Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
Edward2017-02-13 23:47:35
Computer networks
Edward, 2017-02-13 23:47:35

How to change TCP/IP packet length?

Hello. Help me please. I catch a TCP packet, change the data in it (they go just after the TCP header) and send it further. When I just catch and send it works. When I replace some letter in the text (data after the TCP header), I read the TCP checksum and write a new TCP checksum into the header, send it.
But when I change the length, namely, I add a few words to the data and replace the last word and write to the stream (network stack) a packet with the old length (checksum is also calculated according to the old length), then it sends, and when I write to the stream (network stack) the number of bytes more than the package that I received then neither checksum counts nor sends without it.
I suspect that it is necessary to change something in the first 40 bytes of the packet where the headers are. (After 40 bytes out of 41, data is already coming). I readhttps://en.wikipedia.org/wiki/IPv4 there is a table IPv4 Header Format and the length is stored in some headers. But in the WireShark program, the length is stored in both IP and TCP headers (as shown at least (photo 2)).

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
E
Edward, 2017-02-15
@ed_milson

It turned out to change the length of the packet, in TCP itself you do not need to change, but in the IP header you need to change the length. But since this is a packet from the socket, the ACK value changes on the fly and the program that sent it expects the ACK that it sent, and not that another program changed.

Report
1
15432, 2017-02-14
@15432

In Wireshark, when you select a field in the description of a packet, the same value in the packet is automatically highlighted, from where Wireshark took the number. They need to be changed.
Modifying headers at the IP level will not be easy. If possible, it's easier to get in the middle of the channel at the TCP level and just redirect the data back and forth. Like a proxy.

Report
A
Andrew, 2017-02-14
@OLS

The sender and receiver keep SEQ and ACK counters. If you change the packet length, you violate the logic of these counters. That is, from the moment you increased or decreased the length of the packet in all subsequent ones within this session, you need to change SEQ in the forward direction and ACK in the opposite direction by the same amount. And it's better to get up as 15432 advises using tcp-port-mapper technology, if it's important for you to be able to change the length.

Similar questions
A
Alexander2015-07-08 14:41:15
Are there analytical modeling systems using voxels? 2Reply
A
Andrey Romanyuk2017-04-07 20:16:26
What books are there for beginner back end developers on network architecture? 1Reply
G
GUser2015-04-10 20:52:33
How not to store PD in Russia? 3Reply
I
IvanRu082020-03-27 13:54:09
How to display products by Woocommerce SKU? 2Reply
D
Denis2017-04-09 13:08:39
Connecting and disconnecting from the server via http protocol? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question