Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Forging Packets


chess_rock's Avatar
Member
0 0

Hey there people :)

I've been studying lately spoofing and packet forging to understand more deeply the principles of Kevin Mitnick's Christmas Attack. From my google searches, i've learnt a lot about all that but i still have some doubts i'd like to discuss with you…

  1. Spoofing attacks are extremely useful, and i really fell in love with man in the middle attack. I really wanna make pratical use in my network to learn a bit more of how i can employ such technique. I've been searching around for source codes and or codes to make my own spoofer since i'm not an ace programmer, but i couldn't find any. Does anybody know a spoofer, a source code, or knows how to make his/her own spoofer?

  2. I've learnt what is the real aspect of TCP/IP packets and understand what aspects should be changed for them to be forged, but i still don't understand how can i capture and change them, or simply create one and send to another pc. Can anybody explain me? (believe me. Searched it all day in google, and it was not there)

PS: for 2) i understand how TCP/IP protocol works, so no need to explain it from the basic points… go straight to the point :)


ghost's Avatar
0 0

Bumped


chess_rock's Avatar
Member
0 0

I've realized… nobody could answer me :P


ghost's Avatar
0 0

Before you do that, I think you should learn how to code sockets first.

C

(Windows) http://www.vijaymukhi.com/vmis/vmchap4.htm This one analyzes the composition of a packet

(Linux/Unix) http://beej.us/guide/bgnet/output/html/singlepage/bgnet.html

PHP- you can search these from php.net or w3schools.com search function

Method 1: fsockopen, fwrite, fgets, feof
----
Method 2: socket_create, socket_write, socket_read
----
Method 3: cURL 

I've found sample code in Perl: http://www.perlmonks.org/index.pl?node_id=17576&lastnode_id=63535

Python: http://www.blackhat-forums.com/index.php?showtopic=6634

Perhaps you could look through the source code for Ettercap: http://ettercap.sourceforge.net/download.php You could also search around http://www.blackhat-forums.com. They have some damn good example C code.


ghost's Avatar
0 0

chess_rock wrote: Hey there people :)

I've been studying lately spoofing and packet forging to understand more deeply the principles of Kevin Mitnick's Christmas Attack. From my google searches, i've learnt a lot about all that but i still have some doubts i'd like to discuss with you…

Mitnick hey. Im not familiar with his Christmas Attack. Ill have to check that out.

  1. Spoofing attacks are extremely useful, and i really fell in love with man in the middle attack. I really wanna make pratical use in my network to learn a bit more of how i can employ such technique. I've been searching around for source codes and or codes to make my own spoofer since i'm not an ace programmer, but i couldn't find any. Does anybody know a spoofer, a source code, or knows how to make his/her own spoofer?

Im not sure what youve been trying for keywords. But i used "spoofing+tools" in a google search and got a page full of tools. Then i also tried "spoofing tool+source code" and got a good list again. I hope that helps.

  1. I've learnt what is the real aspect of TCP/IP packets and understand what aspects should be changed for them to be forged, but i still don't understand how can i capture and change them, or simply create one and send to another pc. Can anybody explain me? (believe me. Searched it all day in google, and it was not there)

PS: for 2) i understand how TCP/IP protocol works, so no need to explain it from the basic points… go straight to the point :)

Ive run out of time here but this turned up some good stuff.

capture packets+Forging packets

Sorry i cant help more.

Neqtan


chess_rock's Avatar
Member
0 0

Im not sure what youve been trying for keywords. But i used "spoofing+tools" in a google search and got a page full of tools. Then i also tried "spoofing tool+source code" and got a good list again. I hope that helps.

Yeah, i also used keywords, but then when i checked the tools were either for Linux, Mac, or for testing vulnerabilities. I need something for windows that attacks vulnerabilities, so that i can continue my studies and learn how can i protect my systems of spoof attacks, and how far can they go.

There was this spoofer named ARP spoofer, but it didn't work… it is not compatible with vista :(


chess_rock's Avatar
Member
0 0

sorry for the double post, but i'm afraid i haven't been clear enough…

Imagine… I sniff a network and capture all the information that its packets contained… how can i make use of the next packets, if the packets i sniffed have already passed?

if i can make use of those packets, how can i change their values?


ghost's Avatar
0 0

chess_rock wrote: I like sniffing.. how to spoof in windows

First read this

http://msdn.microsoft.com/en-us/library/ms740548.aspx

Take note of the limitations brought on by SP2.

Then realize that despite the limitations in the standard network drivers provided with windows, Microsoft allows companies to develop their own drivers (including networking drivers). WinPcap was developed to address the limitations.

http://www.winpcap.org/docs/default.htm

the functionality you want is part of their NPF protocol driver.

To sniff traffic that doesn't belong to you, you need to poison the arp tables of the router.

edit:grammar


chess_rock's Avatar
Member
0 0

I like sniffing…

i don't remember saying that… and by the way… who said i want to sniff???

i remember asking how could the packets that i sniffed (past), could be used on future modifications of TCP/IP packets transfered….


ghost's Avatar
0 0

chess_rock wrote: i remember asking how could the packets that i sniffed (past), could be used on future modifications of TCP/IP packets transfered…. Packet injection. I believe there used to be a *nix tool called "Nemisis" that did just that; development stopped on it a while back, but the source should be invaluable for demonstration. Use the info Chin and Pwn gave you to work with Windows sockets. Oh, and if you run into the "Linux-only" problem… install Cygwin and try installing the prog in there.

Finally! So many stupid threads and responses, but I found one I can actually say something useful in for my 1337th post. Read it and weep. :)


chess_rock's Avatar
Member
0 0

hey thank ya Zephyr and Pwn! :D I'll take a look at all these things in a few hours :)

btw, i hadn't seen Pwn post, sry…. :happy: thank ya :D


fashizzlepop's Avatar
Member
0 0

If you are stuck with Vista for now but really really want to try out linux(maybe you are somewhat familiar or not) then you could try a Backtrack 3 live CD and there is just aboot all the tools you could possibly use right there at your fingertips.