Revision as of 19:44, 5 March 2022

Overview

What is it?

tcpkill is a command line utility installed as part of the Dsniff suite.

tcpkill will kill TCP connections by spoofing the TCP hangup request, which interferes with the connection.

To a victim, the end result is an infuriating mix of a network connection that appears connected and working when diagnosed, but that cannot keep any TCP connections alive.

How to use it?

To run tcpkill, you need a network card that can be operated in promiscuous mode (i.e., not Mac or Windows).

You provide two arguments:

the network interface to listen on
the degree of brute force to use in killing a connection (1-9, default is 3). use higher numbers for faster connections, to inject more forged RST packets and get the timing right

Links

Code

Official version: https://monkey.org/~dugsong/dsniff/

Patched C version: https://github.com/chartbeat/tcpkill

Python version: https://github.com/Kkevsterrr/tcpkiller

ethernet only, no 802.11 headers

@@ Line 7: / Line 7: @@
 tcpkill will kill TCP connections by spoofing the TCP hangup request, which interferes with the connection.
-To a victim, the end result is an infuriating mix of a network connection that seems to work, but that cannot sustain any TCP connections.
+To a victim, the end result is an infuriating mix of a network connection that appears connected and working when diagnosed, but that cannot keep any TCP connections alive.
 ==How to use it?==
@@ Line 13: / Line 13: @@
 To run tcpkill, you need a network card that can be operated in promiscuous mode (i.e., not Mac or Windows).
+You provide two arguments:
+* the network interface to listen on
+* the degree of brute force to use in killing a connection (1-9, default is 3). use higher numbers for faster connections, to inject more forged RST packets and get the timing right

Tcpkill: Difference between revisions

From charlesreid1