IPFlood (was IPFuck) – Firefox Add-on To Hide Your IP


IPFlood (previously IPFuck) is a Firefox add-on created to simulate the use of a proxy. It doesn’t actually change your IP address (obviously) and it doesn’t connect to a proxy either, it just changes the headers (that it can) so it appears to any web servers or software sniffing – that you are in fact using a proxy.

IPFlood (was IPFuck) - Firefox Add-on To Hide Your IP


This add-on is a “proof of concept” to show anyone who isn’t already aware that IP address has become obsolete and that no one should use an IP address as an evidence anymore. This plugin is just one of many ways to spoof an IP address and these spoofing could lead to outrageous accusation of innocents.

How does IPFlood/IPFuck work?

You can imagine that if I could just overwrite any existing information about your IP address I would have done so (or somebody else would have a while back ago)…

But it’s actually a little more tricky: when sending a request to a server you will provide several pieces of information about your IP address: three of them come from the Application Layer and the last one comes from the Transport Layer. This last one I can’t modify: you wouldn’t get the answer to your request if that was done. But the three others can be overwritten without any consequence to your browsing…

These three headers were created to provide information on the real IP of a person surfing through a proxy server. So when you enable IPFuck, the websites you are visiting will believe that your real IP is a proxy server and (if the website was done correctly) focus on the false IP you are sending…

Testing IPFlood/IPFuck

A lot of websites try and figure out who is hiding behind a proxy server. And if you don’t believe me (I won’t mind), just check out this Google search request: get real IP address php. Most of the snippets given here will check HTTP headers (the one we overwrite) before the Transport Layer information (‘REMOTE_ADDR’).

You can install IPFlood (previously IPFuck) for Firefox here:

ipflood-1.2.1-fx.xpi

Or read more here.

Posted in: Privacy


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.


Comments are closed.