Given that I’m on a local network, if I can capture a ICMP echo

Question

0

Asked: June 18, 20262026-06-18T09:33:31+00:00 2026-06-18T09:33:31+00:00

Given that I’m on a local network, if I can capture a ICMP echo

0

Given that I’m on a local network, if I can capture a ICMP echo request packet, and considering that I want to spoof a echo reply, what part of the original packet would I need to change supposing I make a copy of the original before i send it back? I’m guessing the IP header would need to change, (the destination IP of the original would become the source, and vice versa) as well as the ICMP header (the type would need to change to ECHO_REPLYPACKET). But besides those 2 are there any others?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T09:33:32+00:00

Quoting RFC 792 :

Echo or Echo Reply Message

0                   1                   2                   3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Type      |     Code      |          Checksum             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Identifier          |        Sequence Number        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Data ...
+-+-+-+-+-

To form an echo reply message, the source and destination addresses
are simply reversed, the type code changed to 0, and the checksum
recomputed.

Identifier and Sequence Number must be 0 as well.

RFC 1071 shows you how to calculate the Checksum

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Given that I’m on a local network, if I can capture a ICMP echo

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply