EvilZone

Hacking and Security => Hacking and Security => Topic started by: arcanum on October 27, 2015, 05:41:43 PM

Title: read out IP-Header
Post by: arcanum on October 27, 2015, 05:41:43 PM

Hi everybody,
let's say someone sends me a picture per email and I want to read out the IP-Header of the picture.
So:

- version
- IHL
- Type of Service
- Total Length
- Identification
- Flags
- Fragment Offset
- Time to Live
- Protocol
- Header Checksum
- Source Address
- Destination Address

Because I have no idea how to do it, I ask you, how I can read it out or is there a tool I can use to do it?

--------------------
arcanum

Title: Re: read out IP-Header
Post by: novaccainne on October 28, 2015, 10:54:02 AM

Here is a PoC :

http://www.binarytides.com/packet-sniffer-code-c-linux/

Title: Re: read out IP-Header
Post by: xor on October 29, 2015, 03:19:10 AM

You can't get an IP header from an image.
You can only get an IP header from the network traffic.

If you did not packet capture the network traffic, you have no chance to get it.

You also have no chance to get it if the e-mail isn't coming directly to you, if it goes to an intermediary server, you won't be able to get the IP header of the senders connection with the server.

Title: Re: read out IP-Header
Post by: arcanum on November 07, 2015, 09:40:15 PM

thank you guys for your replies.

I hope that your xor are wrong and there is a way.
If not i really thank you that you told me that this is a deadlock.