Master the fundamental concepts of raw sockets through this focused micro-challenge.
Ethernet switches route by MAC address, not IP. When your host knows 192.168.1.1 is on the local subnet but not its MAC, it broadcasts an ARP request: "who has 192.168.1.1?"
| Field | Value for Request |
|---|---|
| Hardware type | 1 (Ethernet) |
| Protocol type | 0x0800 (IPv4) |
| HW addr len | 6 |
| Proto addr len | 4 |
| Opcode | 1 (request), 2 (reply) |
| Sender MAC/IP | your interface |
| Target MAC | 00:00:00:00:00:00 (unknown) |
| Target IP | 192.168.1.1 |
The Ethernet frame wraps this with destination ff:ff:ff:ff:ff:ff (broadcast), your source MAC, and EtherType 0x0806.
On Linux, AF_PACKET + SOCK_RAW lets you inject layer-2 frames directly:
cLoading…
Because ARP sits below IP, you must build the Ethernet header yourself. Only the host owning the target IP unicasts a reply back to your MAC.
This task asks you to document ARP request construction with all fields printed. RFC 826 defines exactly this 28-byte layout, and the lack of authentication in ARP is why tools like arpspoof can poison caches with forged replies.
Implement a C program that documents ARP request construction.
Requirements:
Success Criteria:
Three hints are available for this task, revealed one at a time inside the code workspace so you can struggle productively before seeing them.
All starter code and reference implementations are available for your local setup.
View on Github