We Keep Coding

C server socket refusing the connection of a python client

I am trying to make a messenger program (that currently has a ton of bugs so please dismiss them) and for some reason, the server wont let the clients connect. I have tried changing the port, but nothing works. I get the following error (for my client, which is in python) (this is on a mac, but I have tried the client on a windows computer, still nothing):
Traceback (most recent call last):
File "msgclient.py", line 31, in <module>
Program()
File "msgclient.py", line 8, in __init__
self.s.connect((IP, PORT))
ConnectionRefusedError: [Errno 61] Connection refused
Here is the code for the server (written in c):
#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <sys/select.h>
#include <netinet/in.h>
#include <unistd.h>
#include <sys/types.h>
#define MAXCLIENTS 256
#define MAXMSG 269
#define PORT 9989
void forward(int clientslist[MAXCLIENTS], char* msg) {
int x;
for (x=0; x < MAXCLIENTS; x++){
send(clientslist[x], msg, sizeof(msg), 0);
}
return;
}
int main(){
int s = socket(AF_INET, SOCK_STREAM, 0);
int clients[MAXCLIENTS];
int clientcounter = 0;
fd_set socketlist, readlist;
FD_ZERO(&socketlist);
FD_SET(s, &socketlist);
struct sockaddr_in server;
server.sin_family = AF_INET;
server.sin_port = htons(PORT);
server.sin_addr.s_addr = INADDR_ANY;
bind(s, (struct sockaddr*) &server, sizeof(server));
listen(s, MAXCLIENTS);
int clientsocket;
int i;
int rc;
int max = s;
void* msg = (char *) malloc(MAXMSG+1);
void* usr = (char *) malloc(14);
while (1){
readlist = socketlist;
select(FD_SETSIZE, &readlist, NULL, NULL, NULL);
for (i=0; i<max+1; i++){
if(FD_ISSET(i, &readlist)){
if (i == s){
clientsocket = accept(s, NULL, NULL);
FD_SET(clientsocket, &socketlist);
clients[clientcounter] = clientsocket;
clientcounter++;
rc = recv(clientsocket, usr, 10, 0);
printf("Connection received from %s\n", usr);
usr = "\0";
if (clientsocket > max+1){
max = clientsocket;
}
} else {
rc = recv(i, msg, MAXMSG, 0);
if (rc > 0){
forward(clients, msg);
} else{
close(i);
msg = "\0";
}
}
}
}
}
return 0;
}
and the client (written in python):
import socket
class Program:
def __init__(self):
IP = socket.gethostbyname(socket.gethostname())
PORT = 9989
self.s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
self.s.connect((IP, PORT))
self.user = self.username()
self.s.send(bytes(self.user, "utf-8"))
while True:
received = self.s.recv(269)
received = received.decode("utf-8")
print(received)
self.enter()
def username(self):
name = str(input("Enter a username (10 character max): "))
if len(name) > 10:
print("Username is larger than 10; try again")
self.username()
return name;
def enter(self):
msg = str(input("Enter a message>> "))
if msg != "":
self.s.send(bytes(f"{self.user}>> {msg}", "utf-8"))
if __name__ == "__main__":
Program()

regarding the function:
void forward(int clientslist[MAXCLIENTS], char* msg)
and
send(clientslist[x], msg, sizeof(msg), 0);
The expression: sizeof(msg) will return a value (depending on your underlying hardware and certain compiler parameters) of 4 or 8, Not what you want. Suggest passing the actual number of bytes to transmit.
regarding the function:
void forward(int clientslist[MAXCLIENTS], char* msg)
and the statement:
return;
The return; statement is completely unnecessary. Suggest removing that statement.
regarding:
int s = socket(AF_INET, SOCK_STREAM, 0);
This statement can fail. Always check (if socket < 0) then handle the error
regarding:
server.sin_addr.s_addr = INADDR_ANY;
INADDR_ANY has the value: "0.0.0.0" which cannot be directly assigned. Suggest:
server.sin_addr.s_addr = htonl(INADDR_ANY);
OT: regarding:
bind(s, (struct sockaddr*) &server, sizeof(server));
and
listen(s, MAXCLIENTS);
These functions can fail. Always check the returned value to assure the operation was successful.
OT: regarding:
void* msg = (char *) malloc(MAXMSG+1);
and similar statements. In C, the returned type is void* which can be assigned to any pointer. Casting just clutters the code and is error prone. even this statement has an error in the cast. Suggest removing that cast.
regarding:
readlist = socketlist;
select(FD_SETSIZE, &readlist, NULL, NULL, NULL);
for (i=0; i<max+1; i++)
{
if(FD_ISSET(i, &readlist))
{
if (i == s)
{
This code sequence forces serial handling of the incoming sockets. Much better to generate a 'thread pool', then use accept() and pass the resulting client socket to an idle thread. The thread then performs all the communication with the client, then, when finishing with the client, closes the client socket.
regarding:
select(FD_SETSIZE, &readlist, NULL, NULL, NULL);
There must already be an open socket to the client, which there is none, so no communication occurs.
there may be other problems, but this should aim you in the right direction.

