0

I'm working in order to create a legitimate client by uscing scapy for a MQTT network. I implemented the 3-way handshake and a possible connection with the MQTT broker (the broker is fully working, i tested it with another client). Here my code:

from scapy.contrib.mqtt import *
from scapy.all import send, sendp, IP, TCP, Ether, sr, sr1

seq = 12345
src='192.168.1.90'
dst='192.168.1.91'
sport = 1040
dport=1883

pkt=IP(src=src, dst=dst)   
SYN=pkt/TCP(sport=sport, dport=dport, flags="S")
SYNACK=sr1(SYN)
ACK=pkt/TCP(sport=sport, dport=dport, flags="A", seq=SYNACK.ack, ack=SYNACK.seq + 1)
send(ACK)
 
payload_packet = TCP(sport=sport, dport=dport, flags='A', seq=ACK.ack, ack=ACK.seq + 1)
mqtt_pkt = MQTTConnect(clientId='my_client_id')

reply, error = sr(pkt/payload_packet/mqtt_pkt, multi=1, timeout=1)
for r in reply:
    r[0].show2()
    r[1].show2()

This code is not able to connect the client to the MQTT broker since the software send a RST before an ACK packet. Please see the image below.

Wireshark flow:

enter image description here

Could you please help me? Thanks in advance

Humayun Ahmad Rajib
  • 1,502
  • 1
  • 10
  • 22
NoName91
  • 29
  • 5

1 Answers1

1

Your own machine is sending that TCP reset, when it sees the syn from your TCP partenaire.

What you need to do is to inform your kernel that you want to use a specific port. in linux it is done the following way:

sudo iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP
# to see the result:
sudo iptables -L

ref: https://www.fir3net.com/Programming/Python/how-to-build-a-tcp-connection-in-scapy.html

fgagnaire
  • 839
  • 9
  • 18
  • I am aware that it is not really part of the question. But I think that you will be better opening the TCP connection with the normal python API, then use scapy to manage the application layer. TCP is hard to manage,for the reason of this answer, but also for retransmit, and other features. – fgagnaire Jul 19 '20 at 19:27