Search code examples
jmeteripspoofing

Jmeter: IP spoofing not working

To test IP Spoofing I am following below steps:

  1. Open CMD and do nslookup www.xyz.com.asdfg-staging.net
  2. This will give the IP address , add this IP address at the bottom of hosts file.Here C:\Windows\System32\drivers\etc
  3. Open Jmeter and add this IP in Http Sample as shown below:

As instrcuted in links How to setup IP spoofing in jmeter? and send requests with multiple ip address to my application using apache-JMeter(IP Spoofing) 4. Run the tests and I only see red errors in View Results Tree listener but I do not follows step #3 then there are only greens.

What I am expecting is "spoofed IP" i.e. the IP adress that I added in host file should be present in Request tab of View Results Tree listener.

What am I doing wrong here? The tutorials that shared above also asked to edit IPv4 properties , is that really mandatory to achieve what I am looking for?

Solution

  • IP Spoofing is done for the client side addresses. In your screenshot, you are trying to find the value of the spoofed IP in the HOST header which usually points to the actual server hostname and not the IP.

    Scenario 1 with no values assigned in IPv4 field with test done against myhost.test.com

    Request Headers:
Connection: close
Content-Type: application/json
Content-Length: 162
Host: myhost.test.com
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_111)

    Scenario 2 with Source Address field set to 10.1.153.90

    Request Headers:
Connection: close
Content-Type: application/json
Content-Length: 162
Host: myhost.test.com
User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_111)
**X-LocalAddress: /10.1.153.90**

    To me, it looks like you are trying to spoof your server IP to a specific IP provided by the service provider so that you hit only that like Akamai staging environment. In that case, setting your C:\Windows\System32\drivers\etc\hosts file with the assigned IP for your server (not the client) will work outside JMeter and is handled by the OS (not JMeter).

    1.54.163.146 myhost.test.com

    At the OS level, your OS will take care of sending requests addressed for myhost.test.com to the IP that you gave above in C:\Windows\System32\drivers\etc\hosts file

    To see the actual IP address, add a pre-processor (beanshell or equivalent) and add the below lines

    import java.net.InetAddress;

InetAddress address = InetAddress.getByName("myhost.test.com"); 
log.info("Address=" + address.getHostAddress());

    If you want to measure your request time taken by this IP addresses, you can put it in a variable and add that in your sampler name

    import java.net.InetAddress;

InetAddress address = InetAddress.getByName("myhost.test.com"); 
log.info("Address=" + address.getHostAddress()); 
vars.put("addressused",  address.getHostAddress());

    Then append ${addressused} to your samplername. It will measure the transaction based on samplername+ipaddress