Unable to set default gateway from python

I have written code to set default gateway using ioctl in C. I have a function to set the gateway and the usual main function. When I compile and run the code it works fine, but when I turn it into a library and call the main function from python using ctypes the ioctl call fails. Why is this?
Note: Before using ctypes method, I tried to set gateway from python using fcntl, ioctl and socket but it failed with OSError saying invalid arguments.
gateway.c
int setDefaultGW( int sockfd, char* gatewatStr)
{
struct sockaddr_in *dst, *gw, *mask;
struct rtentry route;
in_addr_t gip;
fprintf( stderr,"socket %d\n", sockfd);
fprintf( stderr,"Address %s\n", gatewatStr);
gip = inet_addr(gatewatStr);
fprintf( stderr,"Address %d\n", gip);
memset(&route,0,sizeof(struct rtentry));
dst = (struct sockaddr_in *)(&(route.rt_dst));
gw = (struct sockaddr_in *)(&(route.rt_gateway));
mask = (struct sockaddr_in *)(&(route.rt_genmask));
/* Make sure we're talking about IP here */
dst->sin_family = AF_INET;
gw->sin_family = AF_INET;
mask->sin_family = AF_INET;
/* Set up the data for adding the default route */
dst->sin_addr.s_addr = inet_addr("0.0.0.0");
gw->sin_addr.s_addr = gip;
mask->sin_addr.s_addr = inet_addr("0.0.0.0");
route.rt_metric = 100;
route.rt_flags = RTF_UP | RTF_GATEWAY;
/* Remove this route if it already exists */
ioctl(sockfd,SIOCDELRT,&route);
/* Add the default route */
if( ioctl(sockfd,SIOCADDRT,&route) < 0 )
{
fprintf( stderr,"Adding default route: %d\n", errno);
return -1;
}
fprintf( stdout,"Added default route successfully.\n" );
return 0;
}
int main(){
int sockfd = socket(AF_INET, SOCK_DGRAM, 0);
if (sockfd == -1)
{
perror("socket creation failed\n");
return;
}
setDefaultGW(sockfd, "192.168.6.1");
return 0;
}
net.py
gatewayFun = ctypes.CDLL("./libgateway.so")
gatewayFun.main()
Running the C binary:
./gateway
socket 3
Address 192.168.6.1
Address 17213632
Added default route successfully.
Running the python script:
# python3 net.py
socket 4
Address 192.168.6.1
Address 17213632
Adding default route: 101

C WebServer and Python Client

I made a simple webserver using c. I can connect to it via a web browser and it works fine.
The goal of this webserver was to exploit it. So I wrote a simple python script that sends malicious data to the server. However, I only get an error message on the server saying: "Bad file descriptor".
C-Server Main:
int main(void) {
int sockfd, new_sockfd, yes=1;
struct sockaddr_in host_addr, client_addr;
socklen_t sin_size;
printf("Accepting web requests on port %d\n", PORT);
if ((sockfd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
error_and_exit("in socket");
if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1)
error_and_exit("setting socket option SO_REUSEADDR");
host_addr.sin_family = AF_INET;
host_addr.sin_port = htons(PORT);
host_addr.sin_addr.s_addr = INADDR_ANY;
memset(&(host_addr.sin_zero), '\0', 8);
if (bind(sockfd, (struct sockaddr *)&host_addr, sizeof(struct sockaddr)) == -1)
error_and_exit("binding to socket");
if (listen(sockfd, 20) == -1)
error_and_exit("listening on socket");
while(1) { // Accept loop
sin_size = sizeof(struct sockaddr_in);
new_sockfd = accept(sockfd, (struct sockaddr *)&client_addr, &sin_size);
if(new_sockfd == -1)
error_and_exit("accepting connection");
handle_connection(new_sockfd, &client_addr);
}
return 0;
}
python code:
import socket
import struct
import sys
import time
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server_address = ('127.0.0.1', 8000)
sock.connect(server_address)
shellcode =(....)
values = ....
try:
sock.sendall(values)
finally:
sock.close()
Notes:
1.
the accept function (from <sys/socket.h>) in the while(1) loop returns -1, calling error_and_exit("accepting connection"). So the Server never executes handle_connection for my python client.
2.
Code for error_and_exit function:
void error_and_exit(char *message) {
char error_message[100];
strcpy(error_message, " Error ");
strncat(error_message, message, 83);
perror(error_message);
exit(-1);
}

What port number do I specify when receiving a raw ethernet packet?

