iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (2)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
YOUR THOUGHTS ON THESE METHODS?
  • McKittrick
    Posts: 194
    a while back when i was still involved in this stuff heavily i had read about a new way to send data by tunneling it over ICMP. people would have chats to and fro simply by putting whatever they wanted to say into an ICMP packet hoping it would bypass any firewall that did not have packet analysis available (if you notice on a typical type 8 echo, all you see for data is the alphabet and then 1-9 i believe---someone realized that that data could be changed to anything)

    a while after that, a new form of data tunneling technique came across some forums i was in and i was wondering how many of you knew about it. it was a concept of tunneling any type of data using DNS packets. is this still in use today? i remember reading about the concept, new at the time, and it was pretty revolutionary. the idea is that you can piggyback any data onto the DNS packet and that will go right through a typical firewall. i believe the rest of that DNS portion is then stripped off. i am not sure of the rest, like i said, it was something i read about years ago that seemed to be the rage
  • Sh3llc0d3
    Posts: 1,910
    -Moved-
    Questions, Suggestions & Feedback > Network Security

    The section "Questions, Suggestions & Feedback" (unless I've misinterpreted it) is for questions related to that site so i've moved it.
  • McKittrick
    Posts: 194
    here, i was right----http://slashdot.org/articles/00/09/10/2230242.shtml
  • mandi
    Posts: 207 

    a while back when i was still involved in this stuff heavily i had read about a new way to send data by tunneling it over ICMP. people would have chats to and fro simply by putting whatever they wanted to say into an ICMP packet hoping it would bypass any firewall that did not have packet analysis available (if you notice on a typical type 8 echo, all you see for data is the alphabet and then 1-9 i believe---someone realized that that data could be changed to anything)

    a while after that, a new form of data tunneling technique came across some forums i was in and i was wondering how many of you knew about it. it was a concept of tunneling any type of data using DNS packets. is this still in use today? i remember reading about the concept, new at the time, and it was pretty revolutionary. the idea is that you can piggyback any data onto the DNS packet and that will go right through a typical firewall. i believe the rest of that DNS portion is then stripped off. i am not sure of the rest, like i said, it was something i read about years ago that seemed to be the rage



    Like you i do got animated a lot about these tunnels and things before some months,but now i want to tell you a few things regarding this icmp and dns tunneling techniques

    1)Even tough your method works,it will be more suspicious to the Network admins,Because if they see too much of out-bound dns and icmp traffic were generated means they will more likely to inspect your system

    2)You can use this method on some dummy or low-profile networks,Because you need to understand the security logic behind this,In a secured PROXY network you never can generate a icmp traffic,because as far as i had seen i didn't seen a Application that can send icmp packets via proxy

    3)Also in secured Networks DNS queries will be set to originate only from the Server end only,NOT FROM THE CLIENT END's,So it totally spoil your idea nah?

    If you are playing with a low-profile or poorly secured network,those methods will surely work...
Add a Comment