Inspiration
Network security has always been something of a glittery black box for us. We figured it'd be fun to crack open the box and see what's inside. The TCP Reset attack is one of the oldest and most widely understood attacks around, so implementing it from scratch seemed like a good start.
What it does
This project is a packet parsing library and a script that uses it to conduct TCP reset attacks.
How we built it
The parser and attacker are built in pure python 3 using the standard socket module.
Challenges we ran into
As it turns out, using regular sockets to receive Ethernet frames is only possible on Linux. In order to work on other platforms, the module would have to be re-engineered using libpcap or a similar bare-wire library.
Accomplishments that we're proud of
As of the end of our initial work, the script is capable of completely shutting down any usable form of TCP connection that lasts longer than a few milliseconds.
What we learned
Speed matters - on our test network of virtual machines, the zero-latency network allowed them to communicate fast enough that our RST packets were out of the window by the time they were sent.
TCP stacks are finicky. If you don't set exactly the right combination of flags and sequence numbers, your packet will fall on deaf ears.
Byte-ordering is a non-trivial issue. Making sure that integers are interpreted the correct way without regard to the system's native byte order is very important and easy to mess up.
What's next for Automated TCP Reset attacker
We're considering porting the attack script to use libpcap so it can work on several platforms, and we have the bare beginnings of a GUI that presents the user with a list of connections they can click on to attack.
Log in or sign up for Devpost to join the conversation.