Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Interesting: icmp without priviledges or capabilities #105

Open
3 tasks
dreua opened this issue May 4, 2023 · 3 comments
Open
3 tasks

Interesting: icmp without priviledges or capabilities #105

dreua opened this issue May 4, 2023 · 3 comments

Comments

@dreua
Copy link
Member

dreua commented May 4, 2023

It should be possible to send and receive icmp pings without priviledges or capabilities:

Unfortunately it's not as simple as:

        if( psaddr.sin6_family == AF_INET )
        {
-               return socket(PF_INET, SOCK_RAW, IPPROTO_ICMP);
+               return socket(PF_INET, SOCK_DGRAM, IPPROTO_ICMP);
        }
        else if( psaddr.sin6_family == AF_INET6 )
        {
-               return socket(PF_INET6, SOCK_RAW, IPPROTO_ICMPV6);
+               return socket(PF_INET6, SOCK_DGRAM, IPPROTO_ICMPV6);
        }

This compiles and runs but it shows all pings as lost. Might be easy to fix, I've just spent two minutes to make this quick test.

The usage of this kernel feature might be restricted, but I expect it to be allowed on all modern unix systems. (I may be wrong, but has probably been introduced to allow containers (docker etc.) to use ping without any priviledges. As using containers is pretty standard nowadays it is reasonable to assume that it should be allowed on all modern Linux distributions.)

# Fedora Linux 38
$ sysctl net.ipv4.ping_group_range 
net.ipv4.ping_group_range = 0	2147483647

# Lineage OS on Pixel 3a
sargo:/ $ sysctl net.ipv4.ping_group_range                                                                          
net.ipv4.ping_group_range = 0	2147483647

TODO

  • Check for rate limiting
  • Check with IPv6 (i.e. why is the kernel setting ipv4 only?)
  • Check on unrooted stock Android
@cnlohr
Copy link
Member

cnlohr commented May 9, 2023

THIS WOULD BE AMAZING Please investigate if you can!

@dreua
Copy link
Member Author

dreua commented Jun 28, 2023

Help wanted: Can you run sysctl net.ipv4.ping_group_range (it only reads the value) and report it together with your distribution and its version? Data on Android phones would be welcome, too.

@cnlohr
Copy link
Member

cnlohr commented Jun 28, 2023
edited 

$ sysctl net.ipv4.ping_group_range
net.ipv4.ping_group_range = 0	2147483647
$ uname -a
Linux charlesl-linux 5.15.0-75-generic #82~20.04.1-Ubuntu SMP Wed Jun 7 19:37:37 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.6 LTS"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cnlohr @dreua