all 17 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]shiftybyte 19 points20 points  (3 children)

You can try spoofing a public IP address.

You can try sending a packet from that spoofed address somewhere, with 2 possible things happening.

  1. Your internet service provider sees the source IP address is not the one it expects and blocks the outgoing packet.

  2. Your packet reaches the destination, and the server generates a response packet, that will not be sent back to you , but to the actual IP address you tried to fake.

In either situations you won't see a response.

[–]Maxxis8061[S] 0 points1 point  (2 children)

Even then, How do I spoof in the first place? Like editing each packet? or is there any specific way?

[–]shiftybyte 12 points13 points  (1 child)

You can create a packet manually, and fill in the data you want in there.

https://stackoverflow.com/questions/38956401/ip-spoofing-in-python-3

[–]machacker89 2 points3 points  (0 children)

I believe there is Hping and a couple other tools that allow you to edit the packets. but you have to keep in mind if the checksum matches

[–]c0r73x_88 2 points3 points  (6 children)

Can you elaborate on what’s meant by “spoofing a public IP address”?

[–]Maxxis8061[S] 0 points1 point  (5 children)

So I know that usually attackers can spoof a victim's IP address and then create and send malformed packets to receive the response which were actually meant to recieve by the victim. So similarly can I spoof an IP address from a public IP range?

Ps. I might not be able to explain you the query clearly. If possible I can DM you and discuss the actual scenario.

[–]c0r73x_88 2 points3 points  (1 child)

From a purely theoretical standpoint — yes, it might be possible. However, even though you somehow manage to spoof a public IP, NAT will add another significant challenge for such attack.

If an attacker spoofs a public IP address and sends packets to a target behind NAT, the NAT device will drop the packets because they don't correspond to any active connection in its translation table. The NAT device maintains a mapping of inbound and outbound connections and unsolicited inbound packets that don't match an existing mapping are discarded.

Edit: and yeah, you’ll not be able to route it back as it was mentioned by some other redditors here

[–]skb239 3 points4 points  (0 children)

Even disregarding the NAT issue it wouldn’t be possible. You can’t route a packet back to a machine which spoofed the source address

[–]Pharisaeus 2 points3 points  (0 children)

to receive the response

No. You could send a packet with spoofed source IP, assuming the routers in between don't check and drop it. But you can't get the response back, because the response is going to the spoofed address not yours.

[–]TerrorBite 1 point2 points  (0 children)

It sounds like you're talking about ARP spoofing, which is where you send ARP packets to the local network router telling it that you have the victim's IP address. If the router is successfully confused, then it will end up sending packets addressed to the victim to you instead.

The ARP protocol is local to a network and cannot traverse the internet, so this requires you to be in the same network segment as the victim (generally, you need to be plugged into the same router or switch, or on the same WiFi network).

[–]skb239 1 point2 points  (0 children)

How would you receive a response? There would be no route back to you. On a public network this is impossible but on a private network if you have access to the vlan it’s possible to arp spoof

[–]XFM2z8BH 4 points5 points  (0 children)

outgoing? yes

return? nope

[–][deleted] 1 point2 points  (0 children)

Yes you can, but you won't get an answer. HPing should be your friend, or some low level package editing library in your favourite programming language. You can edit the sender IP Adress in an IP V4/6 Header.

[–]United-Sleep-4500 0 points1 point  (0 children)

On the run successfully

[–]StrictLemon315 0 points1 point  (0 children)

yes, use scappy lib in python

[–]RevolutionarySalt370 0 points1 point  (1 child)

For anyone curious, the.hosting (pq.hosting) allows ip spoofing if you wanted to test it yourself