| Author |
Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
Hey there people 
I've been studying lately spoofing and packet forging to understand more deeply the principles of Kevin Mitnick's Christmas Attack. From my google searches, i've learnt a lot about all that but i still have some doubts i'd like to discuss with you...
1) Spoofing attacks are extremely useful, and i really fell in love with man in the middle attack. I really wanna make pratical use in my network to learn a bit more of how i can employ such technique. I've been searching around for source codes and or codes to make my own spoofer since i'm not an ace programmer, but i couldn't find any. Does anybody know a spoofer, a source code, or knows how to make his/her own spoofer?
2) I've learnt what is the real aspect of TCP/IP packets and understand what aspects should be changed for them to be forged, but i still don't understand how can i capture and change them, or simply create one and send to another pc. Can anybody explain me? (believe me. Searched it all day in google, and it was not there)
PS: for 2) i understand how TCP/IP protocol works, so no need to explain it from the basic points... go straight to the point |
|
| Author |
RE: Forging Packets |
moxsentre
Member
Posts: 40
Location:
Joined: 14.04.08
Rank: Apprentice |
|
Bumped
Dont Hate The Game Hate The Player! |
|
|
| Author |
RE: Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
I've realized... nobody could answer me  |
|
|
| Author |
RE: Forging Packets |
Pwnzall
Member
Posts: 234
Location:
Joined: 10.04.08
Rank: Hacker Level 3 |
|
Before you do that, I think you should learn how to code sockets first.
C
PHP- you can search these from php.net or w3schools.com search function
Method 1: fsockopen, fwrite, fgets, feof
----
Method 2: socket_create, socket_write, socket_read
----
Method 3: cURL
I've found sample code in Perl:
http://www.perlmonks.org/index.pl?node_id=17576&lastnode_id=63535
Python:
http://www.blackhat-forums.com/index.php?showtopic=6634
Perhaps you could look through the source code for Ettercap:
http://ettercap.sourceforge.net/download.php
You could also search around http://www.blackhat-forums.com. They have some damn good example C code.
Pure madness! There must be a method! There is a method!
Edited by Pwnzall on 26-09-08 22:36 |
|
|
| Author |
RE: Forging Packets |
Neqtan
Member
Posts: 142
Location: The well of Segais
Joined: 04.07.07
Rank: HBH Guru |
|
chess_rock wrote:
Hey there people
I've been studying lately spoofing and packet forging to understand more deeply the principles of Kevin Mitnick's Christmas Attack. From my google searches, i've learnt a lot about all that but i still have some doubts i'd like to discuss with you...
Mitnick hey. Im not familiar with his Christmas Attack. Ill have to check that out.
1) Spoofing attacks are extremely useful, and i really fell in love with man in the middle attack. I really wanna make pratical use in my network to learn a bit more of how i can employ such technique. I've been searching around for source codes and or codes to make my own spoofer since i'm not an ace programmer, but i couldn't find any. Does anybody know a spoofer, a source code, or knows how to make his/her own spoofer?
Im not sure what youve been trying for keywords. But i used "spoofing+tools" in a google search and got a page full of tools.
Then i also tried "spoofing tool+source code" and got a good list again.
I hope that helps.
2) I've learnt what is the real aspect of TCP/IP packets and understand what aspects should be changed for them to be forged, but i still don't understand how can i capture and change them, or simply create one and send to another pc. Can anybody explain me? (believe me. Searched it all day in google, and it was not there)
PS: for 2) i understand how TCP/IP protocol works, so no need to explain it from the basic points... go straight to the point
Ive run out of time here but this turned up some good stuff.
capture packets+Forging packets
Sorry i cant help more.
Neqtan
 |
|
|
| Author |
RE: Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
|
Im not sure what youve been trying for keywords. But i used "spoofing+tools" in a google search and got a page full of tools.
Then i also tried "spoofing tool+source code" and got a good list again.
I hope that helps.
Yeah, i also used keywords, but then when i checked the tools were either for Linux, Mac, or for testing vulnerabilities.
I need something for windows that attacks vulnerabilities, so that i can continue my studies and learn how can i protect my systems of spoof attacks, and how far can they go.
There was this spoofer named ARP spoofer, but it didn't work... it is not compatible with vista  |
|
|
| Author |
RE: Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
sorry for the double post, but i'm afraid i haven't been clear enough...
Imagine... I sniff a network and capture all the information that its packets contained... how can i make use of the next packets, if the packets i sniffed have already passed?
if i can make use of those packets, how can i change their values? |
|
|
| Author |
RE: Forging Packets |
Chinchilla3k
Member
Posts: 72
Location:
Joined: 11.05.07
Rank: Newbie |
|
|
chess_rock wrote:
I like sniffing.. how to spoof in windows
First read this
http://msdn.microsoft.com/en-us/library/ms740548.aspx
Take note of the limitations brought on by SP2.
Then realize that despite the limitations in the standard network drivers provided with windows, Microsoft allows companies to develop their own drivers (including networking drivers). WinPcap was developed to address the limitations.
http://www.winpcap.org/docs/default.htm
the functionality you want is part of their NPF protocol driver.
To sniff traffic that doesn't belong to you, you need to poison the arp tables of the router.
edit:grammar
Edited by Chinchilla3k on 26-09-08 23:50 |
|
|
| Author |
RE: Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
|
I like sniffing...
i don't remember saying that... and by the way... who said i want to sniff???
i remember asking how could the packets that i sniffed (past), could be used on future modifications of TCP/IP packets transfered....
Edited by chess_rock on 27-09-08 14:32 |
|
|
| Author |
RE: Forging Packets |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
|
chess_rock wrote:
i remember asking how could the packets that i sniffed (past), could be used on future modifications of TCP/IP packets transfered....
Packet injection. I believe there used to be a *nix tool called "Nemisis" that did just that; development stopped on it a while back, but the source should be invaluable for demonstration. Use the info Chin and Pwn gave you to work with Windows sockets. Oh, and if you run into the "Linux-only" problem... install Cygwin and try installing the prog in there.
Finally! So many stupid threads and responses, but I found one I can actually say something useful in for my 1337th post. Read it and weep.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: Forging Packets |
chess_rock
Member
Posts: 238
Location:
Joined: 20.02.08
Rank: God |
|
hey thank ya Zephyr and Pwn!  I'll take a look at all these things in a few hours
btw, i hadn't seen Pwn post, sry....  thank ya |
|
|
| Author |
RE: Forging Packets |
Pwnzall
Member
Posts: 234
Location:
Joined: 10.04.08
Rank: Hacker Level 3 |
|
You're very wecome. I'm glad I could help.I googled 'packet construction c' and found this http://www.ddj.com/cpp/184401729?pgno=3. It's in C++, but it is very thorough.
@Zephy,  
Pure madness! There must be a method! There is a method!
Edited by Pwnzall on 27-09-08 18:57 |
|
|
| Author |
RE: Forging Packets |
fashizzlepop
Member
Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank: Uber Elite |
|
If you are stuck with Vista for now but really really want to try out linux(maybe you are somewhat familiar or not) then you could try a Backtrack 3 live CD and there is just aboot all the tools you could possibly use right there at your fingertips.
"The definition of insanity is doing the same thing over and over again and expecting different results.”
~Albert Einstein~
 |
 
|
Main:
