Hacking Network APIsBy Dan Nagle

Dan Nagle

• Sr SW Engineer for SVSI (now part of Harman)• Wrote a book published by CRC Press that is now

quite outdated• Inventor of Packet Sender as well as some really

obscure apps• GitHub.com/dannagle• Twitter.com/NagleCode• LinkedIn.com/in/dannagle • (If you want to connect, use dan@dannagle.com)

WiresharkPacket capture and analysis

Since 1998.

https://www.Wireshark.org/

Capture live packets.

Packet SenderSend and Receive TCP/UDP

Since 2011.

https://PacketSender.com/

Common Uses• Control devices beyond their original apps• Automation• Developing network APIs• Malware analysis• Testing network connectivity/firewalls• Tech support (portable Packet Sender)

TCP versus UDP

TCP UDPDevice Control ✓ ✓File Download ✓ ✖Device Polling ✖ ✓http / ssh / telnet / ftp / git ✓ ✖

Live Streaming Video ✖ ✓Broadcast / Multicast ✖ ✓

Transmission Control Protocol vs User Datagram Protocol "Guaranteed" vs "best effort"

With UDP, you are trading accuracy for speed.

Create packets. Capture packets. Easy interface.

Linux-style command line switchespacketsender -taw 500 example.com 22 "Hello\nWorld"

TCP (54747)://91.189.94.40:22 48 65 6c 6c 6f 0a 57 6f 72 6c 64 Response Time:5:51:37.042 pm Response HEX:53 53 48 2D 32 2E 30 2D 4F 70 65 6E 53 53 48 5F 36 2E 32 70 32 20 55 62 75 6E 74 75 2D 36 2E 31 2E 49 53 50 41 54 43 48 45 44 2E 31 32 2E 30 34 0D 0A Response ASCII:SSH-2.0-OpenSSH_6.2p2 Ubuntu-6.1.ISPATCHED.12.04\r\n

The Setup

Questions?

PacketSender.comTwitter.com/NagleCode