[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Spoof tricks & Tips ?

To: pen-test@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx, security-basics@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Spoof tricks & Tips ?
From: Mark Sec <mark.sec@xxxxxxxxx>
Date: Mon, 5 Dec 2005 17:44:03 -0800

Alo folks,


Well, im testing a servers and i need to scan all the ports evading IDS ,
IPS, i dont want to see my IP real

e.g spoof scan with Nmap


nmap -v -n -sT -P0 -e eth0 -p
21,22,23,25,111,135,139,445,443,1433,1434,1521,2301, -S 1.1.1.1
150.210.30.117


Or my little script:

=========cut here================================
#spoof addres that u want
spoofed=0.0.0
# target to scan
target=150.210.30.117
#  target is the host to be scanned
port=1
#  port will be incremented 1-1024
saddr=2
# saddr is the starting host of the spoofed address

while [ $port -lt 1024 ]
do

#nc -vv -u  -w10 -n -z -s 0.0.0.${saddr}  $target $port

# or

sleep 2

nmap -v -n -sT -P0 -e eth0 -p $port -S ${spoofed}.${saddr}  $target

port=`expr $port + 1`
saddr=`expr $saddr + 1`
if [ $saddr -gt 254 ]
        then
        saddr=2
        fi
done
exit
=============cute here==========================

Does anyone have more tricks, tips, shell scripts to scan and hiding-evading
IDS, IPS the real IP ?

- Mark :-)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Spoof tricks & Tips ?
  - From: Rembrandt
- Re: [Full-disclosure] Spoof tricks & Tips ?
  - From: Tim

Prev by Date: Re: [Full-disclosure] Bug with .php extension?
Next by Date: [Full-disclosure] Examples with Nemesis to test DoS & DDoS?
Previous by thread: [Full-disclosure] Outpost24 Public Security Note: Linux/Elxbot
Next by thread: Re: [Full-disclosure] Spoof tricks & Tips ?
Index(es):
- Date
- Thread