{"id":13826962,"url":"https://github.com/blechschmidt/fakeroute","last_synced_at":"2025-07-31T06:38:29.168Z","repository":{"id":53619999,"uuid":"92448109","full_name":"blechschmidt/fakeroute","owner":"blechschmidt","description":"IPv4 and IPv6 traceroute fake hop generator through IP spoofing","archived":false,"fork":false,"pushed_at":"2024-10-11T23:32:55.000Z","size":25,"stargazers_count":110,"open_issues_count":0,"forks_count":24,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-05-18T20:04:34.180Z","etag":null,"topics":["fake-traceroute","fakeroute","ip-spoofing","ipv4","ipv4-spoofing","ipv6","ipv6-address","spoofing","traceroute"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/blechschmidt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-05-25T22:02:52.000Z","updated_at":"2025-05-08T16:21:29.000Z","dependencies_parsed_at":"2024-01-07T22:50:07.080Z","dependency_job_id":"34515afa-21ea-4929-8cd3-3d84d3618b85","html_url":"https://github.com/blechschmidt/fakeroute","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/blechschmidt/fakeroute","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blechschmidt%2Ffakeroute","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blechschmidt%2Ffakeroute/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blechschmidt%2Ffakeroute/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blechschmidt%2Ffakeroute/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/blechschmidt","download_url":"https://codeload.github.com/blechschmidt/fakeroute/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/blechschmidt%2Ffakeroute/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267999857,"owners_count":24178865,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-31T02:00:08.723Z","response_time":66,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fake-traceroute","fakeroute","ip-spoofing","ipv4","ipv4-spoofing","ipv6","ipv6-address","spoofing","traceroute"],"created_at":"2024-08-04T09:01:47.535Z","updated_at":"2025-07-31T06:38:29.142Z","avatar_url":"https://github.com/blechschmidt.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"295e14c39bf33cd5136be8ced9383746\"\u003e\u003c/a\u003e工具","Python"],"sub_categories":["\u003ca id=\"f855508acfc870b1f0d90ff316f1dd75\"\u003e\u003c/a\u003e伪造\u0026\u0026Spoof"],"readme":"# fakeroute\n\nFakeroute allows you to insert fake IPv4 and IPv6 hops between the last real hop and your Linux server by making use of\nIP address spoofing.\n\n## Setup\n\nInstall the dependencies using `pip install -r requirements.txt`. Run `sudo python fakeroute.py` on the machine for\nwhich you want to spoof the traceroute.\n\nYou can supply the path to a text file with custom IP addresses to be spoofed using `--hops`.\nThe file can contain IPv4 and IPv6 addresses, one per line.\n\nTo test the script, you can set up a virtual machine with a bridged network interface, such that it obtains its own IP\nvia DHCP, and traceroute the IP of the host.\n\nMost ISPs will not allow you to spoof IP addresses nowadays. You can still make use of fakeroute by externalizing the\nspoofing process. To this end, start fakeroute with the `--spoofer` option, which expects `IP:port` to listen on, in a\ndata center that allows spoofing. Then, on the machine for which you want to fake the traceroute, supply fakeroute with\nthe remote endpoint (`IP:port`) of the spoofer using `--remote`. You can add an HMAC `--key` to not allow everyone to\nuse your spoofing service.\n\n```\nusage: fakeroute.py [-h] [--hops HOPS] [--remote REMOTE] [--spoofer SPOOFER] [--key KEY]\n\nFake traceroute generator\n\noptions:\n  -h, --help         show this help message and exit\n  --hops HOPS        Path to file containing IPv4 and IPv6 addresses\n  --remote REMOTE    IP:port of remote spoofing service\n  --spoofer SPOOFER  IP:port to launch a spoofing service locally\n  --key KEY          HMAC-SHA256 signing key for remote spoofing authentication in hex format\n```\n\n## How does it work?\n\nIP packet headers contain a one byte time to live (TTL, IPv4) or hop limit (HL, IPv6) field which is supposed to be\ndecreased by every router on the packet's path to prevent infinite circulations.\nInitially, the sender populates the packet with a sufficiently large value.\nMost routers signal the expiry of the TTL by replying with an ICMP \"TTL expired\" packet to the packet sender.\nTracerouting works by sending out packets with increasing TTL.\nThe first router will drop the packet with TTL 1 and send an ICMP reply, the second router will drop the packet with TTL\n2 and so on.\nBy simply dropping all packets with a TTL below a certain threshold N at the last hop, it will appear as if N hops, that\ndo not reply with ICMP packets, had been inserted.\nThe `fakeroute.py` script uses a raw socket to capture packets with low TTL and either relays them to a server in\na [data center without egress filtering](https://spoofer.caida.org/as_stats.php) (i.e. where packets with spoofed source\nIP address are not filtered) or generates ICMP replies for them from fake source IP addresses directly.\n\n## Where does it work?\n\nMost providers will filter packets with forged IP addresses. An incomplete list of server providers without egress\nfiltering is available here:\n\n| Provider                       | Product                                | Date                                                                                    | Status             |\n|--------------------------------|----------------------------------------|-----------------------------------------------------------------------------------------| ------------------ |\n| ~~[njal.la](https://njal.la)~~ | ~~[VPS 15](https://njal.la/servers/)~~ | ~~[September 2, 2022](https://spoofer.caida.org/report.php?sessionkey=bjuru7gyraov66)~~ | no longer working  |\n\nIf you know more server providers, please submit a pull request with the details (provider name, product name, date, and, if possible,\na CAIDA Spoofer report).\n\n## Screenshot\n\n![Screenshot](https://cysec.biz/projects/fakeroute/screenshot1.png)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblechschmidt%2Ffakeroute","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fblechschmidt%2Ffakeroute","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fblechschmidt%2Ffakeroute/lists"}