Packet Editor

darthczyz · 05-30-2003, 02:15 PM

i have a question about packet editing. i'm trying to break firewall rules by changing the data associated with a packet, so that the packet is recognized and allowed, but the data within is malicious. is there a tool to do that, or am i making an unreasonable request.

Crashed_Again · 05-30-2003, 02:20 PM

If the packet is malformed in any way most firewalls will drop it.

darthczyz · 05-30-2003, 02:34 PM

we're hoping that's what happens, but we just want to make sure.

abrakadabra · 05-30-2003, 04:20 PM

Monitor both ends of the firewall and you should determine if packets are allowed or not. "Edit a packet"
What do you have in mind?

darthczyz · 06-02-2003, 08:35 AM

haha, i guess we're not quite sure what we want to do with it either. i'm kind of new to this, but the idea sounded good in my head. if i get some more, or more specific, information, i'll post and let you know. thanks anywise.

skiz

unSpawn · 06-02-2003, 11:12 AM

haha, i guess we're not quite sure what we want to do with it either.

So, basically you're admitting you're wasting the time of people trying to help you?..

nowonmai · 06-09-2003, 11:27 AM

^^

I don't know if that's a valid analysis. I think he's just admitting to a nebulous idea that he wants to define a little more clearly.

anyhow, darthczyz you can do what you want, but it'll involve hacking your tcp/ip stack.

there are network testing tools out there... one company of note is midnight networks. a friend of mine used to own the company but was bought out a few years ago. as far as I'm aware, they still make test suites, and you can probably get demos that'll do what you want.