmentPermitted()),
                UrgentPointer = 0
            };

        PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, tcpLayer);

        return builder.Build(DateTime.Now);
    }

    private static Packet BuildTcpPacketAck(string mac, string ip)
    {
        EthernetLayer ethernetLayer =
            new EthernetLayer
            {
                Source = new MacAddress(mac),
                Destination = new MacAddress(dMac),
                EtherType = EthernetType.None, // Will be filled automatically.
            };

        IpV4Layer ipV4Layer =
            new IpV4Layer
            {
                Source = new IpV4Address(ip), 
                CurrentDestination = new IpV4Address(dIP), 
                Fragmentation = IpV4Fragmentation.None,
                HeaderChecksum = null, // Will be filled automatically.
                Identification = 1609,
                Options = IpV4Options.None,
                Protocol = null, // Will be filled automatically.
                Ttl = 128,
                TypeOfService = 0,
            };

        TcpLayer tcpLayer =
            new TcpLayer
            {
                SourcePort = 12113,
                DestinationPort = 80,
                Checksum = null, // Will be filled automatically.
                SequenceNumber = 1,
                AcknowledgmentNumber = 1,
                ControlBits = TcpControlBits.Acknowledgment,
                Window = 16425,
                Options = TcpOptions.None,
                UrgentPointer = 0
            };

        PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, tcpLayer);

        return builder.Build(DateTime.Now);
    }

    private static Packet BuildTcpPacketPushAck(string mac, string ip)
    {
        EthernetLayer ethernetLayer =
            new EthernetLayer
            {
                Source = new MacAddress(mac),
                Destination = new MacAddress(dMac),
                EtherType = EthernetType.None, // Will be filled automatically.
            };

        IpV4Layer ipV4Layer =
            new IpV4Layer
            {
                Source = new IpV4Address(ip), 
                CurrentDestination = new IpV4Address(dIP), 
                Fragmentation = IpV4Fragmentation.None,
                HeaderChecksum = null, // Will be filled automatically.
                Identification = 1610,
                Options = IpV4Options.None,
                Protocol = null, // Will be filled automatically.
                Ttl = 128,
                TypeOfService = 0                    
            };

        TcpLayer tcpLayer =
            new TcpLayer
            {
                SourcePort = 12113,
                DestinationPort = 80,
                Checksum = null, // Will be filled automatically.
                SequenceNumber = 1,
                AcknowledgmentNumber = 1,
                ControlBits = TcpControlBits.Push | TcpControlBits.Acknowledgment,
                Window = 16425,                    
                Options = TcpOptions.None,
                UrgentPointer = 0
            };

        HttpRequestLayer httpLayer =
           new HttpRequestLayer
           {
               Version = HttpVersion.Version11,
               Header = new HttpHeader(new HttpContentLengthField(11)),
               Body = new Datagram(Encoding.ASCII.GetBytes("")),
               Method = new HttpRequestMethod(HttpRequestKnownMethod.Get),
               Uri = @"http://192.168.0.3/index.aspx",
           };

        PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, tcpLayer, httpLayer);

        return builder.Build(DateTime.Now);
    }
  1. SYN is OK (Client -> Server)
  2. SYN|ACK is OK (Client <- Server)
  3. ACK is Fail (Client -> Server)
    Message: Acknowledgment number: Broken TCP. The acknowledge field is nonzero while the ACK flag is not set
help me.. please.
Coordinator
Dec 6, 2013 at 7:26 AM
I suggest capturing the packets using Wireshark and comparing them to regular 3 way handshake captured.
If you do that and don't see what's wrong, you can post the two pcap files and I'll take a look.