On Sun, 3 Jun 2001, Franklin DeMatto wrote:
> Can anyone suggest a good tool to perform ip addr spoofing via source routing?
You generally use source routing in an attack to get to an address you
couldn't otherwise (for example, RFC1918 addresses.)
>
> That is, it should replace the source addr with a spoofed one, and add the
> real one as a source route.
That implies that you're trying to spoof your source address, and get the
victim machine to source-route back [to|through] the real attacker IP.
It doesn't work that way. Only the originator of a packet gets to specify
that source routing is on. I know of no way to force a victim to use
source routing.
Or I'm misunderstanding your question..
> It must also forward the recieved packets,
> since their dest addr will be the spoofed one.
>
> It should ideally be able to sit in between other apps, both ones that use
> connect() and ones that use raw sockets, and modify the IP packets to
> source route. This would allow use of preexisting tools without
> rewrite/recompilation.
Any router or bridge along the way could do that, if you had total control
over it... but I think the basic premise of what you're trying to do is
off.
Ryan
Received on Jun 04 2001
Intro
