Send SYN packet failed on Windows 10

[WorstCodeWay]

Hi, I new to socket, but I want to scan ports which are opened on other host or not. I find libtins can do this. Thanks for your work!

I meet a problem when doing my work, the libtins complains cannot sent ip packet, where an exception that implies socket_write_error (error:10022 within sendto). I have looked into libtins sources, and found that socket is created normally, IP_HDRINCL is ok too. But it just cannot send packet.

And I also have run the example codes Scanner for scanning, same problem.

I need help, guys.

[ahmedtalaat327]

I have same exception on win11 I think this is a socket limitation Raw sockets not allowed to work on 10 and 11

[WorstCodeWay]

I have same exception on win11 I think this is a socket limitation Raw sockets not allowed to work on 10 and 11

@ahmedtalaat327 You're right. Confirmed by more than one ways. At last, I introduce Npcap into my project and work like a charm.

[ahmedtalaat327]

I think its possible to send the UPD carrying the TCP sender.

[ahmedtalaat327]

@WorstCodeWay I think this works

[WorstCodeWay]

@WorstCodeWay I think this works

@ahmedtalaat327
Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

[ahmedtalaat327]

@WorstCodeWay I think this works

@ahmedtalaat327 Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

this is the same libtins yeah But using EthernetII instead of sending packet directly
` EthernetII eth = EthernetII("a0:8c:fd:61:5a:1d","94:08:53:64:6c:63") / IP("192.168.100.140", "192.168.100.45") / TCP(100, 1521) / Tins::RawPDU("I'm payload!");;

// Retrieve a pointer to the stored TCP PDU
TCP* tcp = eth.find_pdu<TCP>();
tcp->set_flag(Tins::TCP::SYN, 1);
tcp->seq(1733878791);
tcp->ack_seq(0);



// You can also retrieve a reference. This will throw a
// pdu_not_found exception if there is no such PDU in this packet.
IP& ip = eth.rfind_pdu<IP>();



// The sender
PacketSender sender;
//sender.send(eth, iface);
// Send and receive the response.
(sender.send(eth, iface));`

[WorstCodeWay]

@WorstCodeWay I think this works

@ahmedtalaat327 Sorry, where is Port Scan.exe from? Is it built from Tins example source code?

this is the same libtins yeah But using EthernetII instead of sending packet directly ` EthernetII eth = EthernetII("a0:8c:fd:61:5a:1d","94:08:53:64:6c:63") / IP("192.168.100.140", "192.168.100.45") / TCP(100, 1521) / Tins::RawPDU("I'm payload!");;

// Retrieve a pointer to the stored TCP PDU
TCP* tcp = eth.find_pdu<TCP>();
tcp->set_flag(Tins::TCP::SYN, 1);
tcp->seq(1733878791);
tcp->ack_seq(0);



// You can also retrieve a reference. This will throw a
// pdu_not_found exception if there is no such PDU in this packet.
IP& ip = eth.rfind_pdu<IP>();



// The sender
PacketSender sender;
//sender.send(eth, iface);
// Send and receive the response.
(sender.send(eth, iface));`

Interesting! I tried very like this, but without raw payload field, and it didn’t work. I will try this later.

Besides, in practice, you need target MAC address to fill the first parameter of EthernetII constructor, how will you get that? In my case, broadcast arp message may help.

[ahmedtalaat327]

@WorstCodeWay ARP reply