Paranoid Posted October 17, 2010 Share Posted October 17, 2010 Theoretically speaking.... It is possible to craft a packets header files to make it seem like it is being sent from a different IP Address. Unfortunately, you will not receive the reply (it will be sent to the other IP) and will not be able to complete a three way handshake. My question is, without a MITM (man in the middle) attack, is it in any way possible to complete a three way handshake using a spoofed IP address? To visualize this, Pretend you are Computer A, Your trying to spoof Computer B's IP and you are targetting computer C. So Computer A will tell Computer C, Hi I'm Computer B, but please send your response to Computer A. Any help or Ideas would be greatly appreciated. Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 17, 2010 Share Posted October 17, 2010 Well, no, because Computer A telling Computer C it is Computer B will result in Computer C sending it's responses to Computer B. Quote Link to comment Share on other sites More sharing options...
Paranoid Posted October 17, 2010 Author Share Posted October 17, 2010 That brings the question: Is there any way around that? Is it possible for C to acknowledge that B is sending the packet but to send it back to A instead? There has to be a way around everything right? Quote Link to comment Share on other sites More sharing options...
Sparda Posted October 17, 2010 Share Posted October 17, 2010 Well, yes if A intercepts the communications (man in the middle) between B and C then A can pretend to be B. This usually has to be done physically to some extent. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 18, 2010 Share Posted October 18, 2010 You can pretty much perform this attack with Ettercap, but you will need to be on the same subnet as the victim you are planing on attacking. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.