Home page logo
/

basics logo Security Basics mailing list archives

Re: IP Spoofing??
From: "Gavin Zuchlinski" <gzuchlinski () pgsit org>
Date: Tue, 2 Dec 2003 18:04:37 -0500

Hi,
As a load of people from the list probably already told you, spoofing an IP
in this case would be a lot of work and probably not work out too well.

Another option though: is there something specific you want to exploit? If
you can insert whatever HTML and scripting you want as the client (and
therefore as their IP :-), it might be possible to submit a form changing
the user's password or similar.
I wrote a paper a while back which might help you a little in your research,
http://libox.net/xss.php .

-Gavin
http://libox.net/


----- Original Message ----- 
From: "pire pire" <pirepire69 () romandie com>
To: <security-basics () securityfocus com>
Sent: Tuesday, December 02, 2003 5:02 PM
Subject: IP Spoofing??


Hi,

I've found a vulnerability in a Web App which
gave me via an XSS the sessionID token.

I would like to replay this token. But the
session ID manager (on the server) seems to look
also to IP adresses.

So my question is: Is there a way to spoof my ip
address in order to replay the sessionID??

Like:
http://www.tutu.com/toto.php?sessionid=32443243
and some how spoof of my IP?!

If I replay the sessionid from my machine or an
other machine behind my NAT (same outside IP) it
works!!

Thanks a lot for your help

_______________________________________________

La messagerie gratuite des romands : 10 MO !!!
Profitez-en ! >>> http://www.romandie.com

--------------------------------------------------------------------------
-
--------------------------------------------------------------------------
--





---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault