Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Saturday, April 19, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 25
Guests Online: 24
Members Online: 1

Registered Members: 82832
Newest Member: SerMSYS
Latest Articles
View Thread

HellBound Hackers | Computer General | Networking

Author

MitM tool with packet delay

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 09-05-11 01:27
Hey guys,

I'm looking for a MitM tool that is capable of delaying packets for a configurable amount of time before sending them on their way. I was trying various methods via Ettercap filters, but I don't think something like that is going to work under Ettercap. Does anyone have an recommendation for a different tool capable of this? Linux support, of course.

Thanks :happy:


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: MitM tool with packet delay

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 09-05-11 15:59
My guess is that you won't be able to delay packets with ettercap, as it enables ip forwarding in the kernel, which probably can't be messed with easily.

Unfortunately I don't know of any programs that can do what you want. You could try to write write one yourself though Pfft
I'm curious, what use do you have for a program that delays the intercepted packets?


Try a new search engine
Author

RE: MitM tool with packet delay


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 09-05-11 18:18
As I proposed through IRC yesterday - redirect the traffic and make delay with iptables.

Here is another possible solution:
http://stackoverflow.com/questions/614795/simulate-delayed-and-dropped-packets-on-linux
Author

RE: MitM tool with packet delay

j4m32
Member

Your avatar

Posts: 81
Location:
Joined: 01.05.10
Rank:
Newbie
Posted on 09-05-11 22:57
Just to throw another idea out there, I don't know if this will work as it depends what you're doing, but it's just off the top of my head from something else I've seen for realtime packet decoding and dumping for game protocols called 'sudppipe' - sudppipe - see further down the page.

Just a UDP 'pipe' to a a specified IP, usually for a game server, you can run on a server / local machine and write yor own library for it to modify/decode/dump what ever you wish. I've dabbled with it, it's useful enough to bypass an IP ban Smile

Maybe you can use the same approach by some means? Maybe more difficult with a TCP connection depending on how it is supposed to operate. Just depends how flexible this MitM needs to be...

You could write your own take on this in what ever language you like I guess.
*EDIT* The time delay you can probably do a strait forward wait loop/event wait or pause.

Jim,


Edited by j4m32 on 09-05-11 23:01
Author

RE: MitM tool with packet delay

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 10-05-11 03:13
Thanks for the responses, guys.

starofale wrote:
Unfortunately I don't know of any programs that can do what you want. You could try to write write one yourself though Pfft


Yeah, if worst came to worst I was just going to roll my own arp spoofer. I might still do that to play with some C++ networking, but that's a future project.

I'm curious, what use do you have for a program that delays the intercepted packets?


I'm playing with methods of deliberately increasing lag on an Xbox360 console.

Jelmer's first suggestion, of using iptables, actually worked very beautifully. It always catches me off guard exactly what iptables is capable of doing, I seem to keep falling back to the idea that it's just some firewall software that goes on gateway systems >.>

If anyone is curious to the method I used, here is the original link: http://people.red. . .delay.html

I made a nice little script that loads net-delay.pl into the background, sets the iptables, and then loads up Ettercap and arp poisons the machine I need to delay traffic for. I needed to tweak the iptables commands a bit as so it doesn't delay traffic on my own system, but that just required changing the chain to OUTPUT and adding a second command that set a destination rule (so traffic is delayed both ways).

Thanks again for the help, especially Jelmer, I really like that method in retrospect Wink


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com