Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remote / listen tubes disagree on default IP stack for localhost #1552

Closed
heapcrash opened this issue Jun 5, 2020 · 4 comments · Fixed by #1569
Closed

remote / listen tubes disagree on default IP stack for localhost #1552

heapcrash opened this issue Jun 5, 2020 · 4 comments · Fixed by #1569
Labels
bug

Comments

@heapcrash
Copy link
Collaborator

I ran across this while trying to test the UDP stack of tubes, the listen() binds to IPv4, but remote() attempts ::1 for localhost.

This is probably not a real issue, but I could see it causing issues for people trying to connect to localhost for some challenge that sets up a server. For TCP we try each interface, but since UDP has no connection handshake, there is no way to detect failure.

Not sure how to / if we can solve this.

>>> l = listen(0, typ='udp')
[x] Trying to bind to 0.0.0.0 on port 0
[x] Trying to bind to 0.0.0.0 on port 0: Trying 0.0.0.0
[+] Trying to bind to 0.0.0.0 on port 0: Done
[x] Waiting for connections on 0.0.0.0:56945
>>> r = remote('localhost', l.lport, typ='udp')
[x] Opening connection to localhost on port 56945
[x] Opening connection to localhost on port 56945: Trying ::1
[+] Opening connection to localhost on port 56945: Done
>>> r.send('asdf')
# nothing
>>> r = remote('127.0.0.1', l.lport, typ='udp')
[x] Opening connection to 127.0.0.1 on port 56945
[x] Opening connection to 127.0.0.1 on port 56945: Trying 127.0.0.1
[+] Opening connection to 127.0.0.1 on port 56945: Done
>>> r.send('asdf')
[+] Waiting for connections on 0.0.0.0:56945: Got connection from 127.0.0.1 on port 59155
@Arusekk
Copy link
Member

Arusekk commented Jun 5, 2020

Maybe it should just listen on both?

@zachriggle
Copy link
Member

We might be able to do that, but it would require lots of work since it's not possible to listen on both with the same socket object

@Arusekk
Copy link
Member

Arusekk commented Jun 8, 2020

Apparently it might be possible: https://stackoverflow.com/a/1618259/3869724

@heapcrash
Copy link
Collaborator Author

It looks like that isn't portable from Linux, e.g. all BSD and macOS by extension don't have that.

We can probably do some tricks with a separate listener thread but it'll be a big refactor. We should probably just ensure that in doctests we set the correct fam argument.

Arusekk added a commit to Arusekk/pwntools that referenced this issue Jun 9, 2020
@Arusekk
Use dual-stack sockets when family is 'any'
641ac27 
Also a minor cleanup in sock.py.
Tested on Linux and FreeBSD.
Closes Gallopsled#1552
@Arusekk Arusekk mentioned this issue Jun 9, 2020
Merged
heapcrash pushed a commit that referenced this issue Jun 16, 2020
@Arusekk @heapcrash
Use dual-stack sockets when family is 'any'
39a3b2e 
Also a minor cleanup in sock.py.
Tested on Linux and FreeBSD.
Closes #1552
@Arusekk Arusekk mentioned this issue Oct 4, 2020
Closed
@Arusekk Arusekk mentioned this issue Oct 20, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use dual-stack sockets when family is 'any' Arusekk/pwntools
3 participants
@zachriggle @Arusekk @heapcrash