Tool 40: Spoof Ip4Tcp

Description:

  This tool sends a fake packet on the network.
  Each parameter name should be self explaining.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
   

Synonyms:

  hping, ipv4

Usage:

  netwox 40 [-c uint32] [-e uint32] [-f|+f] [-g|+g] [-h|+h] [-i uint32] [-j uint32] [-k uint32] [-l ip] [-m ip] [-n ip4opts] [-o port] [-p port] [-q uint32] [-r uint32] [-s|+s] [-t|+t] [-u|+u] [-v|+v] [-w|+w] [-x|+x] [-y|+y] [-z|+z] [-A|+A] [-B|+B] [-C|+C] [-D|+D] [-E uint32] [-F uint32] [-G tcpopts] [-H mixed_data] [-a spoofip] [-J uint32] [-K uint32] [-L uint32] [-M uint32] [-N uint32]

Parameters:

parameter description example
-c|--ip4-tos uint32 IP4 tos 0
-e|--ip4-id uint32 IP4 id (rand if unset) 0
-f|--ip4-reserved|+f|--no-ip4-reserved IP4 reserved  
-g|--ip4-dontfrag|+g|--no-ip4-dontfrag IP4 dontfrag  
-h|--ip4-morefrag|+h|--no-ip4-morefrag IP4 morefrag  
-i|--ip4-offsetfrag uint32 IP4 offsetfrag 0
-j|--ip4-ttl uint32 IP4 ttl 0
-k|--ip4-protocol uint32 IP4 protocol 0
-l|--ip4-src ip IP4 src 1.1.1.1
-m|--ip4-dst ip IP4 dst 5.6.7.8
-n|--ip4-opt ip4opts IPv4 options  
-o|--tcp-src port TCP src 1234
-p|--tcp-dst port TCP dst 80
-q|--tcp-seqnum uint32 TCP seqnum (rand if unset) 0
-r|--tcp-acknum uint32 TCP acknum 0
-s|--tcp-reserved1|+s|--no-tcp-reserved1 TCP reserved1  
-t|--tcp-reserved2|+t|--no-tcp-reserved2 TCP reserved2  
-u|--tcp-reserved3|+u|--no-tcp-reserved3 TCP reserved3  
-v|--tcp-reserved4|+v|--no-tcp-reserved4 TCP reserved4  
-w|--tcp-cwr|+w|--no-tcp-cwr TCP cwr  
-x|--tcp-ece|+x|--no-tcp-ece TCP ece  
-y|--tcp-urg|+y|--no-tcp-urg TCP urg  
-z|--tcp-ack|+z|--no-tcp-ack TCP ack  
-A|--tcp-psh|+A|--no-tcp-psh TCP psh  
-B|--tcp-rst|+B|--no-tcp-rst TCP rst  
-C|--tcp-syn|+C|--no-tcp-syn TCP syn  
-D|--tcp-fin|+D|--no-tcp-fin TCP fin  
-E|--tcp-window uint32 TCP window 0
-F|--tcp-urgptr uint32 TCP urgptr 0
-G|--tcp-opt tcpopts TCP options  
-H|--tcp-data mixed_data mixed data  
-a|--spoofip spoofip IP spoof initialization type best
-J|--ip4-ihl uint32 IP4 ihl 5
-K|--ip4-totlen uint32 IP4 totlen 0
-L|--ip4-checksum uint32 IP4 checksum 0
-M|--tcp-doff uint32 TCP data offset 0
-N|--tcp-checksum uint32 TCP checksum 0

Example:

  netwox 40