Skip to content

hong539/tcpjack

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
include
include
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

TCP Jack

Hijack established TCP connections.

Send data over existing TCP connections. Perform analysis of routing topology using established TCP connections.

Installing

Install tcpjack like any normal Linux program. Download the source code and compile using your local C compiler.

wget https://github.com/krisnova/tcpjack/archive/refs/tags/v0.0.2.tar.gz
tar -xzf v0.0.2.tar.gz
cd tcpjack-0.0.2
make
sudo make install

Example Hijacking a TCP connection

The following example shows how to hijack an existing TCP connection using the -j flag. tcpjack will use ptrace to briefly interrupt the client with the specified inode. During the interruption, tcpjack will steal the established connection's open file descriptor. After the file descriptor has been copied, the process resumes normal processing. The newly copied file descriptor is used to create a spoofed client over the same connection as the original.

# Terminal 1
ncat -l 9074

# Terminal 2 
ncat localhost 9074

# Terminal 3 
tcpjack -l | grep ncat 
  ncat   9321  72294 127.0.0.1:48434 ->  127.0.0.1:9074 
  ncat   9237  76747  127.0.0.1:9074 -> 127.0.0.1:48434 
echo "PAYLOAD" | sudo tcpjack -j 72294

About

TCP Instrumentation

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 95.1%
  • Makefile 4.9%