GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mk-fg → Tcp Connection Hijack Reset

mk-fg / Tcp Connection Hijack Reset

Licence: wtfpl
Simple scapy-based tool to hijack and reset existing TCP connections

Programming Languages

python
139335 projects - #7 most used programming language

Labels

networkingtcpattackscapy

Projects that are alternatives of or similar to Tcp Connection Hijack Reset

Netlink
Socket and Networking Library using msgpack.org[C++11]
Stars: ✭ 197 (+1058.82%)
Mutual labels:  networking, tcp
Goben
goben is a golang tool to measure TCP/UDP transport layer throughput between hosts.
Stars: ✭ 391 (+2200%)
Mutual labels:  networking, tcp
Computer Networking
Free resources for a self-taught education in Computer Networking
Stars: ✭ 201 (+1082.35%)
Mutual labels:  networking, tcp
Simplenet
An easy-to-use, event-driven, asynchronous network application framework compiled with Java 11.
Stars: ✭ 164 (+864.71%)
Mutual labels:  networking, tcp
Libzt
ZeroTier Sockets - Put a network stack in your app
Stars: ✭ 486 (+2758.82%)
Mutual labels:  networking, tcp
Inlets Pro
Secure TCP and HTTP tunnels that work anywhere
Stars: ✭ 179 (+952.94%)
Mutual labels:  networking, tcp
Python-Botnet
This is a simple DDoS python botnet script with remote monitoring & management for education purposes.
Stars: ✭ 119 (+600%)
Mutual labels:  tcp, attack
Pnet
High level Java network library
Stars: ✭ 49 (+188.24%)
Mutual labels:  networking, tcp
Cnp3
Computer Networking : Principles, Protocols and Practice (first and second edition, third edition is being written on https://github.com/cnp3/ebook)
Stars: ✭ 471 (+2670.59%)
Mutual labels:  networking, tcp
Hp Socket
High Performance TCP/UDP/HTTP Communication Component
Stars: ✭ 4,420 (+25900%)
Mutual labels:  networking, tcp
Transperf
a tool for testing transport protocol performance over emulated network scenarios
Stars: ✭ 125 (+635.29%)
Mutual labels:  networking, tcp
Habu
Hacking Toolkit
Stars: ✭ 635 (+3635.29%)
Mutual labels:  networking, scapy
Ipv6tools
IPv6Tools is a robust modular framework that enables the ability to visually audit an IPv6 enabled network.
Stars: ✭ 120 (+605.88%)
Mutual labels:  networking, scapy
Hazel Networking
Hazel Networking is a low level networking library for C# providing connection orientated, message based communication via TCP, UDP and RUDP.
Stars: ✭ 194 (+1041.18%)
Mutual labels:  networking, tcp
Proxy
C++ TCP Proxy Server
Stars: ✭ 98 (+476.47%)
Mutual labels:  networking, tcp
Mirror
#1 Open Source Unity Networking Library
Stars: ✭ 2,905 (+16988.24%)
Mutual labels:  networking, tcp
Anette
Simple haxe network library
Stars: ✭ 35 (+105.88%)
Mutual labels:  networking, tcp
Objecttransport
Send and Receive objects over TCP or UDP
Stars: ✭ 39 (+129.41%)
Mutual labels:  networking, tcp
Networker
A simple to use TCP and UDP networking library for .NET. Compatible with Unity.
Stars: ✭ 408 (+2300%)
Mutual labels:  networking, tcp
Impulse
💣 Impulse Denial-of-service ToolKit
Stars: ✭ 538 (+3064.71%)
Mutual labels:  tcp, attack
View All Similar Projects ➔

tcp-connection-hijack-reset

Simple scapy + iptables/ipsets + nflog tool to hijack and reset existing TCP connections (for both ends), established from other pids.

Purpose is not some malicious DoS attacks but rather kicking hung state-machines in otherwise nice software, while making the whole thing look like a random net hiccup, which most apps are designed to handle.

If NFLOG is used (to get packets that should not pass netfilter, for instance), requires scapy-nflog-capture.

Usage

  • Create "conn_cutter" ipset: ipset create conn_cutter hash:ip,port

  • Create "conn_cutter" chain (some lines wrapped):

     -A conn_cutter ! -p tcp -j RETURN
 -A conn_cutter -m set ! --match-set conn_cutter src,src -j RETURN
 -A conn_cutter -p tcp -m recent --set --name conn_cutter --rsource
 -A conn_cutter -p tcp -m recent ! --rcheck --seconds 20\
 	--hitcount 2 --name conn_cutter --rsource -j NFLOG
 -A conn_cutter -p tcp -m recent ! --rcheck --seconds 20\
 	--hitcount 2 --name conn_cutter --rsource -j REJECT --reject-with tcp-reset

    Note that due to one global "recent" netfilter tag used above, only one connection can be cut in 20 seconds (others will pass through this chain unharmed).

    This is done in case of rare pids which may bind() outgoing socket to a constant port, so that packets of the reconnection attempt from the same port won't get matched and pass.

  • Update "OUTPUT" chain:

     -I OUTPUT -j conn_cutter

    That should be strictly before rules like --state RELATED,ESTABLISHED -j ACCEPT.

  • Run: tcp-connection-hijack-reset.py conn_cutter --pid 1234 --debug

    Will pick single TCP connection of a specified pid (or raise error if there's more than one) and cut it, with a lots of noise about what it's doing (due to "--debug").

  • Result: both endpoints should reliably get single RST packet and connection closed promptly.

See this post on more details about what it all means and why it's there.

Similar tools

  • dsniff - has "tcpkill" binary that does very similar thing.

  • tcpkill - standalone tcpkill tool from dsniff.

  • cutter - aims to solve similar problem, but on a router box (seem to work with conntrack tables only), and with some strange methods (generating noise on connection to get seq, which doesn't seem to work at all).

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].