Full Disclosure: Re: (no subject)

[Dan Kaminsky <dan () doxpara com>]

Easily the best environment for packet manipulation is scapy.

The most guaranteed to work approach involves putting a system with two
interfaces in as an attacker, and running two scapy processes that copy
frames received on one interface onto the other one.  Of course, your copier
parses the frames, changes what needs to be changed, fixes up checksums,
etc.

There are other approaches that are preferable for all sorts of reasons, but
the above means you don't need to fight with ARP or addresses or firewall
rules or the kernel.  (Proxy ARP, mangle tables, yadda yadda yadda.)

2009/12/16 김무성 <kimms () infosec co kr>

>  Hello. List.
>
>
>
> I'm pentesting IPTV.
>
>
>
> Our IPTV network structure is this.
>
>
>
> Monitor - IPTV - VDSL modem - ISP
>
>
>
> So, for packet manipulation
>
> I have to ARP spoofing or change network structure
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> But, I don't know IPTV SetupBox(STB)'s netmask and gateway address.
>
> So I wanna make this network
>
>
>
> Monitor - IPTV - attacker - VDSL modem - ISP
>
>
>
> Attacker is a computer.
>
> This computer have two NIC.
>
> Two NIC only transmit and receive packet. They have no IP address.
>
> I wanna manipulate this packet's field
>
>
>
> Do you know how make this network?
>
> Do you know tools that manipulate every packet (http, rstp, igmp, etc,.)?
>
>
>
> Thanks
>
> KIM
>
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/