Tutorial by ghimau 10 December 2007
SING is a command line tool that sends fully customizable ICMP packets. The main purpose of this tool is to replace the good old ping command with certain enhancements.
You can get this tool at http://sourceforge.net/projects/sing.
In this very basic tutorial, I’ll demonstrate the usage of this tool to send spoofed packets. (I wont show the MAC spoofing as it will be covered in my next tutorial)
Lets get down to business, shall we :)
SING is a command line tool that sends fully customizable ICMP packets. The main purpose of this tool is to replace the good old ping command with certain enhancements.
You can get this tool at http://sourceforge.net/projects/sing.
In this very basic tutorial, I’ll demonstrate the usage of this tool to send spoofed packets. (I wont show the MAC spoofing as it will be covered in my next tutorial)
Lets get down to business, shall we :)
- Ok, first of all, you should get the source code of this tool. Just want to show the usage of wget to download files :)
- Untar your file. Run the ./configure and make command to compile the source code.
- Ok let say, my linux machine is the bad guy :) Take note of the IP address and the MAC address. The IP of my linux machine (where I’ve ‘make’ SING) is 192.168.1.12
- Here is the victim’s IP address (192.168.1.10). This is the address that we gonna SING :)
- Lets ping the usual way
- I fired up another terminal running tcpdump. You can see the source IP (192.168.1.12) and the destinatination IP (192.168.1.10) of the echo request. My ‘bad’ machine sending echo request and the victim reply with echo reply.
- I run Ethereal. Please don’t ask why I used the old version :) As you can see it produce a more readable result than tcpdump :). Note the source MAC address
- Using this command sing –echo –S spoofed_address target_host, I tried to spoof my echo request making as it coming from 192.168.1.11 which is another windows machine in my virtual network.
- Well this the machine that I used the IP for the spoofing purpose. Note the MAC address.
- I run tcpdump again while the above command is running. Well, you can see that I’ve succeed spoofing the IP address. Looks like 192.168.1.11 is doing the echo request, actually 192.168.1.12 is doing it.
- When run tcpdump with –e option, you can see the source MAC address. And the MAC address belongs to 192.168.1.12. So you can only spoof your IP address with this command.
- The same output, but in ethereal
- Ok.. that’s all for now. By using this command you can only spoof your ip address. If the network admin is aware, they might fire up a sniffer and detect the source machine. But believe me, some of the network admins that I know mostly sucks! They would’nt know the different between a legitimate ICMP traffic and a DdoS traffic. Hahaha.
- You can download the pdf version here
7 comments:
lalalalal...
chewah,
sempat ko menggodek mende alah ni dlm demam2 ko tu yer
itu yg buat demam budak ni hilang.. godek2 lagi!!
wow.. DdOs...
ko kena wat satu program yang anta parameter random
buat satu function random
dimana n adalah 0 hingga 255
dan die akan execute shell command yang anta parameter
sing –echo –S rand(n).rand(n).rand(n).rand(n) target_host
peh... bestnyer DdoS..
alia : :P
viruspadu : kalau bab ni mesti sempat
ciklycyber : hihik.. ni siapa yer?
kucai : ok gak tu.. :)
ok2.. dah tahu ciklycyner ni saper :) brader rep ni http://profiles.friendster.com/ciklycyber
gua terpaksa menggunakan skill kehakesan gua untuk mengesan hihihi
very good posting!