[HN Gopher] Arpchat - Text your friends on the same network usin... ___________________________________________________________________ Arpchat - Text your friends on the same network using just ARP Author : louismerlin Score : 251 points Date : 2023-08-09 14:24 UTC (8 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | gorkish wrote: | It's fun that it abuses ARP's ability to include an arbitrary | payload, but just to remind everyone of networking 101, thing | that the author is relying on is just the simple fact that | switches flood packets addressed to ff:ff:ff:ff:ff to the entire | broadcast domain. You can achieve similar message flooding | without having to have superuser/raw packet permissions by | directing packets to the L3 broadcast address whereupon they will | (usually) be L2 flooded (Aka it's fun to ping the broadcast | address.) | | Using ARP doesn't offer any particular advantage, and I would | note since many modern switches do thinks like snooping arp | packets, putting a high amount of bogus ARP traffic on the | network could actually have some negative impact. It's still fun | at any rate and reminds me of the type of crap that I used to | make when I was learning. As alluded to before, I personally | would have chosen to abuse ICMP for this purpose; maybe it's a | future avenue for development. Kudos to the fun project! | omitmyname wrote: | Are you referring to https://hpbn.co/? | jandrese wrote: | This may be even more fun than you expect. We were doing VLANs | using hardware from a major vendor to partition a network and | discovered that while the VLANs worked most of the time, they | were leaky with ARP traffic. It was causing us headaches because | the machines were supposed to be sending all of their traffic | through the router, but sometimes they were seeing ARP replies | that they shouldn't and were thinking that the other machines | would be reachable directly, causing them to be unable to send | traffic until the ARP cache entry timed out. We couldn't get the | vendor to show any interest in fixing the bug either, because | they were too big to care. | | It's possible this chat app could break through VLANs in certain | circumstances. | brirec wrote: | This is interesting to me for basically the same reason -- | being able to send and receive ARP messages with arbitrary | payloads would definitely make troubleshooting VLANs (and other | L2 connectivity) easier! | jandrese wrote: | Check out arping[1]. | | But it is easy to send out arbitrary ARP requests using | almost anything and watch them with Wireshark. | | [1] https://man7.org/linux/man-pages/man8/arping.8.html | archmaster wrote: | From my testing, it can break through a lot of things! | catboybotnet wrote: | Haha, this is amazing. Going to see if I'll get caught using this | later today. :) | teddyh wrote: | If you're limiting yourself to the local network, why use IP at | all, when you could use CHAOSNET? | hiAndrewQuinn wrote: | Oh heck yeah now this is what I'm talking about! Data link layer | shenanigans!! | | For that of you who have no idea what the Address Resolution | Protocol (ARP) is, to a first approximation it is the missing | link between your MAC address (what Ethernet runs on) and your IP | address (what Internet runs on). After your IP routing table, | which you can see with `route`, decides what immediate next IP | address to forward a packet to, then your ARP cache, which you | can see with `arp`, will decide which MAC address that IP | correspond to (usually your router's local IP address). | | Knowing that ARP even exists is considered mild esoterica today, | to say nothing of its IPv6 sibling the Network Discovery | Protocol. But even though you don't use it much in modern cloud- | based deployments, knowing it exists makes your bird's eye view | of how the whole network stack works that much more holistic. | pcthrowaway wrote: | > For that of you who have no idea what the Address Resolution | Protocol (ARP) is, to a first approximation it is the missing | link between your MAC address (what Ethernet runs on) and your | IP address (what Internet runs on) | | More commonly, this is 802.11 nowadays, though I guess ARP | would be used at any data link layer protocol when the host | needs to get an IP: | https://en.wikipedia.org/wiki/Data_link_layer | tibordp wrote: | Not sure I'd agree about it being esoteric. Understanding or at | least knowing about ARP is still very much essential for people | in networking. arping is a very useful tool for seeing if | machines on the same network segment are up and just not | responding to ICMP pings. Anyone looking at tcpdump/Wireshark | dumps will run into it sooner or latter. | | It is true that software engineers may sooner run into it when | debugging their home network than their application though as | cloud and traditional networks are very different. | rkagerer wrote: | If it really is becoming obscure that's a shame, I'm not sure | how you could pretend to understand how IP networks work | without having at least cursory familiarity with it. | ianlevesque wrote: | Well, it's like a series of tubes... | TacticalCoder wrote: | > Knowing that ARP even exists is considered mild esoterica | today | | And you can, say, hardcode the ARP entries from other computers | on your network when they have fixed IP addresses. | hk1337 wrote: | I did