Difference between revisions of "nmap random source IP spoofing script"
From thelinuxwiki
| (4 intermediate revisions by one user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | This script was used to generate firewall logs and represent a wide array of incoming traffic. It chooses a random source IP to spoof and a random service port. The "-sS" only sends a syn packet, it doesn't try to complete a handshake. Without it, nmap might try to bind to a socket, which will fail because the source IPs it is trying to bind with are faked. | |
| + | '''Usage: nmaspoof limit destination'''<br> | ||
| + | where nmaspoof is the name of the script below<br> | ||
| + | limit is the number of packets / loops of the script you desire<br> | ||
| + | destination is the hostname or IP to target | ||
| + | |||
| + | '''the script...''' | ||
#!/bin/bash | #!/bin/bash | ||
<br>LIMIT=$1 | <br>LIMIT=$1 | ||
| Line 10: | Line 16: | ||
SOURCEIP=`echo $((RANDOM%=223))"."$((RANDOM%=255))"."$((RANDOM%=255))"."$((RANDOM%=254))` | SOURCEIP=`echo $((RANDOM%=223))"."$((RANDOM%=255))"."$((RANDOM%=255))"."$((RANDOM%=254))` | ||
echo "running nmap with spoofed source IP $SOURCEIP" | echo "running nmap with spoofed source IP $SOURCEIP" | ||
| − | |||
nmap -n --max-retries 1 --host-timeout 1 -e eth1 -sS -S $SOURCEIP $DSTIP -Pn -p $RNDPORT | nmap -n --max-retries 1 --host-timeout 1 -e eth1 -sS -S $SOURCEIP $DSTIP -Pn -p $RNDPORT | ||
done | done | ||
| + | |||
| + | |||
| + | |||
[[category:nmap]] | [[category:nmap]] | ||
Latest revision as of 01:39, 9 May 2013
This script was used to generate firewall logs and represent a wide array of incoming traffic. It chooses a random source IP to spoof and a random service port. The "-sS" only sends a syn packet, it doesn't try to complete a handshake. Without it, nmap might try to bind to a socket, which will fail because the source IPs it is trying to bind with are faked.
Usage: nmaspoof limit destination
where nmaspoof is the name of the script below
limit is the number of packets / loops of the script you desire
destination is the hostname or IP to target
the script...
#!/bin/bash
LIMIT=$1 DSTIP=$2
for i in `seq $LIMIT` do echo "limit = $LIMIT" RNDPORT=`echo $((RANDOM%=65535))` SOURCEIP=`echo $((RANDOM%=223))"."$((RANDOM%=255))"."$((RANDOM%=255))"."$((RANDOM%=254))` echo "running nmap with spoofed source IP $SOURCEIP" nmap -n --max-retries 1 --host-timeout 1 -e eth1 -sS -S $SOURCEIP $DSTIP -Pn -p $RNDPORT done
