O'Reilly logo

Learning zANTI2 for Android Pentesting by Miroslav Vitula

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

TCP sequence prediction

It is possible to make a full connection to a system with a poor TCP initial sequence number and perform a blind TCP spoofing attack on them. This kind of attack was the most popular one in the '90s when people used rlogin, which is a remote shell client (like SSH) that allows users to log in on another host via network, communicating using TCP port number 513. In December 1994, Kevin Mitnick had supposedly used this attack to break into Tsutomu Shimomura's (computer security expert, currently CEO of Neofocal Systems) computers. Luckily, almost nobody uses rlogin anymore. However, blind TCP spoofing may still be effective for HTTP requests.

Now, you might be surprised with the log. What does the good luck comment mean? Well, ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required