IPFlood (was IPFuck) – Firefox Add-on To Hide Your IP


IPFlood (previously IPFuck) is a Firefox add-on created to simulate the use of a proxy. It doesn’t actually change your IP address (obviously) and it doesn’t connect to a proxy either, it just changes the headers (that it can) so it appears to any web servers or software sniffing – that you are in fact using a proxy.

IPFlood (was IPFuck) - Firefox Add-on To Hide Your IP


This add-on is a “proof of concept” to show anyone who isn’t already aware that IP address has become obsolete and that no one should use an IP address as an evidence anymore. This plugin is just one of many ways to spoof an IP address and these spoofing could lead to outrageous accusation of innocents.

How does IPFlood/IPFuck work?

You can imagine that if I could just overwrite any existing information about your IP address I would have done so (or somebody else would have a while back ago)…

But it’s actually a little more tricky: when sending a request to a server you will provide several pieces of information about your IP address: three of them come from the Application Layer and the last one comes from the Transport Layer. This last one I can’t modify: you wouldn’t get the answer to your request if that was done. But the three others can be overwritten without any consequence to your browsing…

These three headers were created to provide information on the real IP of a person surfing through a proxy server. So when you enable IPFuck, the websites you are visiting will believe that your real IP is a proxy server and (if the website was done correctly) focus on the false IP you are sending…

Testing IPFlood/IPFuck

A lot of websites try and figure out who is hiding behind a proxy server. And if you don’t believe me (I won’t mind), just check out this Google search request: get real IP address php. Most of the snippets given here will check HTTP headers (the one we overwrite) before the Transport Layer information (‘REMOTE_ADDR’).

You can install IPFlood (previously IPFuck) for Firefox here:

ipflood-1.2.1-fx.xpi

Or read more here.

Posted in: Privacy


Latest Posts:


Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network
OWASP Amass - DNS Enumeration, Attack Surface Mapping & External Asset Discovery OWASP Amass – DNS Enumeration, Attack Surface Mapping & External Asset Discovery
The OWASP Amass Project is a DNS Enumeration, Attack Surface Mapping & External Asset Discovery tool to help information security professionals perform network mapping of attack surfaces.


Comments are closed.