TCP & UDP Packet Crafting with CatKARAT

Hello friends ! in our previous article we had described packert crafting using colasoft packet builder. Again we are going to use a new tool “Cat KARAT”for packet crafting to test our network  by crafting various kind of network packet.

Cat Karat Packet Builder is a is a handy, easy to use IP4, IP6, IP4/IP6 tunnels, PPoE, TCP, UDP, ICMPv4, ICMPv6, VRRP, IGMP, ARP, DHCP , OAM, VLAN (Q in Q), MPLS, Spanning tree BPDU and LLDP packet generation tool that allows to build custom packets for firewall or target testing and has integrated scripting ability for automated testing.

This Packet Builder enables the user to specify the entire contents of the packet from the GUI. In addition to building packets. Packet Builder also supports saving packets to packet files and sending packets to network. It can be used at all kinds of network areas like traffic generator, packet generator or protocol simulator.

This project also provides a packet capture tool. It is designed for use by anyone who wants to inject packets into a network and/or observe packets exiting a network. Usually packet operation by following protocol stack is limited to command line interface. With this tool, all user have to do is clicking the screen, which almost everybody can do

 From: http://packetbuilder.net

You can download it from given link above.

Let’s start!!

As we had discuss in our previous article that there are 4 mode of operation in packet crafting.

  1. Packet Assembly
  2. Packet Editing
  3. Packet Playing
  4. Packet Analysis

Let start from first phase is “Packet Assembly” where you need to decide type of packet and network you want to created among TCP, IP, ICMP and UDP.

Now when you will run the installed application “Cat KARAT” you will observe three important sections “Interfaces”, “Packet flow” and Packet view  which in their default state as shown in given below image.

TCP-SYN Packet Crafting

So as we know in Packet Assembly phase we need to decide protocol for crafting any packet, which is quite easy to select with this tool. Only enable the radio button for selecting protocol and direction flow of packet. Here I had enable radio buttons for “IPv4” and “TCP” without disturbing remaining default packet flow as shown given below image.

Next we need to select the interface which you can select from the second sections of Interfaces by double-Click on it.

Now next is packet Editing phase where you need to specify source IP address such as: 192.168.1.11 from which packet will be sent and Destination IP address such as: 192.168.1.12 on which packet is received. Moreover you can also make some changes in your packet such as Time to live (TTL), Data length and also can go with packet fragmentation.

From given below image you can observe I had added source and destination IP in packet under the third section protocol view -> Ipv4

As we know TCP protocol use TCP-flag for communication to established connection with Destination IP. Therefore we are crafting TCP-SYN packet under the third section protocol view -> TCP by enabling sync sequence option which flow from source port 80 to destination port 80.

Once everything is edited then your packet is ready to send on target network.

Click on play button given in menu bar for sending packet on target’s network.

As we know after finishing packet editing operation we need to send it on target network which is known as “Packet Playing” in this mode we actually test packet Assembly and packet Editing mode if show packet is send successfully else again we send packet in packet Editing mode for modification.

From given below image you can observe the result “Packet sent successfully”

Last phase is Packet Analysis mode where received packet is analysis using packet analysis tool. Here we had use wireshark for capturing incoming traffic. Hence from given below image you can observe that wireshark has captured exactly same information which we had bind in packet during packet Assembly and packet Editing mode such as TCP protocol and TCP-SYN packet.

TCP-RST Packet Crafting

So the Packet Assembly phase and Packet Editing phase for TCP–RST packet crafting is almost same as above only the difference is make in change TCP-Flag through which connection will be established with target network.

Since we want to send traffic through only reset packets for establishing connection with target network therefore enable the check box of Reset connect.

Click on play button given in menu bar for sending packet on target’s network which is part of Packet playing mode.

From given below image you can observe the result “Packet sent successfully”

Hence from given below image you can observe that wireshark has captured exactly same information which we had bind in packet during packet Assembly and packet Editing mode such as TCP protocol and TCP-RST packet.

TCP-PSH/ACK Packet Crafting

So the Packet Assembly phase and Packet Editing phase for TCP–PSH/ACK packet crafting is almost same as above only the difference is make in change TCP-Flag through which connection will be established with target network.

Since we want to send traffic through only Push with Acknowledgement packets for establishing connection with target network therefore enable the check box of PUSH Function and Acknowledgement.

 

Click on play button given in menu bar for sending packet on target’s network which is part of Packet playing mode.

From given below image you can observe the result “Packet sent successfully”

Hence from given below image you can observe that wireshark has captured exactly same information which we had bind in packet during packet Assembly and packet Editing mode such as TCP protocol and TCP-PSH/ACK packet.

UDP Packet Crafting

Similarly as above in Packet Assembly phase we need to decide protocol for crafting UDP packet, enable the radio button for selecting protocol and direction flow of packet. Here I had enable radio buttons for “IPv4” and “UDP” without disturbing remaining default packet flow as shown given below image.

Move into Protocol view section for Packet Editing and enter source and destination IP. I had added source and destination IP in packet under the third section protocol view -> Ipv4 as done above.

Now explore the UDP tab for design UDP packets as per your requirement, from given below image you can observe default setting details.

Source port: 00000

Destination port: 00000

Now the UDP traffic will flow from source port 0 to destination port 0.

Click on play button given in menu bar for sending packet on target’s network which is part of Packet playing mode.

From given below image you can observe the result “Packet sent successfully”

From given below image you can observe that wireshark has captured exactly same information which we had bind in packet during packet Assembly and packet Editing mode such as UDP protocol and from source port 0 to destination 0 of 60 length.

AuthorRahul Virmani is a Certified Ethical Hacker and the researcher in the field of network Penetration Testing (CYBER SECURITY).    Contact Here

Leave a Reply

Your email address will not be published. Required fields are marked *