nmap random source IP spoofing script

This script was used to generate firewall logs and represent a wide array of incoming traffic. It chooses a random source IP to spoof and a random service port. The "-sS" only sends a syn packet, it doesn't try to complete a handshake. Without it, nmap might try to bind to a socket, which will fail because the source IPs it is trying to bind with are faked.

Usage: nmaspoof limit destination
where nmaspoof is the name of the script below
limit is the number of packets / loops of the script you desire
destination is the hostname or IP to target

the script...

#!/bin/bash

LIMIT=$1
DSTIP=$2

 for i in `seq $LIMIT`
do
  echo "limit = $LIMIT"
  RNDPORT=`echo $((RANDOM%=65535))`
  SOURCEIP=`echo $((RANDOM%=223))"."$((RANDOM%=255))"."$((RANDOM%=255))"."$((RANDOM%=254))`
  echo "running nmap with spoofed source IP $SOURCEIP"
  nmap -n --max-retries 1 --host-timeout 1 -e eth1 -sS -S $SOURCEIP $DSTIP -Pn -p $RNDPORT
done

nmap random source IP spoofing script

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Tools