As part of the hacking contest I am participating in, level 39 involves IP address spoofing. It requires a UDP request to be sent to a particular server but the request should appear, to this server, to have come from a specific IP provided by them. Crafting the actual packet is quite trivial when you have tools like Scapy at your disposal, however, ensuring the crafted packet actually reaches its destination is far from trivial.
IP Header
----------------------------------------------------- | Version | IHL | TOS | Total length | ----------------------------------------------------- | Identification | Flags | Fragment offset | ----------------------------------------------------- | TTL | Protocol | Header checksum | ----------------------------------------------------- | ----> Source IP address <---- | ----------------------------------------------------- | Destination IP address | ----------------------------------------------------- | Options and padding | -----------------------------------------------------
The “problem” (it’s actually a good thing) being that most ISPs these days employ egress filtering on their border routers. The egress filter is a check on outbound traffic. The filter looks at the source IP address in the IP header to check that the packet is coming from within its own network. If the source IP doesn’t belong to its network, the packet is dropped.
For now, the only alternative (legal) seems to be to try to somehow get access to an ISP that doesn’t egress filter its traffic and send the packet from there.
Fixed a bug reported by h9z3zzj02. The name of the XML file being generated had the wrong prefix prepended to it.
It looks like many people have found the extractor to be useful. As of now, the web server has logged a total of 3.5G of downloads since I released it. It has been linked from many sites, two of which are:
PS3-Themes.com
PS3 Theme Extractor Tutorial
It is also being used by other programs as an external app for extracting p3t files.