-
June 4th, 2003, 11:29 PM
#1
Placing Backdoors Through Firewalls
Sorry, I have to delete this because ronin made some points I have to be clear on and test it. So I felt like I can't post something I am not really sure of, and if I will post it again I will post it in addict forum. So monkeys wouldn't be running around with mirrors in their hands. I am sorry about it.
-
June 4th, 2003, 11:49 PM
#2
-
June 5th, 2003, 04:06 AM
#3
This is a great read.......Hrmmm Thankyou for the infomation!!!
Cya --DzA--
-
June 5th, 2003, 04:41 AM
#4
Senior Member
Awesome. Very informative. Thanks for the info.
\"Trying to outsmart a compiler defeats much of the purpose of using one.\" — Kernighan & Plauger, The Elements of Programming Style.
-
June 5th, 2003, 02:29 PM
#5
Good article. Can you explain a bit more on how you are hijacking a secureID session?
Quis custodiet ipsos custodes
-
June 5th, 2003, 03:03 PM
#6
Truly excellent information. Thanx for that one m8.
Cheers.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
June 5th, 2003, 03:03 PM
#7
Thanx for posting so useful info \/IP3R.
I'm just wondering if u could published the relaive URL, thanx
[shadow] SHARING KNOWLEDGE[/shadow]
-
June 5th, 2003, 03:15 PM
#8
Hey, if ya want to look at another method of circumvention, take a look at loki and lokid. This program wraps commands into UDP or ICMP headers, which sometimes are allowed through firewalls. The target machine, which runs the lokid deamon processes the requests and performs any number of functions. I wont go too deep into specifics of the setup but for those who are familiar with netcat, this little proggie will be a cake walk. To get it, you know what to do......GOOGLE.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
June 5th, 2003, 03:16 PM
#9
Ok, its a good article, but you make a couple of comments that are a little misleading (I`ll answer my own question). In order to Hijack a remote session you are going to need to insert yourself into the data stream and then hijack it (using something like Hunty). hHwever to do this on a communication travelling across the net means you need to be somewhere along the route, and the only place you are guaranteed of actually knowing is the target comapnies external router.
So, now you need to attack the router and sniff traffic passing through it, then insert yourself into the session. So that makes things a little tricky,
Also, SecureID (or any other authentication system used for Admin or other access) will usually make use of a VPN, so now you have an ecnrypted data stream which you cannot simply hijack.
Most companies do not allow Telnet in through their external routers (or at least any company that knows what its doing doesn`t, and even most that don`t will block it)
Furthermore most organisation using a DMZ will place all there external machines in that network (or thats the hope anyway) and the firewall controlling traffic between the DMZ and the internal network will usually only allow traffic from the Internal to the DMZ, not vice versa. Except perhaps in the case of email, where often a mail relay will be used, these can often be tricky to attack as well.
Also a DMZ segment will nearly always be protected by a firewall as well, in the simplest configuration a firewall will have 3 NICs, one to the outside, one to the DMZ, and one to the Internal, so all traffic passes through the firewall.
Didn`t mean to beat up on your post, just that I see so many documents on attacking that assume things that really aren`t the case. of course if I am wrong please let me know as I would like to know.
Quis custodiet ipsos custodes
-
June 6th, 2003, 12:04 AM
#10
Junior Member
****, i started reading this assome tutor in sql and wanted to finish in home, but now i can't. <angy> Can someone please send my this tutor to my pm or email?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|