Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

null Pune meet - Evading Firewalls: Tunneling

2,176 views

Published on

null Pune meet - Evading Firewalls: Tunneling – By Murtuja Bharmal
http://null.co.in

Published in: Technology
  • Login to see the comments

  • Be the first to like this

null Pune meet - Evading Firewalls: Tunneling

  1. 1. <ul><li>TUNNELING/COVERT CHANNEL </li></ul><ul><li> I Just need one open port </li></ul>
  2. 2. What is Tunneling? <ul><li>One network protocol (payload protocol) encapsulated within the different protocol (delivery protocol) to provide a path through a network </li></ul>
  3. 3. What is Covert Channel? <ul><li>A channel that is used for information transmission, but that is not design nor intended for communication </li></ul>
  4. 4. Protocol at Different Layer <ul><li>Application Layer: FTP, Telnet, SSH, </li></ul><ul><li> SMTP, DNS, HTTP/S </li></ul><ul><li>Transport Layer: TCP, UDP </li></ul><ul><li>Internet Layer: IP, ICMP, IGMP </li></ul><ul><li>Data Link Layer: MAC </li></ul>
  5. 5. The General Covert Channel Framework
  6. 6. Properties <ul><li>Undetectable </li></ul><ul><li>Robustness </li></ul>
  7. 7. When you will find it useful? <ul><li>When your boss will ask you, what discussion you are having with your friend on chat, about me </li></ul><ul><li>When your rediffmail password or ftp server password will got hacked, because you are using internet in ad-hoc network </li></ul><ul><li>When you are not able to access some service outside your network, because of access policy </li></ul>
  8. 8. Purpose <ul><li>Penetration test of Firewall/IPS/Proxy </li></ul><ul><li>Secure communication over ad-hoc network </li></ul>
  9. 9. Isn’t that a bit subversive? <ul><li>Well, Yes…… </li></ul><ul><li>And Privacy </li></ul><ul><li>And Freedom </li></ul><ul><li>Ok, how do we start </li></ul>
  10. 10. Scenario <ul><li>ICMP Tunneling </li></ul><ul><li>SSH Tunneling </li></ul><ul><li>HTTPS Tunneling Using Proxy </li></ul>
  11. 11. Tools <ul><li>Ptunnel </li></ul><ul><li>SSH Client/Server </li></ul><ul><li>Putty </li></ul><ul><li>Cctt(Covert Channel Tunneling Tool) </li></ul><ul><li>g00gle CrewBots </li></ul><ul><li>MsnShell </li></ul><ul><li>Wsh(Web Shell) </li></ul><ul><li>Cooking Channels </li></ul>
  12. 12. ICMP Tunneling Firewall Pen Tester Echo request Echo reply Echo request Echo reply SSH SSH ICMP Proxy Server Destination
  13. 13. SSH Tunneling Ad-hoc Network User SSH SSH SSH SSH SMTP/FTP SMTP/FTP SSH Server Destination
  14. 14. HTTPS Tunneling SSH SSH Proxy Port Proxy Port HTTPS HTTPS HTTPS HTTPS Pen Tester SSH Server on Port 443
  15. 15. Murtuja Bharmal (bharmal.murtuja@gmail.com)

×