Difference between revisions of "Summerschool Aachen 2004/Sniffing & Spoofing Lab"
Line 22: | Line 22: | ||
= Notes on Lab Session = | = Notes on Lab Session = | ||
+ | |||
+ | == Implementing the RST attack in Perl == | ||
+ | I have used this lab session to implement an RST based attack in a few lines of perl code, after Lutz had already written a shell script for it using nemesis and I had found out that we don't have a switch available which would allow me to have some fun with TSP. I used Net::RawIP to create the RST packets and basically loop creating more packets until the connection dies and the user cancels the script. This is pretty basic stuff, but I now finally got to actually using the mentioned module. Thanks to Mario, Thorsten and Chris for hinting me on one or the other occasion. | ||
+ | |||
+ | Work for the weekend might include semi-automating the script so you only give it a target ip (or a range of such) and it detects connections and automatically gets the needed header fields to construct the right RST packets. | ||
+ | |||
+ | -- [[Ernest Hammerschmidt]] | ||
[[Category:Summerschools]] | [[Category:Summerschools]] | ||
[[Category:Events]] | [[Category:Events]] | ||
[[Category:Hacks]] | [[Category:Hacks]] |
Revision as of 16:45, 24 September 2004
Contents
Notes on Presentations
Sniffing & Spoofing
The slides can be found here
TCP reset attack
- "Slipping In The window: TCP Reset Attacks" by Paul Watson, presented at CanSecWest 2004
ettercap 0.8 cmd lines
with 10.0.0.1 as gw and 10.0.0.100 as client
ettercap -T -M arp:remote /10.0.0.1/ /10.0.0.100/
Notes on Lab Session
Implementing the RST attack in Perl
I have used this lab session to implement an RST based attack in a few lines of perl code, after Lutz had already written a shell script for it using nemesis and I had found out that we don't have a switch available which would allow me to have some fun with TSP. I used Net::RawIP to create the RST packets and basically loop creating more packets until the connection dies and the user cancels the script. This is pretty basic stuff, but I now finally got to actually using the mentioned module. Thanks to Mario, Thorsten and Chris for hinting me on one or the other occasion.
Work for the weekend might include semi-automating the script so you only give it a target ip (or a range of such) and it detects connections and automatically gets the needed header fields to construct the right RST packets.