I would like to sniff packets on a particular Ethernet interface using python.
These packets are received from an FPGA and do not contain any of the usual IP headers. The only header info is the Ethernet header.
I have the following python code which reads raw packets, It's from an example I modified from here.
from socket import *
interface = "em3"
# Create socket connection
sock = socket(AF_PACKET, SOCK_RAW, htons(0x0003))
sock.bind((interface, 0)) #port number
data = sock.recv(1024)
print(data)
sock.close()
I understand that when TCP/UDP sockets are created, port numbers are reserved for use by a specific service. However, I don't know what port number to use for my application. How do I know what port number to use?
Why I'm asking:
I'm asking because the above code doesn't receive any packets from the FPGA, even though when I use tshark (sudo tshark -i em3 -w output.bin) I get two. My interface is in promiscuous mode, and now I'm checking if my port number and protocol types are correct.

austinmarton on GitHub has some code to Receive raw Ethernet frames in Linux. This is not my code, so don't ak me any questions about it, and your mileage may vary. Thanks to #Barmar for the link.
/*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*/
#include <arpa/inet.h>
#include <linux/if_packet.h>
#include <linux/ip.h>
#include <linux/udp.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <net/if.h>
#include <netinet/ether.h>
#define DEST_MAC0 0x00
#define DEST_MAC1 0x00
#define DEST_MAC2 0x00
#define DEST_MAC3 0x00
#define DEST_MAC4 0x00
#define DEST_MAC5 0x00
#define ETHER_TYPE 0x0800
#define DEFAULT_IF "eth0"
#define BUF_SIZ 1024
int main(int argc, char *argv[])
{
char sender[INET6_ADDRSTRLEN];
int sockfd, ret, i;
int sockopt;
ssize_t numbytes;
struct ifreq ifopts; /* set promiscuous mode */
struct ifreq if_ip; /* get ip addr */
struct sockaddr_storage their_addr;
uint8_t buf[BUF_SIZ];
char ifName[IFNAMSIZ];
/* Get interface name */
if (argc > 1)
strcpy(ifName, argv[1]);
else
strcpy(ifName, DEFAULT_IF);
/* Header structures */
struct ether_header *eh = (struct ether_header *) buf;
struct iphdr *iph = (struct iphdr *) (buf + sizeof(struct ether_header));
struct udphdr *udph = (struct udphdr *) (buf + sizeof(struct iphdr) + sizeof(struct ether_header));
memset(&if_ip, 0, sizeof(struct ifreq));
/* Open PF_PACKET socket, listening for EtherType ETHER_TYPE */
if ((sockfd = socket(PF_PACKET, SOCK_RAW, htons(ETHER_TYPE))) == -1) {
perror("listener: socket");
return -1;
}
/* Set interface to promiscuous mode - do we need to do this every time? */
strncpy(ifopts.ifr_name, ifName, IFNAMSIZ-1);
ioctl(sockfd, SIOCGIFFLAGS, &ifopts);
ifopts.ifr_flags |= IFF_PROMISC;
ioctl(sockfd, SIOCSIFFLAGS, &ifopts);
/* Allow the socket to be reused - incase connection is closed prematurely */
if (setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &sockopt, sizeof sockopt) == -1) {
perror("setsockopt");
close(sockfd);
exit(EXIT_FAILURE);
}
/* Bind to device */
if (setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE, ifName, IFNAMSIZ-1) == -1) {
perror("SO_BINDTODEVICE");
close(sockfd);
exit(EXIT_FAILURE);
}
repeat: printf("listener: Waiting to recvfrom...\n");
numbytes = recvfrom(sockfd, buf, BUF_SIZ, 0, NULL, NULL);
printf("listener: got packet %lu bytes\n", numbytes);
/* Check the packet is for me */
if (eh->ether_dhost[0] == DEST_MAC0 &&
eh->ether_dhost[1] == DEST_MAC1 &&
eh->ether_dhost[2] == DEST_MAC2 &&
eh->ether_dhost[3] == DEST_MAC3 &&
eh->ether_dhost[4] == DEST_MAC4 &&
eh->ether_dhost[5] == DEST_MAC5) {
printf("Correct destination MAC address\n");
} else {
printf("Wrong destination MAC: %x:%x:%x:%x:%x:%x\n",
eh->ether_dhost[0],
eh->ether_dhost[1],
eh->ether_dhost[2],
eh->ether_dhost[3],
eh->ether_dhost[4],
eh->ether_dhost[5]);
ret = -1;
goto done;
}
/* Get source IP */
((struct sockaddr_in *)&their_addr)->sin_addr.s_addr = iph->saddr;
inet_ntop(AF_INET, &((struct sockaddr_in*)&their_addr)->sin_addr, sender, sizeof sender);
/* Look up my device IP addr if possible */
strncpy(if_ip.ifr_name, ifName, IFNAMSIZ-1);
if (ioctl(sockfd, SIOCGIFADDR, &if_ip) >= 0) { /* if we can't check then don't */
printf("Source IP: %s\n My IP: %s\n", sender,
inet_ntoa(((struct sockaddr_in *)&if_ip.ifr_addr)->sin_addr));
/* ignore if I sent it */
if (strcmp(sender, inet_ntoa(((struct sockaddr_in *)&if_ip.ifr_addr)->sin_addr)) == 0) {
printf("but I sent it :(\n");
ret = -1;
goto done;
}
}
/* UDP payload length */
ret = ntohs(udph->len) - sizeof(struct udphdr);
/* Print packet */
printf("\tData:");
for (i=0; i<numbytes; i++) printf("%02x:", buf[i]);
printf("\n");
done: goto repeat;
close(sockfd);
return ret;
}

socket probably not going to work here, since it will use TCP/IP
you can try to use the scapy package to sniff packet from that interface.
check this:
http://www.secdev.org/projects/scapy/doc/usage.html#sniffing

Problems communicating between C and Python programs

I am trying to implement a UDP communication protocol between a C program and a python program. The C program has a structure that it sends through the UDP port (tx_port) as binary data. This program also listens on another port (rx_port) for any received data, and then prints the received binary output to the screen.
The python program listens on tx_port and unpacks the received data and prints it to the screen. Then it repacks the data and sends it back through UDP port (rx_port).
Here are the C and Python programs that I used.
C program
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <unistd.h>
#include <pthread.h>
#define BUFLEN 4096
#define RX_PORT 8888
#define TX_PORT 8889
// Structure data
struct data {
long frame_number;
double time;
} tx_data, rx_data;
int dlen = sizeof(tx_data);
struct sockaddr_in si_me, si_other;
int tx_soc;
int slen = sizeof(si_other);
int recv_len;
char* buf;
pthread_t rx_thread;
void* receiver_thread(void *arg)
{
int i =0;
while (1) {
recv_len = recvfrom(tx_soc, buf, sizeof(rx_data), 0, (struct sockaddr *) &si_other, &slen);
printf("\nReceived data : %d\n", recv_len);
for (i = 0; i < recv_len; i++) {
printf("%x ", buf[i]);
}
printf("\n");
fflush(stdout);
};
}
void data_init(void) {
tx_data.frame_number = 0;
tx_data.time = 0;
};
int main(void)
{
// Initialize data
data_init();
//create a UDP socket
if ((tx_soc=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)) == -1)
{
printf("Socket error!");
exit(0);
}
// zero out the structure
memset((char *) &si_me, 0, sizeof(si_other));
memset((char *) &si_other, 0, sizeof(si_other));
// Host socket address
si_me.sin_family = AF_INET;
si_me.sin_port = htons(RX_PORT);
si_me.sin_addr.s_addr = htonl(INADDR_ANY);
// Remote socket address
si_other.sin_family = AF_INET;
si_other.sin_port = htons(TX_PORT);
si_other.sin_addr.s_addr = htonl(INADDR_ANY);
//bind sockets to the ports
if( bind(tx_soc, (struct sockaddr*)&si_me, sizeof(si_me) ) == -1)
{
printf("Binding error!");
}
// Start reader thread.
if (pthread_create(&rx_thread, NULL, &receiver_thread, NULL) != 0) {
printf("\ncan't create thread");
}
//keep listening for data
while(1)
{
// Allocate memory for receive buffer.
buf = (char*) malloc(sizeof(rx_data));
// Update data value.
tx_data.frame_number++;
printf("\nFrame numner: %ld", tx_data.frame_number);
fflush(stdout);
// Send data.
if (sendto(tx_soc, (char*)&tx_data, dlen, 0, (struct sockaddr*) &si_other, slen) == -1)
{
printf("Sending error!");
}
sleep(1);
}
close(tx_soc);
return 0;
}
Python program
from twisted.internet.protocol import DatagramProtocol
from twisted.internet import reactor
import struct
# Packet format string
packet_fmt = ''.join(['i', # Frame number
'd', # Frame time stamp
])
s = struct.Struct(packet_fmt)
class Echo(DatagramProtocol):
def datagramReceived(self, data, (host, port)):
new_data = s.unpack(data)
print new_data
echo_data = s.pack(*new_data)
self.transport.write(echo_data, (host, port))
reactor.listenUDP(8889, Echo())
reactor.run()
When I execute the two programs, I am able to receive data on both sides. I am able to unpack data in python, print it, repack and send it.
But on the C side, the received data does not match the sent data. I have checked on the python side to make sure the repacked data matches the original data.
Here is a sample output from the C and Python programs. I started the python programs first, and then the C program.
What is the mistake I might be making?