‘Hunt, TCP Hijacking tool’
‘Hunt’s home page can be found at: http://lin.fsid.cvut.cz/~kra/index.html. ‘
‘Hunt, Hijacking software has the following functionality features:
1) Connection management
* Setting what connections you are interested in.
* Detecting an ongoing connection (not only SYN started).
* Normal active hijacking with the detection of the ACK storm.
* ARP spoofed/Normal hijacking with the detection of successful ARP spoof.
* Synchronization of the true client with the server after hijacking (so that the connection don’t have to be reset).
* Resetting connection.
* Watching connection.
* Reset daemon for automatic connection resetting.
* ARP spoof/relayer daemon for ARP spoofing of hosts with the ability to relay all packets from spoofed hosts.
* MAC discovery daemon for collecting MAC addresses.
* Sniff daemon for logging TCP traffic with the ability to search for a particular string.
3) Host Resolving
* Deferred host resolving through dedicated DNS helper servers.
4) packet engine
* Extensible packet engine for watching TCP, UDP, ICMP and ARP traffic.
* Collecting TCP connections with sequence numbers and the ACK storm detection.
* Determining which hosts are up.
The tool was written by: Pavel Krauz.’