Tool 41: Spoof Ip4Icmp4 packet
Description:
This tool sends a fake packet on the network.
Each parameter name should be self explaining.
Parameter --spoofip indicates how to generate link layer for spoofing.
Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
is the list of accepted values:
- 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
a firewall is installed, or on some systems, this might not work.
- 'linkf' means to spoof at link level (currently, only Ethernet is
supported). The 'f' means to Fill source Ethernet address.
However, if source IP address is spoofed, it might be impossible
to Fill it. So, linkf will not work: use linkb or linkfb instead.
- 'linkb' means to spoof at link level. The 'b' means to left a Blank
source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
- 'linkfb' means to spoof at link level. The 'f' means to try to Fill
source Ethernet address, but if it is not possible, it is left
Blank.
- 'rawlinkf' means to try 'raw', then try 'linkf'
- 'rawlinkb' means to try 'raw', then try 'linkb'
- 'rawlinkfb' means to try 'raw', then try 'linkfb'
- 'linkfraw' means to try 'linkf', then try 'raw'
- 'linkbraw' means to try 'linkb', then try 'raw'
- 'linkfbraw' means to try 'linkfb', then try 'raw'
- 'link' is an alias for 'linkfb'
- 'rawlink' is an alias for 'rawlinkfb'
- 'linkraw' is an alias for 'linkfbraw'
- 'best' is an alias for 'linkraw'. It should work in all cases.
This tool may need to be run with admin privilege in order to spoof.
Synonyms:
hping, send
Usage:
netwox 41 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o uint32] [-p uint32] [-a spoofip] [-r uint32] [-s uint32] [-t uint32] [-u uint32]
Parameters:
| parameter |
description |
example |
| -c|--ip4-tos uint32 |
IP4 tos |
0 |
| -e|--ip4-id uint32 |
IP4 id (rand if unset) |
0 |
| -f|--ip4-reserved|+f|--no-ip4-reserved |
IP4 reserved |
|
| -g|--ip4-dontfrag|+g|--no-ip4-dontfrag |
IP4 dontfrag |
|
| -h|--ip4-morefrag|+h|--no-ip4-morefrag |
IP4 morefrag |
|
| -i|--ip4-offsetfrag uint32 |
IP4 offsetfrag |
0 |
| -j|--ip4-ttl uint32 |
IP4 ttl |
0 |
| -k|--ip4-protocol uint32 |
IP4 protocol |
0 |
| -l|--ip4-src ip |
IP4 src |
192.168.100.200 |
| -m|--ip4-dst ip |
IP4 dst |
5.6.7.8 |
| -n|--ip4-opt ip4opts |
IPv4 options |
|
| -o|--icmp-type uint32 |
ICMP type |
0 |
| -p|--icmp-code uint32 |
ICMP code |
0 |
| -a|--spoofip spoofip |
IP spoof initialization type |
best |
| -r|--ip4-ihl uint32 |
IP4 ihl |
5 |
| -s|--ip4-totlen uint32 |
IP4 totlen |
0 |
| -t|--ip4-checksum uint32 |
IP4 checksum |
0 |
| -u|--icmp-checksum uint32 |
ICMP checksum |
0 |
Example:
netwox 41