I'm working on a website testing framework, and I'd like to be able to spoof the user ip. I've read, that software like Loadrunner can do this, and I'd like to be able to do this as well.
我正在研究网站测试框架,我希望能够欺骗用户ip。我已经读过,像Loadrunner这样的软件可以做到这一点,我也希望能够做到这一点。
A tutorial on how to use a socket normally can be found here, but I if I want to spoof the ip, I'll have to somehow edit ip header. Is this done on socket level, or is there an other, deeper level in .Net, which would let me do this?
关于如何正常使用套接字的教程可以在这里找到,但是如果我想欺骗ip,我将不得不以某种方式编辑ip头。这是在套接字级别完成的,还是在.Net中还有其他更深层次的,这可以让我这样做?
2 个解决方案
#1
9
You can't anymore, as access to raw sockets has been restricted in the desktop versions of Windows:
您不能再这样了,因为在桌面版本的Windows中限制了对原始套接字的访问:
On Windows 7, Windows Vista, Windows XP with Service Pack 2 (SP2), and Windows XP with Service Pack 3 (SP3), the ability to send traffic over raw sockets has been restricted in several ways:
在Windows 7,Windows Vista,Windows XP Service Pack 2(SP2)和Windows XP Service Pack 3(SP3)上,通过原始套接字发送流量的能力受到以下几种限制:
- TCP data cannot be sent over raw sockets.
- TCP数据无法通过原始套接字发送。
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- 无法通过原始套接字发送具有无效源地址的UDP数据报。任何传出UDP数据报的IP源地址必须存在于网络接口上,否则数据报将被丢弃。此更改旨在限制恶意代码创建分布式拒绝服务攻击的能力,并限制发送欺骗数据包(具有伪造源IP地址的TCP / IP数据包)的能力。
- A call to the
bindfunction with a raw socket for theIPPROTO_TCPprotocol is not allowed.
Note Thebindfunction with a raw socket is allowed for other protocols (IPPROTO_IP,IPPROTO_UDP, orIPPROTO_SCTP, for example).- 不允许使用IPPROTO_TCP协议的原始套接字调用绑定功能。注意其他协议(例如IPPROTO_IP,IPPROTO_UDP或IPPROTO_SCTP)允许使用带原始套接字的绑定功能。
(From Dev Center - Desktop - TCP/IP Raw Sockets)
(来自开发人员中心 - 桌面 - TCP / IP原始套接字)
You can create a raw socket fairly easily:
您可以非常轻松地创建原始套接字:
Socket s = new Socket(ip.AddressFamily, SocketType.Raw, ProtocolType.Ip);
At which point its on you to construct the appropriate datagram (which would be a separate question if you don't have the documentation on how to do this to hand)
在这一点上你可以构建适当的数据报(如果你没有关于如何做到这一点的文档,这将是一个单独的问题)
#2
1
LoadRunner can spoof IP addresses only when the actual IP address exists on the Load Generator. So, if I have 200 IP addresses assigned to my host then I can distribute my load across these IP addresses instead of having least cost routing or primary vs secondary network interfaces come into play in the operating system. This is true not only of LoadRunner but other application performance testing tools that spoof, the address needs to be assigned to the host generating the load.
仅当Load Generator上存在实际IP地址时,LoadRunner才能欺骗IP地址。因此,如果我有200个IP地址分配给我的主机,那么我可以在这些IP地址上分配我的负载,而不是在操作系统中使用最低成本路由或主要与次要网络接口。这不仅适用于LoadRunner,还适用于欺骗的其他应用程序性能测试工具,需要将地址分配给生成负载的主机。
If you are looking for raw spoofing solutions where the IP address need not be assigned to the host for testing purposes then you might consider network performance testing tools, particularly the chassis-based solutions, from companies such as Spirent and Ixia. These network solutions can also generate tens of thousands of unique bogus MAC addresses to go with the bogus IP addresses if needed.
