문제

Given that I'm on a local network, if I can capture a ICMP echo request packet, and considering that I want to spoof a echo reply, what part of the original packet would I need to change supposing I make a copy of the original before i send it back? I'm guessing the IP header would need to change, (the destination IP of the original would become the source, and vice versa) as well as the ICMP header (the type would need to change to ECHO_REPLYPACKET). But besides those 2 are there any others?

도움이 되었습니까?

해결책

Quoting RFC 792 :

Echo or Echo Reply Message

0                   1                   2                   3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Type      |     Code      |          Checksum             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Identifier          |        Sequence Number        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Data ...
+-+-+-+-+-

To form an echo reply message, the source and destination addresses are simply reversed, the type code changed to 0, and the checksum recomputed.

Identifier and Sequence Number must be 0 as well.

RFC 1071 shows you how to calculate the Checksum

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top