MITM packet injection?

[totallynotaskiddie]

Note: Not doing this for illegal purposes. I'm just trying to do this as a learning experience, cause, despite what my name says, I'm starting to feel like a complete script kiddie. So I don't want to be one.

So, say I have an MITM attack going on my home network. If I were to intercept, for example, a facebook message, save & edit the packet, how would I then inject the edited packet into the network so as to "fake" a message?
I've been googling and googling for days, haven't found much at all.
I have both BT5 linux and Windows 7 x64, so yeah.

@Anyone who can point me in the right direction: Thanks.

[not_essence2]

I actually haven't researched it much, but as far as I know, if you don't consider time limits, you'd have to spoof the TCP packet and then send it through the original port and to the intended recipient.
Oh, and as they all say, [url]google.com[/url] is a rather good tool.

[totallynotaskiddie]

Oh, and as they all say, [url]google.com[/url] is a rather good tool.

I've been googling and googling for days, haven't found much at all.

Oh and thanks but I already figured that as a possibility. Still have no clue how I could spoof a packet, although I haven't searched that exact wording. I'll get on that.

[not_essence2]

*facepalm* Idiot me strikes again... I'm sorry, I don't know what's with me today. First I write the most horrible piece of code I've ever seen, and now I just completely skip a line in a post.

[LoGiCaL__]

I've messed with MITM recently. Was able to perform the attack with sslstrip. Haven't attempted anything with injections yet. Just did a quick google search and came up with this. Not too much detail but it does mention some tools you could probably google: http://www.backtrack-linux.org/forums/showthread.php?t=46864

Here is the full search page: http://lmgtfy.com/?q=mitm+packet+injection

[mShred]

I've done tons of MITM in the past. I could really use a refresher though. I should probably get into using sslstrip or one of the other fancy ways to try to get passed the SSL barrier. I've only successfully done that once, without sslstrip. I was jumping through hoops settin that bitch up.

[limdis]

I was talking with Logical about this over IRC. Also having done some mitm in my time I was thinking about the realistic application of pulling this off. Firstly it would be highly impressive to do it without stealing the session from the target.

But my thoughts on this are:
You would have to monitor traffic and specifically strip snippets of just chat messages. I also think it would require deciphering the private key because I would think it would require the injected message to be rerun through ssl. Although already having a spoofed certificate might allow a work around for that. Without stealing the session I think a combination of ettercap forced replacement would also be needed, like when you replace all the images on the targets browser. But instead it would have to be in form of the message...

Sounds tricky, entirely possible, and complicated. I'm going to try it!

[totallynotaskiddie]

Haha you guys are definitely going to beat me to it as I have, admittedly, hardly any idea what I'm doing at this point. My knowledge goes up to a certain point before my brain craps out. If someone does achieve this before I understand it myself, I'd definitely appreciate an explanation as to how it was done (TYVM)

But about the whole SSL thing..I know most websites use it, but I don't think facebook uses it unless you purposely enable it, am I right? So in cases such as that, you wouldn't necessarily need to worry about that, I don't think.
Although it's good to expect it, anyway, I'd guess.

Thanks for the responses.

[LoGiCaL__]

facebook redirects to an https login page.

[limdis]

facebook redirects to an https login page.

session stealing it is then