如果您正在寻找原始欺骗解决方案,其中无需将IP地址分配给主机进行测试,那么您可以考虑使用思博伦和Ixia等公司的网络性能测试工具,尤其是基于机箱的解决方案。如果需要,这些网络解决方案还可以生成数万个独特的虚假MAC地址,以配合伪造的IP地址。
#1
9
You can't anymore, as access to raw sockets has been restricted in the desktop versions of Windows:
您不能再这样了,因为在桌面版本的Windows中限制了对原始套接字的访问:
On Windows 7, Windows Vista, Windows XP with Service Pack 2 (SP2), and Windows XP with Service Pack 3 (SP3), the ability to send traffic over raw sockets has been restricted in several ways:
在Windows 7,Windows Vista,Windows XP Service Pack 2(SP2)和Windows XP Service Pack 3(SP3)上,通过原始套接字发送流量的能力受到以下几种限制:
- TCP data cannot be sent over raw sockets.
- TCP数据无法通过原始套接字发送。
- UDP datagrams with an invalid source address cannot be sent over raw sockets. The IP source address for any outgoing UDP datagram must exist on a network interface or the datagram is dropped. This change was made to limit the ability of malicious code to create distributed denial-of-service attacks and limits the ability to send spoofed packets (TCP/IP packets with a forged source IP address).
- 无法通过原始套接字发送具有无效源地址的UDP数据报。任何传出UDP数据报的IP源地址必须存在于网络接口上,否则数据报将被丢弃。此更改旨在限制恶意代码创建分布式拒绝服务攻击的能力,并限制发送欺骗数据包(具有伪造源IP地址的TCP / IP数据包)的能力。
- A call to the
bindfunction with a raw socket for theIPPROTO_TCPprotocol is not allowed.
Note Thebindfunction with a raw socket is allowed for other protocols (IPPROTO_IP,IPPROTO_UDP, orIPPROTO_SCTP, for example).- 不允许使用IPPROTO_TCP协议的原始套接字调用绑定功能。注意其他协议(例如IPPROTO_IP,IPPROTO_UDP或IPPROTO_SCTP)允许使用带原始套接字的绑定功能。
(From Dev Center - Desktop - TCP/IP Raw Sockets)
(来自开发人员中心 - 桌面 - TCP / IP原始套接字)
You can create a raw socket fairly easily:
您可以非常轻松地创建原始套接字:
Socket s = new Socket(ip.AddressFamily, SocketType.Raw, ProtocolType.Ip);
At which point its on you to construct the appropriate datagram (which would be a separate question if you don't have the documentation on how to do this to hand)
在这一点上你可以构建适当的数据报(如果你没有关于如何做到这一点的文档,这将是一个单独的问题)
#2
1
LoadRunner can spoof IP addresses only when the actual IP address exists on the Load Generator. So, if I have 200 IP addresses assigned to my host then I can distribute my load across these IP addresses instead of having least cost routing or primary vs secondary network interfaces come into play in the operating system. This is true not only of LoadRunner but other application performance testing tools that spoof, the address needs to be assigned to the host generating the load.
仅当Load Generator上存在实际IP地址时,LoadRunner才能欺骗IP地址。因此,如果我有200个IP地址分配给我的主机,那么我可以在这些IP地址上分配我的负载,而不是在操作系统中使用最低成本路由或主要与次要网络接口。这不仅适用于LoadRunner,还适用于欺骗的其他应用程序性能测试工具,需要将地址分配给生成负载的主机。
If you are looking for raw spoofing solutions where the IP address need not be assigned to the host for testing purposes then you might consider network performance testing tools, particularly the chassis-based solutions, from companies such as Spirent and Ixia. These network solutions can also generate tens of thousands of unique bogus MAC addresses to go with the bogus IP addresses if needed.
如果您正在寻找原始欺骗解决方案,其中无需将IP地址分配给主机进行测试,那么您可以考虑使用思博伦和Ixia等公司的网络性能测试工具,尤其是基于机箱的解决方案。如果需要,这些网络解决方案还可以生成数万个独特的虚假MAC地址,以配合伪造的IP地址。