[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 19: Initial Sequence Number Abuse
Page 19

  
  Initial Sequence Number Abuse
  The ISN is a four byte integer
  Used for TCP packet ordering.
  Four bytes long.
  ISN predictability is IP stack specific
  Example encoding:
        Set the initial SYN packet to ((ASCII character) * KEY)
        Letter    ASCII   Key        ISN
        'D'   ==   68   * 9876  =>  671568
        'o'   ==  111   * 9876  =>  1096236
        'S    ==   83   * 9876  =>  819708
        ' '   ==   32   * 9876  =>  316032
        'n'   ==  110   * 9876  =>  1086360
        'o'   ==  111   * 9876  =>  1096236
        'w'   ==  119   * 9876  =>  1175244

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at SecureWorld Expo, 2003.

Presentation created using vim and MagicPoint.