ICMP-Ping-Spoofing icon indicating copy to clipboard operation
ICMP-Ping-Spoofing copied to clipboard

Published 20 hours ago verified publisher icon Subangkar

IP Spoofing doesn't work.

Open tigersoft18 opened this issue 5 years ago • 7 comments

Running the project successfully launches packets with spoofed IP and it is verified with Wireshark on my PC. But they never reach the target on internet. I've checked it working in my LAN. What's the difference between LAN and Internet in this project?

tigersoft18 avatar Sep 29 '20 13:09 tigersoft18

Considering that your target machine has real ip i.e. it is not behind any NAT, spoofed ping can still be traced if via intermediate routers by detecting an invalid source ip for the domain you are using. However, in my university LAN it worked pretty well.

On Tue, Sep 29, 2020, 7:53 PM Wenhao Wang [email protected] wrote:

Running the project successfully launches packets with spoofed IP and it is verified with Wireshark on my PC. But they never reach the target on internet. I've checked it working in my LAN. What's the difference between LAN and Internet in this project?

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/Subangkar/ICMP-Ping-Spoofing/issues/1, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFOFWCPDXBQ5KIAKZKQDYTDSIHRFFANCNFSM4R52SZEA .

Subangkar avatar Oct 01 '20 10:10 Subangkar

Normal packets arrive perfectly, but only spoofed packets are filtered out. It seems that intermediate routers are blocking them. Then, is it impossible to spoof source IP address on the internet? Are all spoofing PoCs are tested on LAN?

tigersoft18 avatar Oct 01 '20 11:10 tigersoft18

I think target machine is not the problem seeing that normal packets are working well. I wonder sender's routing structure blocks spoofing. Would you test your project on my target machine?

tigersoft18 avatar Oct 01 '20 11:10 tigersoft18

Well if the intermediate router can verify whether a source ip can exist in the incoming domain or not, it can certainly reject it. I'm currently occupied with a work right now. Feel free to send the spoofed ping to your target ip following the instructions mentioned in the readme file of the repo.

On Thu, Oct 1, 2020, 5:13 PM Wenhao Wang [email protected] wrote:

I think target machine is not the problem seeing that normal packets are working well. I wonder sender's routing structure blocks spoofing. Would you test your project on my target machine?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/Subangkar/ICMP-Ping-Spoofing/issues/1#issuecomment-702063417, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFOFWCNU4BQHLKOP7PN42YLSIRP37ANCNFSM4R52SZEA .

Subangkar avatar Oct 01 '20 13:10 Subangkar

I opened this issue because this repo doesn't work on my sender and target machines both on the internet. Would you just try sending spoofed ping to my target machine with your sender? I want to make it clear whether ip spoofing is still possible on the internet.

tigersoft18 avatar Oct 01 '20 13:10 tigersoft18

Well. it's an interesting matter to look into. But I currently have windows environment only. Thanks for letting me know. I will inform you once it is tried outside LAN.

Subangkar avatar Oct 01 '20 17:10 Subangkar

Can I tunnel ssh using icmp host spoffing

hacker25808674 avatar Mar 29 '23 12:03 hacker25808674