lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 16 Dec 2009 23:24:10 -0800
From: Dan Kaminsky <dan@...para.com>
To: 蹫 <kimms@...osec.co.kr>
Cc: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com
Subject: Re: (no subject)

Easily the best environment for packet manipulation is scapy.

The most guaranteed to work approach involves putting a system with two
interfaces in as an attacker, and running two scapy processes that copy
frames received on one interface onto the other one.  Of course, your copier
parses the frames, changes what needs to be changed, fixes up checksums,
etc.

There are other approaches that are preferable for all sorts of reasons, but
the above means you don't need to fight with ARP or addresses or firewall
rules or the kernel.  (Proxy ARP, mangle tables, yadda yadda yadda.)

2009/12/16 蹫 <kimms@...osec.co.kr>

>  Hello. List.
>
>
>
> I'm pentesting IPTV.
>
>
>
> Our IPTV network structure is this.
>
>
>
> Monitor - IPTV - VDSL modem - ISP
>
>
>
> So, for packet manipulation
>
> I have to ARP spoofing or change network structure
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> But, I don't know IPTV SetupBox(STB)'s netmask and gateway address.
>
> So I wanna make this network
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> Attacker is a computer.
>
> This computer have two NIC.
>
> Two NIC only transmit and receive packet. They have no IP address.
>
> I wanna manipulate this packet's field
>
>
>
> Do you know how make this network?
>
> Do you know tools that manipulate every packet (http, rstp, igmp, etc,.)?
>
>
>
> Thanks
>
> KIM
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists