Just to make life easy, try 'fiddler' or any MITM proxy and manipulate the
the "Host:" key in the request header with the IP address of your choice.
However, the "Host:" key modification method can only fool the webservers
and webapps but not the firewall or IDS.
Another thought - How about using open proxies??
- D
-----Original Message-----
From: Luchino - Samel [mailto:samelinux@gmail.com]
Sent: Monday, February 20, 2006 5:58 AM
To: pen-test@securityfocus.com
Subject: Strange server test tool
I think that Christophe Vandeplas have understand me ... and i agree with
him.
I need a test tool that request a web page with a spoofed ip and that's not
possible, but i'll look at the tool all of you have write about.
--
Samel alias Luca
"Close the world,txen eht nepo!"
"You will never break my mind!"
http://s1.bitefight.it/c.php?uid=23270
LinuxUser:410006 eversor:316704 cortana:316705 PGP KeyID: B4234B4B
FingerPrint: 46C477C939B3D0366275DB5EAFA77638B4234B4B
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
