There exists programs such as synner.pl or Xxpoof where one can send spoofed source packets to a target IP address. However, this is only limited to IP addresses. Is there any such way to do the same thing, but to a certain URL, rather than IP?
Say, for example, that example1.com and example2.com share the same IP address, but you only want to spoof an IP packet for example1.com, not example2.com. Would this be at all feasible?
Name:
Anonymous2008-05-26 11:29
Why, yes. Yes it would.
Use HTTP Host header.
Oh, and stop playing browser games, Christopher.
Name:
Anonymous2008-05-26 11:30
what the hell are you talking about?
Name:
Anonymous2008-05-26 11:35
>>2
When I use the HTTP Host header, nothing changes.
hello im fairX the haxxor join my community of hackers if you payme enough i will give you access to a private area of haxx ;)
Name:
Anonymous2008-05-26 12:21
hello m gay faggerton the faggot join my community of gay if you payme enough i will give you access to my penis and ass
Name:
Anonymous2008-05-26 12:23
Hello i'm Ben Bitdiddle the schemer, join my community of EXPERT PROGRAMMERS if you pay me enough i will give you access to a private area of LISP ;)
Name:
Anonymous2008-05-26 12:43
>>4
Well, maybe because simply sending same packets is a bad idea? Because the problem is not with virtual hosts? Did you think about that, Christopher?
>>11
Get wireshark, start capturing, login to your game, do some action, logout. Then login again, do same action, logout. Notice that packets for same action are different. Sending same packets won't give you the result you're expecting. Didn't fairX tell you that?
Name:
Anonymous2008-05-26 14:34
>>10,12
Is this somehow related to this thread, or is this just your way of saying "IVE READ TCP"?
Name:
Anonymous2008-05-26 14:39
>>13
What? I'm assuming the suggestion >>2 was making was to incorporate the HTTP Host header into the constructed packet with the spoofed IP address so that the request is sent to example2.com, rather than example1.com (as they would both share the same IP address).
>>15
That packet is spoofed; It already has Host header. Why did you not read the data you spoofed? It's in human-readable form (unlike xml), go ahead and open it in notepad.
wtf are you even asking. >>1 is nonsense. ip has no concept of urls or even domains.
Name:
Anonymous2008-05-27 8:21
>>25
"data" is part of the TCP header, not the IP header.
Name:
Anonymous2008-05-27 9:06
>>26
data ∉ header, tcp doesn't have those things either, spoofing a tcp packet is pretty much pointless since it won't get you a connection, and how is this relevant
>>28
Not >>27, but awesome, the only thing you can do is spoof SYNs. Nothing else.
What's the point?
Name:
Anonymous2008-05-27 12:13
I am not OP, but the point is: capture data marked data in >>28's nice diagram and order in which this data was transferred. Then at any time establish new connection and send this data again, with different sequence numbers and all other tcp shit.
But this won't work, because OP's browser game has something they call session, and after logging in you get new session id, and you must include it your packets, so sending same packets won't work.
Name:
Anonymous2008-05-27 12:20
With that in mind, would I need to develop a separate HTTP packet using an HTTP Perl package? I can develop a spoofed packet with Net::RawIP, but sending HTTP headers is another story. I was thinking of using the HTTP::Headers module to send HTTP headers following the IP packet if that's a possibility, hence I was asking about the "data" header.
Name:
Anonymous2008-05-27 12:22
>>31
oh common, libwwwperl. LWP. It does everything for you. How could you have missed it? Stop thinking, you're no good at this, and start using LWP.
Name:
Anonymous2008-05-27 12:27
>>30
OP here, I never mentioned a game. I'm simply trying to send it to a specific domain that's using a shared IP address.
Say example1.com and example2.com have the IP of 127.0.0.1 (local IP, I know). If you send a spoofed packet, it gets sent to 127.0.0.1, but say I want to send it specifically to example1.com so that it would show up in the logs of example1.com and not example2.com. According to >>2 I would need to utilize the HTTP Host header. My question is where in the code of >>18 would the headers be placed?
>>32
I know of LWP. I'm using it for the Net::HTTP module. My question is how would I incorporate it into the spoofed IP packet? As in, how would the HTTP packet appear as if it's coming from the spoofed IP?
