how to send a corrupt netbios packet
I want to send a corrupt netbios Session Service packet to my machine, My goal it to check whether my machine restarts or not upon receiving the corrupt netbios packet (this has happened before and I want to reproduce the same).
I am using scapy which is a python tool to establish a connection first to the machine at port 139 and then I am sending a NBTSession() packet to the machine.
In the wireshark traces I see that the session is established, but when I am trying to send a packet with NBTSession() layer then the wireshark traces shows its a NBSS continuation message.
from scapy.all import *
def nbt_func():
nb=NBTSession(TYPE=0x81,RESERVED=10,LENGTH=2000)
rnb=Raw(nb)
s=socket.socket()
s.connect(("10.62.147.30",139))
ss=StreamSocket(s,Raw)
s.sr1(rnb)
if __name__ == "__main__":
nbt_func()
Any idea why this is happening, or is there any other way the issue can be reproduced?
I gave some random values in the NBTSession() fields as I thought that maybe giving wrong values means corrupting the packet.
Thanks for the help.
Solution 1:
Corrupt packages are not exactly formatted on layer 5+ :) It could be even a corrupted IP header, so you cannot create a corrupted package using high-level libraries.
A good approach a can propose - is to connect to your server with netcat and send some garbage from /dev/urandom:
cat /dev/urandom | nc 10.62.147.30 139