IP Spoofing doesn't work.

[tigersoft18]

Running the project successfully launches packets with spoofed IP and it is verified with Wireshark on my PC. But they never reach the target on internet. I've checked it working in my LAN. What's the difference between LAN and Internet in this project?

[Subangkar]

Considering that your target machine has real ip i.e. it is not behind any NAT, spoofed ping can still be traced if via intermediate routers by detecting an invalid source ip for the domain you are using. However, in my university LAN it worked pretty well.

…

On Tue, Sep 29, 2020, 7:53 PM Wenhao Wang ***@***.***> wrote: Running the project successfully launches packets with spoofed IP and it is verified with Wireshark on my PC. But they never reach the target on internet. I've checked it working in my LAN. What's the difference between LAN and Internet in this project? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#1>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFOFWCPDXBQ5KIAKZKQDYTDSIHRFFANCNFSM4R52SZEA> .

[tigersoft18]

Normal packets arrive perfectly, but only spoofed packets are filtered out. It seems that intermediate routers are blocking them.
Then, is it impossible to spoof source IP address on the internet?
Are all spoofing PoCs are tested on LAN?

[tigersoft18]

I think target machine is not the problem seeing that normal packets are working well. I wonder sender's routing structure blocks spoofing.
Would you test your project on my target machine?

[Subangkar]

Well if the intermediate router can verify whether a source ip can exist in the incoming domain or not, it can certainly reject it. I'm currently occupied with a work right now. Feel free to send the spoofed ping to your target ip following the instructions mentioned in the readme file of the repo.

…

On Thu, Oct 1, 2020, 5:13 PM Wenhao Wang ***@***.***> wrote: I think target machine is not the problem seeing that normal packets are working well. I wonder sender's routing structure blocks spoofing. Would you test your project on my target machine? — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#1 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AFOFWCNU4BQHLKOP7PN42YLSIRP37ANCNFSM4R52SZEA> .

[tigersoft18]

I opened this issue because this repo doesn't work on my sender and target machines both on the internet.
Would you just try sending spoofed ping to my target machine with your sender? I want to make it clear whether ip spoofing is still possible on the internet.

[Subangkar]

Well. it's an interesting matter to look into.
But I currently have windows environment only. Thanks for letting me know. I will inform you once it is tried outside LAN.

[hacker25808674]

Can I tunnel ssh using icmp host spoffing