RST hijacking correct ack number

JoeJoe

New Member
Credits
0
For learning purpose, I'm trying to RST hijack my current session :

22:29:20.185032 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ S ], seq 2173271328, win 29200, options [mss 1460,sackOK,TS val 3615590 ecr 0,nop,wscale 7], length 0
22:29:20.185090 IP 172.10.10.21.http > 172.10.10.11.43086: Flags [ S. ], seq 3246536796, ack 2173271329, win 28960, options [mss 1460,sackOK,TS val 3598763 ecr 3615590,nop,wscale 6], length 0
22:29:20.186088 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ . ], ack 1, win 229, options [nop,nop,TS val 3615590 ecr 3598763], length 0​

To perform this, I spoof the 172.10.10.11 IP adress, and I try to put the correct ack number and send :

22:30:14.872548 IP 172.10.10.11.43086 > 172.10.10.21.http: Flags [ R ], seq 2173271329, win 8192, length 0​

But it's not doing anything. Any ideas?
 
Last edited:


Members online


Top