Penetration Testing mailing list archives
Re: [PEN-TEST] IP Tunneling over DNS
From: Pawel Maciejewski <lukeskyw () SOWATECH COM PL>
Date: Mon, 11 Sep 2000 23:13:38 +0200
I think you can use for tunnelling almost every IP protocol, which will pass through firewall and routers to the Internet. ICMP is one of the ways, maybe easiest to implement. But i think that tunnelling is not so dangerous as passive trojans. In example : hacker sends spoofed e-mail from Windows Update to some user who works in some company. The user unpacks, and installs fake "update", and in a matter of fact he installs a passive client-trojan, which determines what type of packets are allowed to go outside, is this workstation using a proxy server etc..., and connects to some server, with installed server-trojan on it (using allowed protocols or even proxy commands). The trojan-client gets commands from the bogus-server, and then sends the results to it (same, using allowed protocols, or proxy, it doesnt matter). Think about things you can implement into your trojan client/server :) It can be almost everything... Greetings -= Signed =- -= Pawel Maciejewski =- "I had a dream I was a Jedi" ---------------------------- include <netinfo.h> char e-mail[]="lukeskyw () sowatech com pl"; char www[]="http://skywalker.hack.pl";
Current thread:
- [PEN-TEST] IP Tunneling over DNS Christopher M. Bergeron (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Mark Shlimovich (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Pawel Maciejewski (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS matthew patton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Work, Clinton (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Jonathan Rickman (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Andre Delafontaine (Sep 12)
- <Possible follow-ups>
- Re: [PEN-TEST] IP Tunneling over DNS Dunker, Noah (Sep 11)
- Re: [PEN-TEST] IP Tunneling over DNS Mordechai Ovits (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS BMM (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Eric Thiel (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Teicher, Mark (Sep 12)
- Re: [PEN-TEST] IP Tunneling over DNS Wolfgang Zenker (Sep 12)
(Thread continues...)
- Re: [PEN-TEST] IP Tunneling over DNS Jose Nazario (Sep 11)