For learning purpose, I'm trying to RST hijack my current session :
To perform this, I spoof the 172.10.10.11 IP adress, and I try to put the correct ack number and send :
But it's not doing anything. Any ideas?
22:29:20.185032 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ S ], seq 2173271328, win 29200, options [mss 1460,sackOK,TS val 3615590 ecr 0,nop,wscale 7], length 0
22:29:20.185090 IP 172.10.10.21.http > 172.10.10.11.43086: Flags [ S. ], seq 3246536796, ack 2173271329, win 28960, options [mss 1460,sackOK,TS val 3598763 ecr 3615590,nop,wscale 6], length 0
22:29:20.186088 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ . ], ack 1, win 229, options [nop,nop,TS val 3615590 ecr 3598763], length 0
22:29:20.185090 IP 172.10.10.21.http > 172.10.10.11.43086: Flags [ S. ], seq 3246536796, ack 2173271329, win 28960, options [mss 1460,sackOK,TS val 3598763 ecr 3615590,nop,wscale 6], length 0
22:29:20.186088 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ . ], ack 1, win 229, options [nop,nop,TS val 3615590 ecr 3598763], length 0
To perform this, I spoof the 172.10.10.11 IP adress, and I try to put the correct ack number and send :
22:30:14.872548 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ R ], seq 2173271329, win 8192, length 0
But it's not doing anything. Any ideas?
Last edited: