RE: RE: Session & IP Spoofing

From: pire pire (pirepire69_at_romandie.com)
Date: 12/04/03

Next message: Jason Watson: "Re: john the ripper"

Previous message: Giacomo: "Re: john the ripper"
Maybe in reply to: Scovetta, Michael V: "RE: Session & IP Spoofing"
Next in thread: Nexus: "Re: RE: Session & IP Spoofing"
Reply: Nexus: "Re: RE: Session & IP Spoofing"
Reply: Rob Shein: "RE: RE: Session & IP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 4 Dec 2003 10:54:18 +0100
To: MThompson@brinkster.com, <pen-test@securityfocus.com>

No I don't care about the return traffic! All I
need is to sen I GET request with a spoofed IP!

Example:

GET /toto.php?sessionId=123456&transfer=1000
Host: www.toto.com

I just need to send this request to the server
with the ip adress belonging to the sessionID
I've got throuh my XSS!

So how do you do that?

Thanks for your help

---------------------------------------
You can spoof any IP. The question is do you
want the return traffic.

-----Original Message-----
From: pire pire
[mailto:pirepire69@romandie.com]
Sent: Tuesday, December 02, 2003 5:02 PM
To: pen-test@securityfocus.com
Subject: Session & IP Spoofing

Hi,

I've found a vulnerability in a Web App which
gave me via an XSS the sessionID token.

I would like to replay this token. But the
session ID manager (on the server) seems to
look
also to IP adresses.

So my question is: Is there a way to spoof my
ip
address in order to replay the sessionID??

Like:
http://www.tutu.com/toto.php?
sessionid=32443243
and some how spoof of my IP?!

If I replay the sessionid from my machine or an
other machine behind my NAT (same outside IP)
it
works!!

Thanks a lot for your help

_______________________________________________

La messagerie gratuite des romands : 10 MO !!!
Profitez-en ! >>> http://www.romandie.com

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Next message: Jason Watson: "Re: john the ripper"

Previous message: Giacomo: "Re: john the ripper"
Maybe in reply to: Scovetta, Michael V: "RE: Session & IP Spoofing"
Next in thread: Nexus: "Re: RE: Session & IP Spoofing"
Reply: Nexus: "Re: RE: Session & IP Spoofing"
Reply: Rob Shein: "RE: RE: Session & IP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: IP Spoofing??
... As a load of people from the list probably already told you, spoofing an IP ... > address in order to replay the sessionID?? ... > and some how spoof of my IP?! ...
(Security-Basics)
RE: RE: Session & IP Spoofing
... >need is to sen I GET request with a spoofed IP! ... >You can spoof any IP. ... >gave me via an XSS the sessionID token. ... >address in order to replay the sessionID?? ...
(Pen-Test)
RE: Session & IP Spoofing
... You can spoof any IP. ... I've found a vulnerability in a Web App which ... I would like to replay this token. ... address in order to replay the sessionID?? ...
(Pen-Test)
IP Spoofing??
... gave me via an XSS the sessionID token. ... I would like to replay this token. ... Is there a way to spoof my ip ... address in order to replay the sessionID?? ...
(Security-Basics)
Session & IP Spoofing
... gave me via an XSS the sessionID token. ... I would like to replay this token. ... Is there a way to spoof my ip ... address in order to replay the sessionID?? ...
(Pen-Test)