UDP Socket Programming
Below is an assignment from my grad program where we were to demonstrate UDP socket programming using Python along with an analysis of packets using Wireshark.
If you want all of the code, visit the below GitHub link.
https://github.com/awilk54/c550
Introduction
For this exercise, we were to implement a simple UDP-based client-server system with limited security features. Thisexercise has two objectives: (i) help you get familiarized with Linux socket programming; (ii) experiment with packet sniffing and pcap analysis using Wireshark; practice the fundamentals of TCP/IP communications and handshake; and (iv) prepare you to tackle the next Lab assignment which involves the design of a more secure client server system.
Objective
For assignment 1, we were given specific requirements for implementing our own version of a UDP client/server connection. The client/server application needed to follow specific guidelines before delivering a complete report. The UDP server client should be a simple server application where authentication of a server password by a connecting client will deliver a file by the server. The client will need to create a UDP socket connection with the UDP server, send multiple password attempts and on successful authentication, receive a txt file from the server and write it to a new output text file. Below in figure one is an explanation of how the UDP Client/Server communication will process packet by packet.
Figure 1.
Code
In this section you will see snippets of code used to make the UDP client/server application work. The full program files will be submitted to Blackboard and can also be found in a repository setup on GitHub (https://github.com/awilk54/c550). Let me first start off by describing UDP (User Datagram Protcol). UDP works differently then TCP/IP. TCP/IP is what is called a stream oriented protocol, which means that all of the data sent must be transmitted in the right order. UDP is not a stream oreiented protocol. UDP is known as a “message oreineted protocol”. UDP is also known as “connection less”. In order to establish a communication between client/server using UDP, a socket is needed to be created. Due to UDP not being stream oriented, it’s packet delivery cannot be guarenteed. If network issues appear on the wire during a UDP packet send/receive, that packet could be lost forever.
In Python, a socket for UDP can be created using the socket.SOCK_DGRAM family. For this assignment, I am using Python version 3.6. In this version, to establish a socket for UDP, you can use the below syntax in Figure 2. Figure 2 uses socket.AF_INET which tells you what type of address family your socket can communicate with. Using AF_INET means you can communicate with IPv4 addresses. Socket.SOCK_DGRAM) tells the system to communicate over the datagram protocol.
Figure 2.
Figure 3 is the setup and initialization of the UDP socket on my client. Figure 4 shows the UDP socket creation/initialization on the server. Figure 4 also shows the bind command on the server to bind the server to an IP address and Port. For this assignment, the server IP was hard coded to use the loopback address 127.0.0.1. The port number is passed as an argument and stored as a variable.
Figure 3.
This next piece of code in figure 5 is important for the assignment. I snipped this out because it receives the password payload from the client program, decodes and splits the passwords into an array based on the comma delimitator. Since the payload packet is being sent via the Socket.SENDTO() call, the data is being sent as bytes. The payload received has some various special characters that are needed to be removed. The code then strips all unnecessary characters from each password and stores them into an array variable. Each array variable is later used on the server to compare the password received and stored in the array variable with the server secret password. The server secret password is created with an argument when the server is launched.
Figure 5.
Figure 6.
Figure 7 is almost the whole snippet of code from the UDP_Client.py program. Most the of the client is handled in a while statement. Once the UDP protocol is initialized, the while loop basically runs through various socket.sendto() and socket.recvfrom() calls to send/receive packets of data. The assignment called for user authentication, so an if statement was used to look for a password reject packet, and if received would terminate the connection. If the pass_accept packet was received, then the while statement would continue, receive data and write to an output text file. The file hash is also sent to the client once the text file data is received to verify the file.
Figure 7.
Figure 8.
A successful server/client connection would yield not only an output txt file sent by the server, but also a lot of visible UDP traffic. Figure 10 below shows the complete UDP stream created by the server/client communication over UDP
Figure 10.
Wireshark Analysis
Part 1 of the assignment was the actual development of Python code to establish a simple server/client communication model. Part 2 of the assignment was to use the packet capture/sniffing software Wireshark to watch and analyze the UDP traffic communication. A successful client/server resulted in 8 UDP packets that were captured.
Figure 11 shows the first UDP data packet sent to the server on port 8888. The JOIN_REQ packet can be seen in the data field. The packet contains a lot of information, but some of the more important information would be the protocol being used (User Datagram Protocol), Source/Destination IP’s and ports as well as the packet raw data. This JOIN_REQ packet was a total of 8 bytes in size.
Figure 11.
Figure 12 is the next packet in the UDP communication between the client/server. The server is sending a PASS_REQ packet to the client. This packet is saying “hey please send me a password to continue”. You can see by the packet trace that the packet was sent from port 8888 on the server to the port being used by the client which is 61156.
Figure 12.
Figure 13 in the UDP communication is the client sending it’s password payload. The payload packet contains the three passwords input with arguments when the client was launched. A problem with UDP is that data is sent in clear text. As you can see below in the figure, all three passwords entered are shown in clear text! Also now that that his packet has a bit more in it’s payload, you can see the data size of the packet grow from 8 to 34 bytes.
