https://stackoverflow.com/questions/22720788
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThanks for taking a stab at it. There is one important thing to keep in mind with the DHCP release message. When you send the message to the server, it won't actually cause the IP address to be released on your local machine. If you are thinking of creating a demonstration of a DOS or some other attack by using RELEASE, you won't have much luck.
The release message simply tells that DHCP server that the client is relinquishing the network address and cancelling the remaining lease. It is up to the client to stop using the address after it has relinquished it.
In terms of why it might not be working for you, there are a couple of things that come to mind.
- The mac address might be incorrect, you didn't include how you set my_mac... you can't simply use a string here. You can use the value obtained from the get_if_raw_hwaddr function.
- You are missing the client address and transaction ID in the bootp part of the message.
- You are missing the server identifier, and end in the DHCP options. If you used a client identifier to obtain the address, you must use this in the release. The standard dictates this, but not all DHCP servers mandate it.
Here is an example that works for me. You can find out more about DHCP by reading the RFC specification and/or using Wireshark to capture and observe real packets.
from scapy import *
fam,hw = get_if_raw_hwaddr('wlan0')
send(IP(src=my_ip,dst=server_ip) /
UDP(sport=68,dport=67) /
BOOTP(chaddr=hw, ciaddr='192.168.0.101', xid=random.randint(0, 0xFFFFFFFF)) /
DHCP(options=[("message-type","release"), ("server_id", "192.168.0.1"), 'end']))
