Date post: | 09-Jun-2015 |
Category: |
Technology |
Upload: | nu-the-open-security-community |
View: | 1,697 times |
Download: | 7 times |
TUNNELING/COVERT CHANNEL
I Just need one open port
What is Tunneling?
One network protocol (payload protocol) encapsulated within the different protocol (delivery protocol) to provide a path through a network
What is Covert Channel?
A channel that is used for information transmission, but that is not design nor intended for communication
Protocol at Different Layer
Application Layer: FTP, Telnet, SSH,
SMTP, DNS, HTTP/S
Transport Layer: TCP, UDP Internet Layer: IP, ICMP, IGMP Data Link Layer: MAC
The General Covert Channel Framework
Properties
Undetectable Robustness
When you will find it useful?
When your boss will ask you, what discussion you are having with your friend on chat, about me
When your rediffmail password or ftp server password will got hacked, because you are using internet in ad-hoc network
When you are not able to access some service outside your network, because of access policy
Purpose
Penetration test of Firewall/IPS/Proxy Secure communication over ad-hoc
network
Isn’t that a bit subversive?
Well, Yes…… And Privacy And Freedom Ok, how do we start
Scenario
ICMP Tunneling SSH Tunneling HTTPS Tunneling Using Proxy
Tools
Ptunnel SSH Client/Server Putty Cctt(Covert Channel Tunneling Tool) g00gle CrewBots MsnShell Wsh(Web Shell) Cooking Channels
ICMP Tunneling
FirewallPen Tester
Echo request
Echo reply
Echo requestEcho reply
SS
H
SS
H
ICMP Proxy Server
Destination
SSH Tunneling
Ad-hoc NetworkUser
SSH
SSHSSH
SSH
SM
TP
/FT
P
SM
TP
/FT
P
SSH Server
Destination
HTTPS Tunneling
SS
H
SS
H
Pro
xy P
ort P
rox y Por t
HTTPS HTTPS
HTTPSHTTPS
Pen Tester SSH Server on Port 443