Figure 13.
Figure 14 shows the PASS_RESP packet sent back to the server along with the password payload. Wireshark makes it easy for you to view the sending direction of the packet.
Figure 14.
The next packets show in Figures 15-16 show the server sending a PASS_ACCEPT packet to the client. This lets the client know that it passed it’s authentication. After the PASS_ACCPET packet is sent, then the data payload (input text file) on the server is sent to the client.
Figure 15.
To finish off the UDP data communication, a SHA1 hash packet is sent to the client to prove integrity of the data file received along with a TERMINATE packet letting the client know that the connection has now been closed. The Hex packet is also another packet that can be seen in clear text. This is a hex value calculated by the server on the input file passed through at run time.
Figure 18.
Testing Failure
Figures 19 and 20 below show my testing of password failure. Figure 19 shows the secret server password being “CYBER550”. Figure 20 shows three passwords passed through the client for authentication. None of the three passwords pass the password check on the client. You can see below the Abort message sent to the server console along with a TERMINATE packet sent back to the client.
Sources:
Python for Windows 3.6.4
Npcap 0.99-r2 for windows
Wireshark 2.4.5
https://github.com/awilk54/c550
https://github.com/awilk54/c550/commits/master
https://www.reddit.com/r/learnpython/comments/85nvc3/python_udp_socketrecvfrom_question/
https://www.reddit.com/r/learnpython/comments/856swy/python_udp_socket_help/
https://docs.python.org/3
Below is an assignment from my grad program where we were to demonstrate UDP socket programming using Python along with an analysis of packets using Wireshark.
If you want all of the code, visit the below GitHub link.
https://github.com/awilk54/c550
Introduction
For this exercise, we were to implement a simple UDP-based client-server system with limited security features. Thisexercise has two objectives: (i) help you get familiarized with Linux socket programming; (ii) experiment with packet sniffing and pcap analysis using Wireshark; practice the fundamentals of TCP/IP communications and handshake; and (iv) prepare you to tackle the next Lab assignment which involves the design of a more secure client server system.
Objective
For assignment 1, we were given specific requirements for implementing our own version of a UDP client/server connection. The client/server application needed to follow specific guidelines before delivering a complete report. The UDP server client should be a simple server application where authentication of a server password by a connecting client will deliver a file by the server. The client will need to create a UDP socket connection with the UDP server, send multiple password attempts and on successful authentication, receive a txt file from the server and write it to a new output text file. Below in figure one is an explanation of how the UDP Client/Server communication will process packet by packet.
Figure 1.
Code
In this section you will see snippets of code used to make the UDP client/server application work. The full program files will be submitted to Blackboard and can also be found in a repository setup on GitHub (https://github.com/awilk54/c550). Let me first start off by describing UDP (User Datagram Protcol). UDP works differently then TCP/IP. TCP/IP is what is called a stream oriented protocol, which means that all of the data sent must be transmitted in the right order. UDP is not a stream oreiented protocol. UDP is known as a “message oreineted protocol”. UDP is also known as “connection less”. In order to establish a communication between client/server using UDP, a socket is needed to be created. Due to UDP not being stream oriented, it’s packet delivery cannot be guarenteed. If network issues appear on the wire during a UDP packet send/receive, that packet could be lost forever.
In Python, a socket for UDP can be created using the socket.SOCK_DGRAM family. For this assignment, I am using Python version 3.6. In this version, to establish a socket for UDP, you can use the below syntax in Figure 2. Figure 2 uses socket.AF_INET which tells you what type of address family your socket can communicate with. Using AF_INET means you can communicate with IPv4 addresses. Socket.SOCK_DGRAM) tells the system to communicate over the datagram protocol.
Figure 2.
Figure 3 is the setup and initialization of the UDP socket on my client. Figure 4 shows the UDP socket creation/initialization on the server. Figure 4 also shows the bind command on the server to bind the server to an IP address and Port. For this assignment, the server IP was hard coded to use the loopback address 127.0.0.1. The port number is passed as an argument and stored as a variable.
Figure 3.
This next piece of code in figure 5 is important for the assignment. I snipped this out because it receives the password payload from the client program, decodes and splits the passwords into an array based on the comma delimitator. Since the payload packet is being sent via the Socket.SENDTO() call, the data is being sent as bytes. The payload received has some various special characters that are needed to be removed. The code then strips all unnecessary characters from each password and stores them into an array variable. Each array variable is later used on the server to compare the password received and stored in the array variable with the server secret password. The server secret password is created with an argument when the server is launched.
Figure 5.
The next piece of code in Figure 6 was coded on the UDP_Server.py program. This piece of code reads the input file passed in the server arguments and then coverts the data to bytes and sends it over the socket back to the client using the socket.sendto() call. This piece of code is also where the SHA1 hash is created and applied to the input file. This has is then converted to HEX and sent to back to the client. The hash in this assignment is used for file verification.
Figure 6.
Figure 7 is almost the whole snippet of code from the UDP_Client.py program. Most the of the client is handled in a while statement. Once the UDP protocol is initialized, the while loop basically runs through various socket.sendto() and socket.recvfrom() calls to send/receive packets of data. The assignment called for user authentication, so an if statement was used to look for a password reject packet, and if received would terminate the connection. If the pass_accept packet was received, then the while statement would continue, receive data and write to an output text file. The file hash is also sent to the client once the text file data is received to verify the file.
Figure 7.
Execution
Assignment 1 required that both the client and server pass user arguments in order to launch and run the client/server programs. For our UDP server client, we were required to pass the following arguments when launching the server.
./UDP_SERVER.py <port> <password> <input> file
You can see below in figure 8, that the server was executed in my example with 3 arguments.
1. Port which was equal to 8888
2. Password which was set to CYBER550
3. Input file which was Assignment1.txt
I took the time to have the server print out to the shell when it received its data packets as part of the client/server communication flow.
Figure 8.
In figure 9 you can see that as part of the assignment, we needed to pass 6 arguments.
./UPD_Client.py <ServerIP> <Port> <Pass1> <Pass2> <Pass3> <output file>
Figure 9.
When the client was executed in this example, 6 arguments were passed in total. As part of this assignment, the client was required to pass three passwords to the server for authentication. Once authenticated, the client would receive data from the server.
1. Server IP was set to 127.0.0.1
2. Port was set to 8888
3. Pass1 was set to Admin
4. Pass2 was set to P@ssword1
5. Pass3 was set to CYBER550
6. Output was set to output.txt
A successful server/client connection would yield not only an output txt file sent by the server, but also a lot of visible UDP traffic. Figure 10 below shows the complete UDP stream created by the server/client communication over UDP
Figure 10.
Wireshark Analysis
Part 1 of the assignment was the actual development of Python code to establish a simple server/client communication model. Part 2 of the assignment was to use the packet capture/sniffing software Wireshark to watch and analyze the UDP traffic communication. A successful client/server resulted in 8 UDP packets that were captured.
Figure 11.
Figure 12 is the next packet in the UDP communication between the client/server. The server is sending a PASS_REQ packet to the client. This packet is saying “hey please send me a password to continue”. You can see by the packet trace that the packet was sent from port 8888 on the server to the port being used by the client which is 61156.
Figure 12.
Figure 13 in the UDP communication is the client sending it’s password payload. The payload packet contains the three passwords input with arguments when the client was launched. A problem with UDP is that data is sent in clear text. As you can see below in the figure, all three passwords entered are shown in clear text! Also now that that his packet has a bit more in it’s payload, you can see the data size of the packet grow from 8 to 34 bytes.
Figure 13.
Figure 14 shows the PASS_RESP packet sent back to the server along with the password payload. Wireshark makes it easy for you to view the sending direction of the packet.
Figure 14.
The next packets show in Figures 15-16 show the server sending a PASS_ACCEPT packet to the client. This lets the client know that it passed it’s authentication. After the PASS_ACCPET packet is sent, then the data payload (input text file) on the server is sent to the client.
Figure 15.
Figure 16 in the UDP communication shows the data payload sent from the server to the client. Once again since this is UDP, the data is raw and can be sniffed and seen in clear site. Another note on this packet is the size. You can notice that this is by far the largest packet sent (476 bytes).
Figure 16.
Figure 17.
To finish off the UDP data communication, a SHA1 hash packet is sent to the client to prove integrity of the data file received along with a TERMINATE packet letting the client know that the connection has now been closed. The Hex packet is also another packet that can be seen in clear text. This is a hex value calculated by the server on the input file passed through at run time.
Figure 18.
Testing Failure
Figures 19 and 20 below show my testing of password failure. Figure 19 shows the secret server password being “CYBER550”. Figure 20 shows three passwords passed through the client for authentication. None of the three passwords pass the password check on the client. You can see below the Abort message sent to the server console along with a TERMINATE packet sent back to the client.
Figure 19.
Figure 20.
Figure 20 shows how the client will receive a wrong password message and an ABORT message letting the client know that it has just closed its UDP connection. Figure 21 is a shot of the Wireshark capture of the failed communication between the client/server. You can see that the server sends a packet that reads PASS_REJECT followed by a TERMINATE packet.
Figure 21.
And here is a snapshot of everything in production..
Figure 22.
Thanks for reading!!
Sources:
Python for Windows 3.6.4
Npcap 0.99-r2 for windows
Wireshark 2.4.5
https://github.com/awilk54/c550
https://github.com/awilk54/c550/commits/master
https://www.reddit.com/r/learnpython/comments/85nvc3/python_udp_socketrecvfrom_question/
https://www.reddit.com/r/learnpython/comments/856swy/python_udp_socket_help/
https://docs.python.org/3
8 Casinos Near Borgata - Mapyro
ReplyDeleteCompare casinos and find 양주 출장샵 the 여주 출장마사지 closest casino to Borgata. titanium tubing 1 Borgata Way Borgata Hotel Casino & 서귀포 출장안마 Spa 4 삼척 출장안마 star 8 Casinos Around Atlantic City. (mapyro image for