Tool 45: Spoof of various samples : fragment, ip4opt:lsrr

Description:

  This tool sends hardcoded packet samples. Samples are (--sample
  defines number): 1=udp_syslog, 2=tcp_syn, 3=tcpsynack, 4=tcpack,
  5=ping.
  Packets contain IPv4 options and can be fragmented before been sent.
  IPv4 options contains a Loose Source Record Route option.
  Parameter --spoofip indicates how to generate link layer for spoofing.
  Values 'best', 'link' or 'raw' are common choices for --spoofip. Here
  is the list of accepted values:
   - 'raw' means to spoof at IP4/IP6 level (it uses system IP stack). If
     a firewall is installed, or on some systems, this might not work.
   - 'linkf' means to spoof at link level (currently, only Ethernet is
     supported). The 'f' means to Fill source Ethernet address.
     However, if source IP address is spoofed, it might be impossible
     to Fill it. So, linkf will not work: use linkb or linkfb instead.
   - 'linkb' means to spoof at link level. The 'b' means to left a Blank
     source Ethernet address (0:0:0:0:0:0, do not try to Fill it).
   - 'linkfb' means to spoof at link level. The 'f' means to try to Fill
     source Ethernet address, but if it is not possible, it is left
     Blank.
   - 'rawlinkf' means to try 'raw', then try 'linkf'
   - 'rawlinkb' means to try 'raw', then try 'linkb'
   - 'rawlinkfb' means to try 'raw', then try 'linkfb'
   - 'linkfraw' means to try 'linkf', then try 'raw'
   - 'linkbraw' means to try 'linkb', then try 'raw'
   - 'linkfbraw' means to try 'linkfb', then try 'raw'
   - 'link' is an alias for 'linkfb'
   - 'rawlink' is an alias for 'rawlinkfb'
   - 'linkraw' is an alias for 'linkfbraw'
   - 'best' is an alias for 'linkraw'. It should work in all cases.
   

Usage:

  netwox 45 [-s ip] [-d ip] [-S port] [-D port] [-n uint32] [-f uint32] [-x|+x] [-i ip] [-a spoofip]

Parameters:

parameter description example
-s|--ip4-src ip IP4 src 1.1.1.1
-d|--ip4-dst ip IP4 dst 5.6.7.8
-S|--tcp-src port TCP port src 80
-D|--tcp-dst port TCP port dst 80
-n|--sample uint32 number of sample (1 to n) 1
-f|--fragsize uint32 fragment size (0=nofrag) 0
-x|--display|+x|--no-display display  
-i|--ip4opt-ip ip IP for LSRR 1.1.1.1
-a|--spoofip spoofip IP spoof initialization type best

Example:

  netwox 45