[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ICMP injection

To: Josh Perrymon <perrymonj@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] ICMP injection
From: Cedric Blancher <blancher@xxxxxxxxxxxxxxxxxx>
Date: Tue, 01 Nov 2005 10:07:14 +0100

Le mardi 01 novembre 2005 à 00:11 -0600, Josh Perrymon a écrit :
> Anyone familiar with injecting ICMP or DNS packets with NC?

You won't be able to inject ICMP with netcat (nc). Injecting DNS is
possible, but you have to craft your UDP payload yourslef.

You should try Scapy :

        http://www.secdev.org/projects/scapy/

Sort of Python shell to craft, inject packets and grab answers, with
lots of useful classes. You'll find examples, and in particular all ICMP
and DNS stuff you may need.

As an example, you can find a DNS request based traceroute onliner with
Scapy on page 3 of this article :

        http://sid.rstack.org/articles/0309_MISC_Traceroute_en.pdf


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
>> Hi! I'm your friendly neighbourhood signature virus.
>> Copy me to your signature file and help me spread!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] ICMP injection
  - From: Josh Perrymon

Prev by Date: [Full-disclosure] ICMP injection
Next by Date: [Full-disclosure] readdir_r considered harmful
Previous by thread: [Full-disclosure] ICMP injection
Next by thread: [Full-disclosure] readdir_r considered harmful
Index(es):
- Date
- Thread