Not all applications receive data off the network correctly, and they can miss key chunks of data even when they don't mean to. As an example, Python's socket.recv needs to be called repeatedly until all data has been received. But, if the receiving application doesn't properly loop, then it may miss key data later in the buffer.
This library ensures that all data will be in the receiving buffer before the receiving application begins reading the data. It does this by sending the TCP segments out of order; and in particular, it does this by sending the first TCP segment last.
By sending the first TCP segment last, all the later segments will
already be waiting in the receiving buffer by the time that the
first segment arrives. Then, if the receiving application only
calls Python's socket.recv function once, it will still read
all of the intended data.
I first encountered this issue while working on the EXP-301 course from OffSec (a course that focuses on exploiting applications via buffer overflows). And I created this library to help solve labs and challenges from this course.
PyPi project: https://pypi.org/project/tcp-send-first-segment-last/
$ pip install tcp-send-first-segment-lastfrom tcp_send_first_segment_last.send import send_first_segment_last
payload = b"A" * 5000
send_first_segment_last("127.0.0.1", 4444, payload)- The current implementation waits 5 seconds before sending the final (first) segment, and waits another 5 seconds before closing the connection
- Payloads are currently broken up into 1000 byte chunks
- Only supports IP addresses, does not support hostnames
- Only runs on Linux/Unix
- Modifies 'iptables' to disable the default RST response from the OS when receiving a response from the target application
- Chunk size is not currently modifiable
- Wait time before sending the first packet is not modifiable
- Must be
rootto run