Re: hijacking TCP connections on FreeBSD

[Joerg Over <over () dexia de>]

At 20:14 09.07.02 +0200 tide () thunderchick com wrote:
->I think I once read something about taking over tcp connections on
->phrack.org but couldn't find the 'phile' anymore. link, anyone?
->Judging from the document I just mentioned, one can take over every
->alive tcp connection.

I believe you're referring to the fine juggernaut by route, available in
phrack 50 ( http://www.phrack.org/show.php?p=50&a=6 ).

2 remarks though:

The first version had a bug, so you should get the patch for juggernaut 1.0
-> 1.2 from phrack 51 right away ( http://www.phrack.org/show.php?p=51&a=7 )

Second: there is some inline assembler, I managed to fumble it into working
condition for the 2.2.x Linux kernel and glibc6, but since I don't know the
least bit about assembler essentially, nor what I really did there, I don't
know how hard it would be for BSD. Maybe not at all, though, it's probably
worth a try.

juggernaut has a couple of handy features, among those 2 kinds of
connection hijacks, connection spying, a packet assembly module and all
with a menudriven frontend. ( Plus "Souper sekret option number eight", of
course. )

I believe it's pre-libnet, but not quite sure.

hth, jo