[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f26cd0910912162324g110b0b34m46b589f4692a9f5e@mail.gmail.com>
Date: Wed, 16 Dec 2009 23:24:10 -0800
From: Dan Kaminsky <dan@...para.com>
To: ±è¹«¼º <kimms@...osec.co.kr>
Cc: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com
Subject: Re: (no subject)
Easily the best environment for packet manipulation is scapy.
The most guaranteed to work approach involves putting a system with two
interfaces in as an attacker, and running two scapy processes that copy
frames received on one interface onto the other one. Of course, your copier
parses the frames, changes what needs to be changed, fixes up checksums,
etc.
There are other approaches that are preferable for all sorts of reasons, but
the above means you don't need to fight with ARP or addresses or firewall
rules or the kernel. (Proxy ARP, mangle tables, yadda yadda yadda.)
2009/12/16 ±è¹«¼º <kimms@...osec.co.kr>
> Hello. List.
>
>
>
> I'm pentesting IPTV.
>
>
>
> Our IPTV network structure is this.
>
>
>
> Monitor - IPTV - VDSL modem - ISP
>
>
>
> So, for packet manipulation
>
> I have to ARP spoofing or change network structure
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> But, I don't know IPTV SetupBox(STB)'s netmask and gateway address.
>
> So I wanna make this network
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> Attacker is a computer.
>
> This computer have two NIC.
>
> Two NIC only transmit and receive packet. They have no IP address.
>
> I wanna manipulate this packet's field
>
>
>
> Do you know how make this network?
>
> Do you know tools that manipulate every packet (http, rstp, igmp, etc,.)?
>
>
>
> Thanks
>
> KIM
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists