On Sun, 3 Jun 2001, Franklin DeMatto wrote: > Can anyone suggest a good tool to perform ip addr spoofing via source routing? You generally use source routing in an attack to get to an address you couldn't otherwise (for example, RFC1918 addresses.) > > That is, it should replace the source addr with a spoofed one, and add the > real one as a source route. That implies that you're trying to spoof your source address, and get the victim machine to source-route back [to|through] the real attacker IP. It doesn't work that way. Only the originator of a packet gets to specify that source routing is on. I know of no way to force a victim to use source routing. Or I'm misunderstanding your question.. > It must also forward the recieved packets, > since their dest addr will be the spoofed one. > > It should ideally be able to sit in between other apps, both ones that use > connect() and ones that use raw sockets, and modify the IP packets to > source route. This would allow use of preexisting tools without > rewrite/recompilation. Any router or bridge along the way could do that, if you had total control over it... but I think the basic premise of what you're trying to do is off. Ryan
This archive was generated by hypermail 2b30 : Sun Jun 03 2001 - 17:49:14 PDT