Sign in to follow this  
Followers 0
YourSpace

packet spoofing and pings

10 posts in this topic

#1 ·  Posted (edited)

Yesterday i was reading up on packet spoofing when i came accross some intresting info.

There appeared to be a way to spoof a packets destination so that when the server it was sent to(a web server) would attempt to connect to the spoofed address, and if it didnt exist the server would try for about 3 minutes to make a connection then stop trying.

Question 1) how do i send a standard ping using windows ping.exe through autoit without showing the window

Question 2) Does anyone know how to make spoofed packets? if so, could you give an example.

Edited by YourSpace

Share this post


Link to post
Share on other sites



ok i have an IF statment and i want the pinging to stop when the if stament is over, also i do not want ping.exe to show up in the procceses list, and way of stopping it from showing up?

also is there anyway to send a ping similar to what ping.exe does with tcp in autoit?

Share this post


Link to post
Share on other sites

I think, ping.exe uses the ICMP-Funcs, like here: http://www.autoit.de/index.php?page=Thread...57929#post57929


*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

Share this post


Link to post
Share on other sites

sorry but i had a little issue reading the forum, however i copyed the UDF and when i tryed it out autoit crashed.

and i belive ping works over tcp its just a packet with a certain set of instructiosn i belive if i can find the dat anessicary to send in that packet i should be able to spoof them...

Share this post


Link to post
Share on other sites

No, Ping is an ICMP command. And, btw. do you use 64bit OS? THe func is only for 32 Bit. For 64Bit, you need other DLLstructures and functions.


*GERMAN* [note: you are not allowed to remove author / modified info from my UDFs]My UDFs:[_SetImageBinaryToCtrl] [_TaskDialog] [AutoItObject] [Animated GIF (GDI+)] [ClipPut for Image] [FreeImage] [GDI32 UDFs] [GDIPlus Progressbar] [Hotkey-Selector] [Multiline Inputbox] [MySQL without ODBC] [RichEdit UDFs] [SpeechAPI Example] [WinHTTP]UDFs included in AutoIt: FTP_Ex (as FTPEx), _WinAPI_SetLayeredWindowAttributes

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

i use 32 bit....

my understanding is that all trafic goes over tcp and udp even http:// ftp:// ect ect its just tcp packets sent with certain headers.

i now understand how ICMP is there any way to send over ICMP with autoit without the needed dlls, a faster way, if nto can someone post an example udf that works using the dlls?(im not very good with dlls calls and such)

Edited by YourSpace

Share this post


Link to post
Share on other sites

ok i got a little more info.

TCP/SYN packets

i have read its possible to ping a server with this method

Each of these packets is handled like a connection request, causing the server to spawn a connection, by sending back a TCP/SYN-ACK packet

Share this post


Link to post
Share on other sites

ok i got a little more info.

TCP/SYN packets

i have read its possible to ping a server with this method

Each of these packets is handled like a connection request, causing the server to spawn a connection, by sending back a TCP/SYN-ACK packet

This method works but you have to connect to a port and that port has to have a TCP Server listening on that open port for this "ping" to work.

Share this post


Link to post
Share on other sites

so this wont work on standard port 80 web servers?

i had been told it would.

could someoen give an example of what data to include in such a packet?

and also the question about ping spoofing remains

Share this post


Link to post
Share on other sites

Ping spoofing has been discussed many times here and I don't think there has ever been a method developed for autoit but I can point you to looking at packetx and using the dll to make packets.

The TCP method would work on web servers since its actively running a TCP server and listening on an open port as I stated earlier. This has also been discussed before on the forums. Here is a good method for what you are looking for. LINK

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0