Name:
Anonymous2008-05-27 12:40
Then stop pretending to know shit already; it should be a trivial matter if you have an existing script to add in the HTTP header necessary to select the proper host Oh noes I almost helped him
Name:
Anonymous2008-05-27 12:44
>>34
Post spoofed packet here, and then we're talking.
If you really did spoof it, it already has Host.
>>36
That's where my problem lies, though; in my script, it's only sending IP packets without HTTP packets. I'm at a loss as to where I would put the HTTP packets into the code. A snippet of the code is in >>18
Also, I'm not pretending that I know shit. If I knew exactly what to do, I wouldn't be asking for help.
You don't need anything else, no low-level Net modules.
If you're really interested where http goes, install normal packet spoofer, like wireshark, and open few sites with browser.
Name:
Anonymous2008-05-27 13:00
>>38
http uses TCP to communicate and TCP uses IP to implement data streams.
Name:
Anonymous2008-05-27 13:20
>>40
With that in mind, could I put the HTTP headers into the "data" string of the TCP packet in the script?
EXAMPLE1.COM AND EXAMPLE2.COM ARE SHARING THE SAME IP. IT DOESN'T MATTER IF YOU SEND IT TO THE FIRST URI OR THE SECOND. UNLESS YOU'R A NIGGER AND SPEAK OF SUBDOMAINS.
ANYWAYS, RAGE SAGE
Name:
Anonymous2008-05-27 17:50
>>46
That's not the point. The point is to direct the packet to the specific host.
what he said. you need to create application layer data for your spoofed packets and that means http. i know nothing of the perl modules in >>39 but maybe you could use them and extract the http stuff then inject that into your spoofed packets where the scalar $data is? again, i know nothing.
HTTP is on top of tcp, tcp sits on top of ip, ip sits on top of ethernet.
You need to understand the underlying protocols and networking if you want to "spoof" something. If you want to send a different header with you HTTP request that is different, just set <Header:>
to what you want and follow it with a \n\n or \r\n and you are ready to go.
Also, read rfc 2616, rfc 1945 and read some sections from TCP illustrated. You obviously lack networking knowledge.
Not that you need to be any type of network engineer to craft HTTP headers or anything. You do need to know what they do and the proper format.
scapy is the worst libpcap wrapper i've ever seen in my life and deserves to die in a fiery pit of hell. libpcap has nothing on libnet and everyone in the world knows it.
Name:
Anonymous2008-05-27 23:17
Spoofing stateful connections on the internet doesn't work these days due to randomized seq numbers for the connection. It was fun to blind spoof tcp connections when most servers would inc 64k for a new connection, but no servers will be running with such an outdated stack.
tl;dr - you cannot blind spoof if you need more than one packet.
They are meant to solve two similar, but different problems and it's unfair to compare the two. Libnet is great for packet manipulation and libpcap is awesome for packet capturing. Scapy makes working with libpcap fun and easy, but if you know of something better feel free to share.
>>62
Please stop it.
You lack understanding of subject.
No fancy $ct magic will help you.
Actually this data => $ct is so irrelevant that it makes me want to weep.
Why did you not listen to my suggestion in >>39?
If you think you a successive troll, you are not.
>>63
Those modules handle HTTP connections, yes, but what part of those modules make it so that the IP address is spoofed? I'm not talking about an X-FORWARDED-FOR or Via header through some proxy. Just a random number. Those modules deal with user agents.
Name:
Anonymous2008-05-28 13:06
Oh I misread OP.
You want spoofed packets.
Now this is plain stupid.
>>67
YOU CANNOT ESTABLISH TCP CONNECTIONS WITH A SPOOFED IP ADDRESS YOU FUCKTARD
IF YOU WRITE SOMEONE A LETTER AND GIVE THEM A FAKE ADDRESS, DO YOU REALLY THINK YOU'LL EVER GET A REPLY?
THE "FUNCTIONS" THAT LET YOU "SET YOUR IP" ARE THERE SO YOU CAN CHOOSE WHICH ADDRESS YOU WANT TO BIND TO WHEN YOUR MACHINE HAS MORE THAN ONE NETWORK INTERFACE
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy
All work and no play makes Jack a dull boy