ip_spoofing's Introduction
IP Spoofing : IP spoofing refers to the process of creating and sending an IP packet for a certain destination using a different src address, then the actual source IP address. Spoofing the source IP address can be possibly used for, 1. the purpose of concealing the identity of the sender or 2. impersonating another computing system (misleading the destination) 3. defeating network security measures, such as authentication based on IP addresses Implemented attacks(mostly on Internet Protocol): 1. Denial Of Service attack (DOS attack) Goal : To flood the victim with overwhelming amounts of traffic, without considering the responses to the attack packets. Prerequisites : No service/response is expected from the targeted machine, thus it makes up to the most basic form of attack. Strategy : Saturating the target machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable (Server overload). Consequence : Makes the network resource unavailable to its intended users. Forces the targeted computer(s) to reset, or consume its resources so that it can no longer provide its intended service Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately - Implemented ICMP Flooding, Source code : dos_attack.py ICMP pacekts contained in IP packets are forwarded to the target, by using many different IP addresses along many threads simultaneously, and each thread sends the IP packets indefinitely Test command : sudo python dos_attack.py "target_IP_address" Note : "impacket" module needed beforehand 2. ARP Poisoning ARP Introduction : ARP or Address Resolution Protocol defines the mapping from "network" layer [MAC layer] to the "link" layer [IP/TCP layer] Each system on a network maintains its own ARP table, which keeps on updating at regular intervals of time Continuos updates to the ARP table are done by making use of the information catered from the received packets from all the nodes communicating to this machine. Thus ARP poisioning can be readily implemented by sending a deceived ethernet packet containg the ARP packet, which misguides the destination system about the MAC address of the source it assumes the packet has been received from. Goal : To modify the ARP table of the targeted machine. Prerequisites : No support is expected from the targeted machine for the poisioning, but it does require the IP addresses of both the machine being poisoned as well as the IP address of the corresponding entry of the ARP table. Strategy : The ARP packet can either be sent directly to the targeted machine or be broadcasted(broadcasting is more preffered or else the differences in the IP-MAC mapping of the systems in a network results in poisoning being caught). Consequence : All the packets routed towards the victim by the target are caught by IP spoofing system(because of the MAC address) Any personal communications without private key encryption techniques can be easily tracked of, thus destroying the privacy Man in the middle attack is the greatest threat on security that follows - Implemented ARP poisioning, Source code : arp_poisoning.py ARP packets constructed through socket module only, are contained in the ethernet packet, and sent to the destination/broadcasted ARP header contains our MAC address, target IP and victims IP. MAC address need not be typed in by the spoofer, as it is automatically picked up by using some functions of "netifaces" "netifaces" module is implemented, but is not mandatory Test command : sudo python arp_poisoning.py "victim_ip" "target_ip" Note : "netifaces" module needed beforehand 3. Spam ping Ping is sending of ICMP messages to a ping server and expecting back a reply from it. Sping also reffered as "trackback spam" denotes the pings sent from spam blogs, or multiple pings in a short interval from a source, to make the content coming from the source appesr fresh. Goal : To send multiple pings, at a rate of around 100pings per minute Prerequisites : Strategy : Create an ICMP packet and send it with the spoofed IP address in the IP header. Consequence : Though it can be positively utilised to direct attention to recent blog posts, the service is being wrongly employed as a spamming techniques by different blogs to unnecessarily direct the readers to web pages that are not, in fact, recent blog posts - Implemented Spam ping, Source code : sping.py Test command : sudo python sping.py <spoofed_ip> <destination_ip> 4. HTTP spoofing Spoofing is a situation in which a program successfully masquerades as another by falsifying data and thereby gaining an illegitimate. Goal : Spoofing HTTP requests to a server by creating a TCP handshake session and then sending a simultaneous ack-get packet to successfully complete the handshake and receive a response. Prerequisites : Strategy : Check the refferer header of the HTTP request, and then implementing the neccesary modifications Consequence : Allows users to gain unauthorized access to the materials in situations where ip_address based authentication is used - Implemented HTTP spoofing, Source code : http_spoofing.py Test command : sudo python spoofed_ip server_ip port
ip_spoofing's People
Forkers
manishps824 akarshan2701 psaria me123abc can-acar mmenchu lapngodoan ankit-chauhan hth225 nacho219 kostyll minimedj hoangcuongflp assaultkoder95 fatal-dose mprota shivanxi purintibkaew j0hn8uff3r kungyu evido3s hktalent fjavidcr lancelot314 andreszeng coldsmoke627 beekalam pkjmesra sarthak1598 hackingariseofficial louis-xer skilincer injectcode hridoy100 tquentin 5l1v3r1 zomin28 joshmn artushar manjushavnair floatingnumber fork-and-test harishankarn04 alvaro-veiga omadridi858ip_spoofing's Issues
Error
I have an error on line 30
Can u help me please
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.