Results 1 to 10 of 10

Thread: Placing Backdoors Through Firewalls

  1. #1
    Senior Member
    Join Date
    Feb 2003
    Posts
    193

    Post Placing Backdoors Through Firewalls

    Sorry, I have to delete this because ronin made some points I have to be clear on and test it. So I felt like I can't post something I am not really sure of, and if I will post it again I will post it in addict forum. So monkeys wouldn't be running around with mirrors in their hands. I am sorry about it.

  2. #2
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    greate poste \/IP3R

  3. #3
    Doc d00dz Attackin's Avatar
    Join Date
    Mar 2003
    Location
    Florida
    Posts
    661
    This is a great read.......Hrmmm Thankyou for the infomation!!!

    Cya --DzA--
    First you listen, then you do, finally you teach.
    Duck Hunting Chat
    VirtualConvenience
    RROD

  4. #4
    Senior Member
    Join Date
    Apr 2003
    Posts
    103
    Awesome. Very informative. Thanks for the info.
    \"Trying to outsmart a compiler defeats much of the purpose of using one.\" — Kernighan & Plauger, The Elements of Programming Style.

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Good article. Can you explain a bit more on how you are hijacking a secureID session?
    Quis custodiet ipsos custodes

  6. #6
    Antionline's Security Dude instronics's Avatar
    Join Date
    Dec 2002
    Posts
    901
    Truly excellent information. Thanx for that one m8.

    Cheers.
    Ubuntu-: Means in African : "Im too dumb to use Slackware"

  7. #7
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    Thanx for posting so useful info \/IP3R.
    I'm just wondering if u could published the relaive URL, thanx
    [shadow] SHARING KNOWLEDGE[/shadow]

  8. #8
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Hey, if ya want to look at another method of circumvention, take a look at loki and lokid. This program wraps commands into UDP or ICMP headers, which sometimes are allowed through firewalls. The target machine, which runs the lokid deamon processes the requests and performs any number of functions. I wont go too deep into specifics of the setup but for those who are familiar with netcat, this little proggie will be a cake walk. To get it, you know what to do......GOOGLE.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  9. #9
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Ok, its a good article, but you make a couple of comments that are a little misleading (I`ll answer my own question). In order to Hijack a remote session you are going to need to insert yourself into the data stream and then hijack it (using something like Hunty). hHwever to do this on a communication travelling across the net means you need to be somewhere along the route, and the only place you are guaranteed of actually knowing is the target comapnies external router.

    So, now you need to attack the router and sniff traffic passing through it, then insert yourself into the session. So that makes things a little tricky,

    Also, SecureID (or any other authentication system used for Admin or other access) will usually make use of a VPN, so now you have an ecnrypted data stream which you cannot simply hijack.

    Most companies do not allow Telnet in through their external routers (or at least any company that knows what its doing doesn`t, and even most that don`t will block it)

    Furthermore most organisation using a DMZ will place all there external machines in that network (or thats the hope anyway) and the firewall controlling traffic between the DMZ and the internal network will usually only allow traffic from the Internal to the DMZ, not vice versa. Except perhaps in the case of email, where often a mail relay will be used, these can often be tricky to attack as well.

    Also a DMZ segment will nearly always be protected by a firewall as well, in the simplest configuration a firewall will have 3 NICs, one to the outside, one to the DMZ, and one to the Internal, so all traffic passes through the firewall.

    Didn`t mean to beat up on your post, just that I see so many documents on attacking that assume things that really aren`t the case. of course if I am wrong please let me know as I would like to know.
    Quis custodiet ipsos custodes

  10. #10
    Junior Member
    Join Date
    Mar 2003
    Posts
    17
    ****, i started reading this assome tutor in sql and wanted to finish in home, but now i can't. <angy> Can someone please send my this tutor to my pm or email?
    -=[ r 4 B B i T ]=-

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •