We Keep Coding

Replay of pcap file from local ip to public ip

I am replaying packets from pcap file using scapy from local machine to public. The pcap file contains different packets with multiple protocols like, llmnr, dhcp, http, udp, tcp, nbns e.t.c. The public ip is my VM(Virtual Machine) on azure. When I send packets to public ip, I only get few packets. Most of them are lost and I also get Malformed traffic, not the original packet there. Is there any way in scapy by using that I can receive all packets there.
The python script:
pca = rdpcap("Eg.pcap")
for pkt in pca:
if TCP in pkt:
npkt = (IP(dst="Public IP")/TCP()/Raw(pkt.payload))
del(npkt.len)
del(npkt.chksum)
elif UDP in pkt:
npkt = (IP(dst="Public IP")/UDP()/Raw(pkt.payload))
del(npkt.len)
del(npkt.chksum)
send(npkt)

How to send a SYN packet and not sending the ACK response?

import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(("HOST", PORT))
This code surely send a SYN packet to HOST, but does it complete the three-way handshake? Does it send the ACK packet to HOST?
If not, how can I make socket not sending the ACK packet?
That's because I'm trying to study the syn flood flaws and how this attack works. So SYN packets are sent but no ACK packets response are sent.

The .connect() call is asking the kernel to setup a usable socket
with the standard 3-way handshake:
SYN →
← SYN+ACK
ACK →
To send packets, without creating a usable socket, call hping3 instead:
$ sudo hping3 -i u1 -S -p 80 192.168.1.1

Sending a UDP with scapy shows malformed in wireshark

If i try and send a UDP packet with python using scapy
from scapy.all import *
data= "hello"
a = IP(dst="192.168.192.145")/UDP(dport=1194)/Raw(load=data)
send(a)
a.show()
It shows as both malformed and as the DNS protocol in wireshark
Where am I going wrong?

I figured this out by setting my source port to 50000

Python sockets: How do I get the address a client is connected to?

I have some code that hosts a local server and when a user connects it will send them some html code, which works fine.
But I want it so if they connect to http://localhost:90/abc it will show something different. How can I get the exact url they connected to?
Here is my code:
import socket
sock = socket.socket()
sock.bind(('', 90))
sock.listen(5)
print("Listening...")
while True:
client, address = sock.accept()
print("Connection recieved: ", address)
print(The exact url they connected to.)
print()
client.send(b'HTTP/1.0 200 OK\r\n')
client.send(b"Content-Type: text/html\r\n\r\n")
client.send(b'<html><body><h1>Hello, User!</body></html>')
client.close()
sock.close()
I tried print(client.getpeername()[1]), but that gets the client ip, and if there is a similar way to get the ip they connected to it probably wont get the 'abc' part of the url.
Thanks in advance.

Socket's don't have a notion of URL, that's specific to the HTTP protocol which runs on top of a socket. For this reason, only part of the HTTP URL is even used in the creation of a socket.
|--1---|----2----|-3-|--4-|
http:// localhost :90 /abc
Specifies which protocol inside of TCP the URL uses
Specifies the remote host, either by IP address or hostname
Specifies the remote port and is optional
Specifies the path of the URL
Only parts 2 and 3 are actually known to a TCP socket though! This is because TCP is a very basic form of communication, HTTP adds a bunch of functionality on top of it like requests and responses and paths and so on.
Basically if you're implementing an HTTP server, knowing the /abc part is your job. Take a look at this example. The client actually sends the /abc part to the server, otherwise it has no way of knowing which path the request is for.

When the client connects to your server, it will send:
GET /abc HTTP/1.1
Host: localhost
more headers...
<blank line>
Your server needs to parse the GET line and extract /abc from that.

how could a server send data to a client behind nat by udp in qt?

The server has a public IP, the client is behind a nat.
How could the client communicate with server by udp in qt?
The client will send some data to server first, then how could server reply to client?
The current code is this:
server:
self.udpSocketGet = QtNetwork.QUdpSocket()
self.udpSocketGet.bind(QtNetwork.QHostAddress.LocalHost, serverPort)
self.udpSocketGet.readyRead.connect(self.receive)
def receive(self):
while self.udpSocketGet.hasPendingDatagrams():
size = self.udpSocketGet.pendingDatagramSize()
if size > 0:
data, senderAddr, senderPort = self.udpSocketGet.readDatagram(size)
client:
def sentToServer(self,data):
udpSocketSend = QtNetwork.QUdpSocket()
udpSocketSend.writeDatagram(data.encode('utf-8'), serverAddress, serverPort)

The answer to your question goes beyond qt. Check out http://en.m.wikipedia.org/wiki/UDP_hole_punching and http://en.m.wikipedia.org/wiki/NAT_traversal
I am editing this answer after I looked back and found out that the server has a public IP address. In that case, the server will just have to respond to whatever IP address the request comes from. In case the client is communicating via NAT, the server will see the public address of the router and will be totally unaware that the actual client is behind that router.
Read Receiving a response through UDP
The bottom line is that you either have to use port mapping or UPNP.
See also https://superuser.com/questions/456812/nat-and-udp-replies
Again, the server code should not be concerned with NAT traversal. Either the client uses UPNP and the router has UPNP enabled. Or the router is configured to port forward or remember the source and destination IP addresses and ports of the packet originating from the client and properly farwards back the packets sent by the server.