SYN Requests & NMapWin

[Nacx]

I have read a tutorial about how to make a spoofed connection to another computer with SYN requests. How do I make SYN requests? and send ACK? Is there any program to do this?
Also I can't NMapWin to work with Windows XP(running XP by the way), i have ver. 1.3.0. Does anybody know of this problem, and have a solution?
-Nacx

[weazy]

you can create network connections in your favorite programming/scripting language. I usually do it using Python. A guy that used to work with us preferred to use VB. You will have to use some type of program that operates at the network layer. Most hackers will write their own in order to get a specific desired response by sending a predictable sequence.

[Nacx]

ok, I program a little so I know VB and Java. Is all I need to do, is try to make a socket connection? I've read it's impossible making raw socket connections with java, and I'm not able to find anything about raw socket connections in VB. Can I do that with python? I know a little about python too.
-Nacx

[weazy]

python defintely will allow you to make a raw socket connection. I am pretty sure (not positive but close to it) that you can do same in VB.

[Nacx]

ok, so a SYN Request is made when I try to make a simple socket connection to the target?

[weazy]

SYN request is request for Synchonization. there is a syn ack sequence when a new connection is made

[chieftan]

Consists of the following:-


Host ----------SYN----------->Target

Host <--------SYN / ACK ----Target

Host-----------ACK----------->Target

Then, a reliable connection has been formed and data transfer can begin.
Note, that Windowing size must be agreed during this period.

Hope this added a bit more light on the subject.

[Nacx]

ok, I understand it in theory, but how do I do it in practice? Is there any program that can make a SYN Request, or what?

[chieftan]

http://grc.com/oo/packetsniff.htm

The site above has packet sniffing software that allows you to subverse the original data held within the packet (IE - Ports on TCP and addresses on IP).

A word of warning - if you do not know Hex and TCP and IP like the back of your hand then DO NOT USE.

YOU HAVE BEEN WARNED.

Otherwise, good luck and enjoy.

[chieftan]

http://www.packetstormsecurity.org

They have lots of different programs listed here, and a lot of them are open source so you can view how to build and compile your own program.

[Nacx]

hmm, I didn't think packet sniffers could make SYN Requests, I thought they were for packet sniffing...

[weazy]

like i said earlier, you should just write the prog yourself using a python or vb or java or whatever. now you know the theory, look up the syntax -- thats the beauty of the net bro

[chieftan]

you have to know the layout of the packet ..... the programs themselves (if you read what Weazy said and I said) will show you the correct format for either:-

a: Changing original source code of a program to make it better.
b: Write your own program.

What I was trying to describe was to understand how it works and to be careful.

Perhaps I did'nt explain it correctly. Hopefully, this has cleared up any confusion.

[weazy]

http://www.python.org/doc/current/lib/module-socket.html

[Nacx]

I don't think I need to flood with a new thread, so I'll post my little question here.
How do I get one of those shell accounts, at lockdown.ws?? Maybe I'm blind, but I can't seem to find a link about shell accounts.

[weazy]

i think you may be blind -- check the first page

[Nacx]

yes at the bottom of the page I see some text that could like a link: apply for a lockdown account. But it's not a link, it's only text. And I checked the html code, and it looks like it's ment to be ordinary text.

[weazy]

you are right. the site is mirrored

go here: http://67.32.140.254/

[Nacx]

thanks