this with "net send" back in high school and got in | trouble. | hiatus wrote: | I don't think "net send" uses ARP as you had to be connected to | a domain iirc. | junon wrote: | Unless the network analyzer cared about malformed or weird ARP | packets (which it probably doesn't) then ARP messaging would | probably be undetectable. | huhtenberg wrote: | `write` sends its regards. | | https://en.wikipedia.org/wiki/Write_(Unix) | Terr_ wrote: | > I found that trick and showed it to some friends... But it's | hard to keep a secret, and somehow a larger non-friend group | was using it to cheat in a computer-lab class. I was offended | by the blatant cheating, and a little by the idea that certain | people I didn't particularly like were profiting from what I'd | found. | | > So I spoofed the system administrator's username (not hard on | Win9x) and sent off a stern warning, which must've surprised | them since suddenly all the messages stopped. :) | yarekt wrote: | Haha those were the days. Accidentally (on purpose) sent a | message to entire domain in college, IT teachers immediately | looked to us trouble makers :D | greenie_beans wrote: | was just thinking about the same thing but they didn't catch | me! | [deleted] | jedahan wrote: | I love (ab)using protocols that are built-in to most OS'. I wrote | a dumb fake samba share that let people see messages in | Finder.app/Explorer.exe/Gnome/KDE since I couldn't find a cross- | platform gui or cli messaging system that didn't require | installing special client software. (even netcat invocations were | not working when trying on our local network, and had OS-specific | flag differences if we wanted to do broadcast). | | You see the samba share message in your file browser, click it | and can edit the filenames to update a 3-line "bulletin board". | | https://github.com/jedahan/samba-haiku/blob/master/index.js | | Even this was a re-implementation that used WIFI ssids to make a | captive portal haiku. | | https://github.com/jedahan/haiku-wifi | cyberax wrote: | Ah, good old days of NetBEUI are finally returning! | lyapunova wrote: | This is a great and fairly accessible project. I'd like to give | this a shot at my local hackerspace! | archmaster wrote: | Hey, I made this! I also made this other thing on HN today | (https://news.ycombinator.com/item?id=37062422), really cool to | see ArpChat as well (guess someone went through my profile). It | was a super fun project and I learned a lot about networking. | | I actually got a chance to use it in a totally-offline setting a | bit ago, which was fun! ... however, I then found a major bug | that was causing tons of latency, and I fixed it but I haven't | gotten around to building new artifacts yet, so you might want to | build from scratch if you're planning on testing it out in a real | setting for some reason. I also added fun username colors and | message times. I promise I'll upload a new release soon! | | If you're interested, I wrote an article about a year ago about | how ArpChat works: https://kognise.dev/writing/arp | fullstop wrote: | Do you expect this to work on Linux? # sudo | getcap ./arpchat ./arpchat cap_net_raw=ep | | I receive "error getting channel, might be missing permissions" | | edit: the received error is from arpchat, not any of the setcap | setup. | archmaster wrote: | not sure if your formatting is messed up, but these commands | should work: $ sudo setcap CAP_NET_RAW+ep | ./arpchat $ ./arpchat | | perhaps try sudo on the arpchat binary if not | adsche wrote: | If you use SELinux, you might want to check | /var/log/audit/audit.log | fullstop wrote: | That was me showing you that setcap had, in fact, been | called. That's why it's the output of getcap. | | I tried it with sudo and it also failed with the same | message. | | I've tried it on an arch-based laptop and a debian-based | laptop with the same results. | archmaster wrote: | i see. hmmmmm ... that's not supposed to happen, and it | works fine on both nixos and ubuntu for me. may be | something funky going on, i'll see if i can take a look | sometime soon. | fullstop wrote: | Using the prebuilt binary works. Building from source | does not. | anfractuosity wrote: | By modifying Cargo.toml slightly, I no longer got the | same error, which seems to somehow relate to pnet | library. pnet = "0.34.0" | | Interestingly with Arch it worked fine for me before, but | with my Pi, I got the permission error, but changing the | pnet ver seemed to fix anyway. | fullstop wrote: | This fixed it for me. | | Regarding Arch, I updated everything earlier today but I | am running the LTS kernel. | junon wrote: | The readme banner at the bottom is absolutely hilarious and | beautiful. This is neat, great job! | [deleted] | IgorPartola wrote: | Back when IPv4 NAT was sort of standard (still is but so is IPv6 | as well as GCNAT now), I created a thing I called NATChat. It | would basically just create a chat room for you based on your | public IPv4 address, allowing you to chat with anyone on your | network. Was kinda neat to use in office with others (back when | that was also a thing). | bgorman wrote: | It is also possible to configure device IP addresses directly | with ARP https://jetdirect.printerdepo.com/en/hp-jetdirect-print- | serv... ___________________________________________________________________ (page generated 2023-08-09 23:00 UTC)