Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can not send non native IP address packets on Mac, Can you tell me, what OS can send non native IP address packets? #13

Open
whxloveyrh opened this issue Jul 12, 2017 · 7 comments
Open

Can not send non native IP address packets on Mac, Can you tell me, what OS can send non native IP address packets? #13

whxloveyrh opened this issue Jul 12, 2017 · 7 comments

Comments

@whxloveyrh
Copy link

dns_reflect
What OS can send non native IP address packets ??
@whxloveyrh
Copy link
Author

What OS can send non native IP address packets?
OR

what tool can implement the function that the machine can send non native IP address packets?

OR

how to configure OS for finishing the function?

@merkjinx
Copy link

A OS that supports raw sockets
a program that will change the IP source header to what ever you want. (google it) or fine something here on GitHub that already has that build in. or just make it with python or something.

Linux already has this pre-enabled on most distributions. Mac no

@whxloveyrh
Copy link
Author

whxloveyrh commented Jul 12, 2017
edited
Loading

@merkjinx

In MAC OS, I install a virtual ubuntu machine by virtualbox tool.
My Physics Machine: MAC OS,
My virtual Machine: kali and ubuntu OS.
But Virtual machine can't send no native ip address packets.

If i need ubuntu OS physics Machine???

@merkjinx
Copy link

interesting cause when i tried the same thing your talking about it worked. with more than one program using raw sockets. you might have to mess with the networking configuration for virtualbox. so that ubuntu and kali see what your Mac sees. instead of seeing a NAT network or other filtered network. play with it and see what happens.

@whxloveyrh
Copy link
Author

@merkjinx Thanks

@whxloveyrh
Copy link
Author

@merkjinx ,
Penetration Test Env:

Attack Machine : A
victim(target) Machine : B
NTP Machine : C

Command
$ python Saddam.py B --ntp=ntp_ip_address.txt

Phenomenons

I find the phenomeon that the packet can from A Machine to C Machine. the source ip address of all packet are B, and the target ip address of all packet are C.
But
the packet can from C Machine to B Machine.

Why , Can you help me?

Very urgent Problem

I can't understand the cause. Can you explain it for me?

@merkjinx
Copy link

that's how NTP reflection works.
from C machines perspective B is sending packets so C responds to B in the same way as a legitimate request. the header of a spoofed packet has source and destination. Which source can be changed to what ever you what. As long as the router of A will route the packet it should work just fine.
also one thing to note is that NTP runs over UDP. which is a connection-less protocol unlike TCP requires a 3 way handshake before any data can be sent.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@whxloveyrh @merkjinx