Results 1 to 2 of 2

Thread: RST packet attack from Client

  1. #1
    Junior Member
    Join Date
    May 2008

    Default RST packet attack from Client

    the RST packet attack is basically when a client initiates a connection (3 way handshake) and an attacker spoofs the identity of the server and get the correct sequence number and ACK no and sends a packet with the RST packet set to one..

    but what i am trying to do is,,, reset the connection from the client its self instead of the server resetting the connection,,, so that another spoofed server can interact with the client (Victim)

    so basically a client would send a request such as
    pkt-1: seq #: 12345
             ack #: 54321
            flags#: PA<-PSH-ACK
           Payload: GET
    how would the immediate RST Packet look like??
    pkt-2: seq#: 12345+42<-(42 being the payload lenght of previous packet)
             ack#: 54321
           flags#: R<-RST
    is this Right??? or does the RST packet need to have the exact same seq # as pkt-1??

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010


    Quote Originally Posted by Cryptid View Post
    is this Right??? or does the RST packet need to have the exact same seq # as pkt-1??
    If the sequence number is out of an expected range then it may alert Intrusion detection systems as well as some firewalls that something is not right. The problem with doing something like this is the sequence itself. Take a look at this article for a more in depth look at Sequence numbers. You can also try here there was a good bit of info about tcp sequence numbers as well, unfortunately I don't have the exact page link anymore. But there is some good info on the website none the less.
    Those two should be enough to help further you along.
    To be successful here you should read all of the following.
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts