TCP reset Gongji principle and actual combat reproduction

TCP Reset gongji Principle and actual combat reappearance

TCP

TCP Connection oriented transport layer protocol , The application is using TCP Before the agreement , You have to set up TCP Connect . After the transmission of data , The established... Must be released TCP Connect .TCP It's point-to-point communication , Provide reliable delivery , adopt TCP Connect the transmitted data , No mistakes , No loss , No repetition , And arrive in order .TCP Provide full duplex communication ,TCP Both ends of the connection are provided with send cache and receive cache , Used to temporarily store data for two-way communication , such TCP Send data when appropriate , The application process reads the data in the cache when appropriate .TCP Is oriented to a byte stream ,TCP Treat the data given by the application as a series of unstructured byte streams , however TCP The data unit transmitted is the message segment .

TCP message

One TCP The message segment is divided into two parts: the first part and the data part , There is a reset in the head RST（ReSet） Field , It is the reset bit , When RST=1 Time indicates TCP There was a serious error in the connection , Connection must be released , Then reestablish the transport connection .RST Set to 1 Used to reject an illegal segment or to refuse to open a connection .

Reset gongji

RSTgongji It's the server A and B Established TCP Connect ,C Forged a TCP Send the bag to B, send B Abnormal disconnection and A Between TCP Connect .

When the server C Disguised as a A My bag , send out RST package ,B Will discard and A Data in the buffer , Force the connection off .

When the server C Disguised as a A My bag , send out SYN package , The server B Create a new connection when the connection is normal ,B Active direction A send out RST package , And forcibly close the connection on the server .

This is reset gonji The specific implementation method of .

summary

To successfully achieve gongji, You need to set the source and destination correctly IP Address 、 Port number and serial number , hold gongji Putting the victim and the victim in the same network can reduce the difficulty of guessing the serial number .