| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5598cfa10512051744g1866d8b1y@mail.gmail.com>
Date: Tue Dec 6 01:44:11 2005
From: mark.sec at gmail.com (Mark Sec)
Subject: Spoof tricks & Tips ?
Alo folks,
Well, im testing a servers and i need to scan all the ports evading IDS ,
IPS, i dont want to see my IP real
e.g spoof scan with Nmap
nmap -v -n -sT -P0 -e eth0 -p
21,22,23,25,111,135,139,445,443,1433,1434,1521,2301, -S 1.1.1.1
150.210.30.117
Or my little script:
=========cut here================================
#spoof addres that u want
spoofed=0.0.0
# target to scan
target=150.210.30.117
# target is the host to be scanned
port=1
# port will be incremented 1-1024
saddr=2
# saddr is the starting host of the spoofed address
while [ $port -lt 1024 ]
do
#nc -vv -u -w10 -n -z -s 0.0.0.${saddr} $target $port
# or
sleep 2
nmap -v -n -sT -P0 -e eth0 -p $port -S ${spoofed}.${saddr} $target
port=`expr $port + 1`
saddr=`expr $saddr + 1`
if [ $saddr -gt 254 ]
then
saddr=2
fi
done
exit
=============cute here==========================
Does anyone have more tricks, tips, shell scripts to scan and hiding-evading
IDS, IPS the real IP ?
- Mark :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20051205/c401fe99/attachment.html
Powered by blists - more mailing lists