Skip to content

Gnoxter/mountain_goat

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

Hi, I'm a mountain goat and I'm going to ram your TCP connections, because that's a pretty goat thing to do.

Me doing goat things

This is a PoC demonstrating techniques exploiting CVE-2016-5696 Off-Path TCP Exploits: Global Rate Limit Considered Dangerous by Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, Srikanth V. Krishnamurthy, Lisa M. Marvel presented at USENIX 25th Security Symposium.

This is not a complete implementation of the traffic injection attack. Its merely an implementation up to the inference of the current clients sequence number window. Due to the timing dependend nature it may need additional tuning depening on the host to properly function.

THE SOFTWARE IS FOR EDUCATIONAL AND RESEARCH PURPOSES. IT MAY CAUSE UNEXPECTED AND UNDESIRABLE BEHAVIOUR TO OCCUR AND MAY DISTRUPT NORMAL OPERATION OF MACHINES AND NETWORK EQUIPMENT. IT IS THE USERS RESPONSIBILITY TO ENSURE AN EDQUATE ENVIRONMENT THAT DOES NOT AFFECT ANY THIRD PARTY.

THE SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESSE OR IMPLIED WARRANTIES INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

About

A PoC demonstrating techniques exploiting CVE-2016-5696 Off-Path TCP Exploits: Global Rate Limit Considered Dangerous

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published