0

Hey i have a quick question about some ssl stuff. Is there any way NOT to send acknowledgement (ACK) back to the server after its response?

What am i doing, is testing a friends webapp, written in PHP i suppose, but i don't have a source code, and i think this is more of a general thing. What am i doing is asking a server for some data, handshake happens, i receive data and send ACK that the data were recieved. Then the server "FIN" the connection.. Thats what usually happens, but i'm using Burp proxy to intercept the servers response and noticed that if i drop the response the connection state is on "CLOSE_WAIT" and i don't receive the FIN signal after that, but the server know that i received the data.

So is there any way not to tell the server that i received the data? Basically fake that the data were lost somewhere, but still look at the response? Can Burp Suite do something similar to this or do you know any handy tools that might help? I can provide more info you want.

Thanks a lot!<3

Aesthetick
  • 61
  • 3
  • I have not seen that option in burp but you could use Wireshark to inspect and drop packets you want. It will take a lot of trial and error to get it right mind you. – Lieven Keersmaekers Jan 06 '21 at 22:09
  • Well after posting my question i kept digging and found an interesting plugin: (https://github.com/summitt/Burp-Non-HTTP-Extension) Basically does what i asked for but i cannot get this working.. Unfortunately Wireshark can only read incoming/outgoing communication but it cannot be modified(https://osqa-ask.wireshark.org/questions/10292/editing-the-packet-live#:~:text=No%2C%20there%20isn't%20any,machine%20on%20which%20it's%20running.) Another options was some sort of Traffic generator like Pacet Sender, Scapy etc.. (more here: https://wiki.wireshark.org/Tools ) But that would be hard work. – Aesthetick Jan 06 '21 at 22:30
  • You can't do this, and it wouldn't help if you could. CLOSE_WAIT means that the incoming FIN has been received but the local application hasn't closed its socket yet. This is a bug in your code. – user207421 Jan 06 '21 at 22:34
  • Yeah.. the thing is that it isn't even my code :D and i'm kinda looking for a way to exploit it, (again, no knowledge of server side) but iv'e came across a thing called "DIVERT SOCKET".. so lets learn some perl i suppose... – Aesthetick Jan 06 '21 at 23:36

0 Answers0