Sign in to follow this  
Followers 0
Jberryman

sending a pre-made packet

11 posts in this topic

There is a site (as I posted about in the general forum) that spoofs an ebay login screen to collect logins/passwords. I want to send a lot of input over and over again.

I have captured the packets exchanged between my comp and the site when the username/password is submitted, and found which one contains the user/pass data. So can I just send this packet over and over again to the site, or is it more compilicated than that? If it isn't, then what kind of software would be needed to do that?
Thanks

Share this post


Link to post
Share on other sites
Hmm, well, it depends.

Is HTTP a tcp/ip protocol? (do we need to make a connection before sending data?)
Is it a UDP protocol?

I find that linux excells as tasks like these. You should burn a Live! cd of some OS and start messing around. :)

Share this post


Link to post
Share on other sites
Thanks for the response. I guess reading up on HTTP and TCP would probably answer my question, and clear up a few things.

Share this post


Link to post
Share on other sites
Well, it was a crappy reply, I admit, but I'm not good at packet stuff.

there are tools that attach themselves at the application layer, though.

Share this post


Link to post
Share on other sites
Hey,

This program creates packets from scratch
[url="http://www.engagesecurity.com/products/engagepacketbuilder/"]http://www.engagesecurity.com/products/engagepacketbuilder/[/url]
And its FREE!

But this might be a pretty complicated thing to do.
Also some netork analyzers allow you to resend packets pretty easily, To send a made from scratch ping packet would work fine, but to so something like this probably isnt as easy, as it expects not just that packet, but all the packets before it. Also there is sequence numbers for TCP and who knows what else that needs to be in place first.

I honestly dont know, would have to screw around with it myself, but hopefully I contributed something of value.

Creating a custom ping packet would be a pretty cool way to send a secret message (covert channel) Instead of it saying abcdefghijklmnopqrstuabcd(microsoft's ping) You can make it say "Murder, tonight at 5:30" and the other person will be collecting only ping traffic with network analyzer. Most people dont capture and save other peoples pings. Even better would be to encrypt "Murder, tonight at 5:30" then send the ciphertext as the ping message.

Just a fun idea :) Edited by Kev420inK

Share this post


Link to post
Share on other sites
Thanks for the link Kev420inK, that looks like a good tool. I really like the ping idea. Even better, you could make the ping look like it came from the person who you want to receive the message, then you send the ping to any host, and they bounce it, not back to you, but to your desired recipient. Completely anonymous.
I'll bet you could write a script to use this method to send short IMs between two people.

[quote]Well, it was a crappy reply, I admit, but I'm not good at packet stuff.[/quote]
I thought you were trying to get me thinking, lol. But I read up about TCP being a "connection based" protocol that requires the three-way handshake deal, so my idea of just shooting that one packet to the host would not have worked. As I understand, UDP is not connection-based like TCP (and HTTP), so maybe this could have worked in a situation involving UDP. Edited by Jberryman

Share this post


Link to post
Share on other sites
Hey,

Maybe netcat can help you? im not really sure. I just used netcat to connect to an irc server and channel. all i had to do was sniff a little bit of irc with ethereal. then i just saw all the commands to be passed to the server, and i successfully joined a channel and talked, all using netcat. the thing is, irc is a pretty simple protocol. I then tried doing similar with aim, but aim has a lot of more stuff goin on. It didnt look like netcat would do it for me. But i guess thats why people make implemantations of protocols. its alot easier just using aim, hehe

:)

Your thing is probably pretty complicated too. I guess if you are a programmer it would be easy? i dont know, but if you were to do it at the packet level, then you would need to just copy a session, and change it around to how you want it, and have a program that will replay all those packets in the order you need. but theres probably a lot of learnin to do. it would be fun though. Edited by Kev420inK

Share this post


Link to post
Share on other sites
[quote]
Your thing is probably pretty complicated too. I guess if you are a programmer it would be easy? i dont know, but if you were to do it at the packet level, then you would need to just copy a session, and change it around to how you want it, and have a program that will replay all those packets in the order you need. but theres probably a lot of learnin to do. it would be fun though.[/quote]
I think this would actually be very simple. I could tell what everything was in the ping packet pretty easily. I am learning perl at the moment, so this will be my first real programming project once I feel I have enough know-how to attempt it.

Share this post


Link to post
Share on other sites
Etherpeek will let you resend entire trace files, and of course edit them also, so if you have a few thousand dollars laying around, that might be an option.

Share this post


Link to post
Share on other sites
[quote]Etherpeek will let you resend entire trace files, and of course edit them also, so if you have a few thousand dollars laying around, that might be an option.[/quote]
I also believe for Windows, CommView will allow you to edit and resend packets. [url="http://big.badlink.net/"]wInject[/url] maybe also be of use to you. I can't find anything that allows you to edit and resend packets *on the fly* in Linux apart from using ngrep, netsed and other 'busybox' type tools.

Share this post


Link to post
Share on other sites
:huh: ya ok so where do ya learn on decoding the ascii and hex? ima total noob with packets and think its time to learn...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0