Eli Fulkerson .com HomeProjectsHttpspoof
 

httpspoof

Description:

Somebody on a forum posted a survey about the feasibility of spoofing the TCP handshake without having knowledge of the Ack number. I was bored so I whipped up a potential proof of concept example. Don't run it against anything on the Internet, it is intended as a local network proof of concept only. Seriously, spoofing packets on the internet is a dick move. I don't want to hear about it if you get yourself in trouble.

Httpspoof tries to do an http get against / on a specified ip/domain name with a specified spoofed IP address. I haven't run it successfully, it is single threaded and appears that it would take about 18 days to get a reasonable chance at colliding with the real Ack number when run on my local test network.

I twisted httpspoof out of tcproute, so it shares a lot of the same options, requirements and caveats. In particular it requires a WinPcap installation and some Microsoft packages for the WinPcap dlls.


C:\>httpspoof.exe --lip 192.168.2.123 --lmac 90:b1:1c:XX:XX:XX 192.168.2.5
Available interfaces:  (use with -i to avoid interaction next time)
1.  Network adapter 'Realtek PCIe GBE Family Controller' on local host
     rpcap://\Device\NPF_{962899E7-D4BB-49E6-BACB-7AD9F32842F4}
     Internet 192.168.2.20

Select the listening interface (1-1):
1
Ensuring gateway address (192.168.2.1) is in arp... OK!

Using the following values:
---------------------------
Local IP:    192.168.2.123
Local MAC:   90:b1:1c:XX:XX:XX
Gateway MAC: 00:1F:5B:XX:XX:XX
Remote IP:   192.168.2.5

Hitting / on 192.168.2.5:80
1000 attempts.  Statistically expect 0.0000002328306 hits by now.  ~1672446.96125748s left
2000 attempts.  Statistically expect 0.0000004656613 hits by now.  ~1624139.76954944s left
3000 attempts.  Statistically expect 0.0000006984919 hits by now.  ~1606849.58135746s left
4000 attempts.  Statistically expect 0.0000009313226 hits by now.  ~1599732.74637451s left
5000 attempts.  Statistically expect 0.0000011641530 hits by now.  ~1593367.59815554s left

... etc

Download:

httpspoof-poc.zip