Skip to content

Library to send fake IPv4 headers & UDP/TCP-SYN packets to perform L3/L4 attacks

Notifications You must be signed in to change notification settings

StackOverflowExcept1on/ip-spoofing

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ip-spoofing

Build Status Latest Version Documentation

asciicast

Library to send fake IPv4 headers & UDP/TCP-SYN packets to perform L3/L4 attacks

In short, this library allows you to spoof your IP address on the network. For a better understanding, it is recommended to read the article from cloudflare: The real cause of large DDoS - IP Spoofing

It can be done on the L3 (network layer) of the OSI model

Today, not all ISPs check the integrity of IPv4 headers. Therefore, in a real network, there are 2 options for spoofing IP addresses:

  1. network level IP spoofing

    e.g. you have a server with the address 195.174.232.102, and the provider owns the IP range 195.174.224.0 - 195.174.239.255, this means that you can use any address from the range

  2. unlimited IP spoofing

    this allows you to spoof any ip address, you can pretend you own the address 8.8.8.8 (Google Public DNS)

The only limitation of spoofing is that you can send packets, but you cannot receive a response from the server.

You can check if this library works on your local network. To attack real networks, you need a specific provider that allows one of 2 spoofing options.

Code samples

You can see other code samples in the examples/ directory.

use ip_spoofing::{self, RawSocket, ReusablePacketWriter};

/// This example shows how to generate fake UDP packet
/// that delivers `b"hey"` bytes from "8.8.8.8:1234" to "127.0.0.1:5678".
///
/// I.e. the attacker changes its IPv4 address to 8.8.8.8 (Google Public DNS)
fn main() -> ip_spoofing::Result<()> {
    let socket = RawSocket::new()?;
    let mut writer = ReusablePacketWriter::new();

    socket.send_fake_udp_packet(
        &mut writer,
        [8, 8, 8, 8],   //source IPv4 address
        1234,           //source port
        [127, 0, 0, 1], //destination IPv4 address
        5678,           //destination port
        b"hey",         //data
        64,             //TTL on most Linux machines is 64
    )?;

    Ok(())
}

Useful links

About

Library to send fake IPv4 headers & UDP/TCP-SYN packets to perform L3/L4 attacks

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages