mueks Posted March 24, 2008 Share Posted March 24, 2008 well, it's my first post i hope you can help. The issue here is that i want to falsificate an ip, i just want that a server that have a webpage: http:example. com/me. php thnink i have an ip like this: 5623. x. x. x. . . there the problem is. . . that IP doesn't exist then i can't make a tipical IP Spoofing. . . i just want that in the web's logs appear i visited her with 5623. x. x. x and yes, someone could do this. . . but just said "try with proxies and a PHP program" but i've been loocking in internet and i haven't seen how to FALSIFICATE A FALSE IP hehe and i haven't ideas for how to do this. . . . Waiting for your answers Cya Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted March 24, 2008 Share Posted March 24, 2008 You're going to need to create you're own packet, and I doubt it would even make it past a router. If it does you'd never be able to get any of the data back because the web server would send the data back to the fake IP. Quote Link to comment Share on other sites More sharing options...
mueks Posted March 24, 2008 Author Share Posted March 24, 2008 You're going to need to create you're own packet, and I doubt it would even make it past a router. If it does you'd never be able to get any of the data back because the web server would send the data back to the fake IP. yes, that's the point, if a send a SYN with that IP and then i send the correct ACK there the problem will be stopped, but i'm behind a router, but surely there is another way...he says it's easy, he entered with that IP with his firefox...and i saw the logs...he did... Cya Quote Link to comment Share on other sites More sharing options...
digip Posted March 24, 2008 Share Posted March 24, 2008 Are youa ctually trying to visit the site, or do you want to cause some sort of DoS attack? Because it doesnt sound like your trying to visit the site, otherwise you could just use a proxy to visiti it from an IP address other than your own. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted March 24, 2008 Share Posted March 24, 2008 You're going to need to create you're own packet, and I doubt it would even make it past a router. If it does you'd never be able to get any of the data back because the web server would send the data back to the fake IP. yes, that's the point, if a send a SYN with that IP and then i send the correct ACK there the problem will be stopped, but i'm behind a router, but surely there is another way...he says it's easy, he entered with that IP with his firefox...and i saw the logs...he did... Cya HE did it to what with what how? With what logs where? Just a little more detail would be good. And is english your first language Quote Link to comment Share on other sites More sharing options...
mueks Posted March 25, 2008 Author Share Posted March 25, 2008 ok, first, i'll give you details about the escene: There is a page: http://example.com/ip.php, where /ip.php gives the IP from the visitor, i'm not sure if it uses something like a $ip = $_SERVER["REMOTE_ADDR"]; for get the IP, but it's probably. I have to enter to that page and that the page thinks that my ip is something like: 562.3698.2.3 or any imposssible IP, like spoofing ip, but just on web level...i repeat, a friend told me that with proxies and stuff...i can't imaginate how...haha...but i've been loocking for information and try to think in a method...but i can't Cya Quote Link to comment Share on other sites More sharing options...
SmoothCriminal Posted March 25, 2008 Share Posted March 25, 2008 Well you can use a proxy, but your IP address still has to be real. If you spoof it to a non-real IP address, when you first send data to the website it will go to send data back to the source IP address (the one you want to spoof), and if it is bogus the packets are going to be dropped. I believe proxy's work by connecting to the site for you, and then resending the data it receives to you (please let me know if I'm wrong) Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted March 25, 2008 Share Posted March 25, 2008 ok, first, i'll give you details about the escene: There is a page: http://example.com/ip.php, where /ip.php gives the IP from the visitor, i'm not sure if it uses something like a $ip = $_SERVER["REMOTE_ADDR"]; for get the IP, but it's probably. I have to enter to that page and that the page thinks that my ip is something like: 562.3698.2.3 or any imposssible IP, like spoofing ip, but just on web level...i repeat, a friend told me that with proxies and stuff...i can't imaginate how...haha...but i've been loocking for information and try to think in a method...but i can't Cya your friends an idiot... and if you believe him you are too... next time you see him tell him "proof or GTFO" Quote Link to comment Share on other sites More sharing options...
moonlit Posted March 25, 2008 Share Posted March 25, 2008 your friends an idiot... and if you believe him you are too... next time you see him tell him "proof or GTFO" QFE. As has been said, you can't access the internet (and by that I mean browse it) with a spoofed IP address because the packets would get dumped for having bogus info and being impossible to route. Quote Link to comment Share on other sites More sharing options...
Shaun Posted March 25, 2008 Share Posted March 25, 2008 Also it's not possible to spoof an "impossible" IP which from your posts I take to mean one with octets higher than 255 because the IP address in packets is not stored as an ascii string like "123.123.123.123", but as a 32 bit number. It's not possible to represent an IP outside the range of 0.0.0.0-255.255.255.255 with 32 bits. Quote Link to comment Share on other sites More sharing options...
digip Posted March 25, 2008 Share Posted March 25, 2008 I have to enter to that page and that the page thinks that my ip is something like: 562.3698.2.3 or any imposssible IP, like spoofing ip, but just on web level...i repeat, a friend told me that with proxies and stuff...i can't imaginate how...haha...but i've been loocking for information and try to think in a method...but i can't even ipv6 addreses dont look like that... 2001:0db8:85a3:08d3:1319:8a2e:0370:7334 is a valid IPv6 address. http://en.wikipedia.org/wiki/IPv6 Quote Link to comment Share on other sites More sharing options...
Razor512 Posted March 25, 2008 Share Posted March 25, 2008 ipv6 is going to suck when it becomes a standard. it's already hard enough to remember the ip addresses to my favorite BF2 and jedi academy servers (if they extend the length, it will be hard to remember all 15 ip's Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted March 25, 2008 Share Posted March 25, 2008 ipv6 is going to suck when it becomes a standard. it's already hard enough to remember the ip addresses to my favorite BF2 and jedi academy servers (if they extend the length, it will be hard to remember all 15 ip's DNS FTW! Quote Link to comment Share on other sites More sharing options...
Sparda Posted March 28, 2008 Share Posted March 28, 2008 haven't read read many posts, but would like to end this thread with the footer of: Viewing web pages requires a unspoofed IP address Quote Link to comment Share on other sites More sharing options...
darthneo Posted April 5, 2008 Share Posted April 5, 2008 maybe your friend is good with php and found a way to get into that webpage and change it to an immpossible IP address...? Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted April 5, 2008 Share Posted April 5, 2008 maybe your friend is good with php and found a way to get into that webpage and change it to an immpossible IP address...? e.g.? Quote Link to comment Share on other sites More sharing options...
Sparda Posted April 5, 2008 Share Posted April 5, 2008 Remote file inclusion (and other code injection attacks) could be used 'trick' PHP (or server scripting engine) in to thinking your IP address is different to the one that is actually been used. The web server logs would still show the actual IP address. A fruitless endeavor unless some web based application was silly enough to exclusively trust PHP with IP addressed based authentication instead of the web server. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.