SlideShare a Scribd company logo

PyMultitor

Tomer Zait
Tomer Zait

PyMultitor – Bypass restrictions based on IP counters like a Boss PyMultitor enables to perform multiple web requests from multiple IP addresses by using TOR network. Adding an ability of this sort to some of the most common attacks often makes them leathal and unstoppable. Why? Is this limited to TOR? How can we stay safe?

Internet
1 of 33
Download to read offline
PyMultitor Bypass restrictions based on IP counters like a Boss Tomer Zait Security Researcher, F5 Networks
ABOUT ME Tomer Zait • Security Researcher at F5 • Practical Software Engineer (Ort Singalovsky) • Offensive Security Certified Professional (OSCP) • LinkedIn: https://il.linkedin.com/in/realgame • GitHub: https://github.com/realgam3
SUBJECTS • The Problem • About Tor • About BruteForce • About PyMultitor • Can We Prevent It?
The Problem
WHAT IS THE PROBLEM? • Security solutions that rely on IP counters  Bruteforce  DoS  Anti-Scanning
About Tor
ABOUT TOR • Tor is a network infrastructure that allows browsing the web anonymously (This can be argued). • The Tor network is constantly growing and includes over 4,500 servers through which one can browse the internet anonymously. In essence, this means that each server can act as an anonymous proxy with a different IP address. • Since the Tor communication can be encrypted, it allows the communication between the end user and the proxy to be encrypted, making it harder to identify the true source.
WHAT IS TOR BROWSER? • The Tor Browser was first developed and utilized by the United States Navy as an onion-routing tool to protect digital government communications • The inventors were employees of the United States Naval Research Laboratory • Initially designed solely for U.S. government activities, the browser is now widely used by governments around the world as well as journalists, activists, and various others
POSITIVES OF THE TOR BROWSER • Encrypts government communications for many smaller nations • Protects users from intrusive government surveillance o Used by many American citizens for simple tasks such as checking bank accounts in order to prevent network logging of information
POSITIVES OF THE TOR BROWSER (1) • Provides increased freedom for journalists in oppressed nations • Allows individuals in nations with censorship issues to express their opinions without worry of prosecution • In extreme censorship cases, the Tor Browser simply allows people to access everyday sites such as Facebook, Twitter, and YouTube
WORLDWIDE USE OF TOR
WORLDWIDE USE OF TOR (1)
About BruteForce
WHAT IS BRUTEFORCE • Brute forcing consists of systematically enumerating all possible candidates for the solution and checking whether each candidate satisfies the problem's statement. • In web application testing, the problem we are going to face with the most is very often connected with the need of having a valid user account to access the inner part of the application. • Therefore we are going to check different types of authentication schema and the effectiveness of different brute- force attacks.
Types Of BruteForce Attacks
ONE USER MANY PASSWORDS Username Password Password Password
ONE PASSWORD MANY USERS Password Username Username Username
MANY USERS MANY PASSWORDS (COMBO) Password Password Password Username Username Username
About PyMultitor
ABOUT THE PROJECT Did you ever want to be at two different places at the same time? When I asked myself this question, I actually started developing this solution in my mind. While performing Penetration Tests there are often problems caused by security devices that block the "attacking" IP.
ABOUT THE PROJECT (1) This really annoyed me so I wrote a script to supply a solution for this problem. With a large number of IP addresses performing the attacks, better results are guaranteed. Especially when attempting attacks to bypass Web Application Firewalls, Brute-Force type attacks and many more.
WHY DID I CHOOSE TOR? • Reliable o Anonymous proxies die fast and sometimes are not so anonymous. • Programmable • Tor has a Framework (Stem – Uses Control Port)
HOW DOES PYMULTITOR WORK? • PyMultitor work with EventLoop (Gevent) and multiple Tor processing (Sub Processes). • Each Tor process is responsible for the connection between a single IP address (Proxy) and the target. Furthermore, each Tor process has two addresses – an internet address (Socks 4a Proxy) and a management address. • Each time the programs identifies that the IP is blocked, a new identity is requested from Tor meaning a new IP address is issued to this connection. The request that was blocked is re-sent and the testing process will continue.
FUTURE GOALS • The main goal is to allow programmers to work with the PyMultitor framework with ease. • Creating a Class that will manage an organized configuration, a Class that will manage performing actions and allow testing for known attacks like Brute-Force, Local File Inclusion (LFI), Cross Site Scripting (XSS), Fuzzing and more. • Combining the Multi Processing ability with Gevent can significantly accelerate the work and allow using almost all the benefits of asynchronous programming.
Programming Concerns
GLOBAL INTERPRETER LOCK (GIL) What is the Global Interpreter Lock, or GIL? A “mutex” that prevents multiple native threads from executing Python bytecodes at once. This lock is necessary mainly because CPython's memory management is not thread-safe. (However, since GIL exists, other features have grown to depend on the guarantees that it enforces.)
GEVENT gevent is a coroutine -based Python networking library that uses greenlet to provide a high-level synchronous API on top of the libev event loop. Features include: • Fast event loop based on libev (epoll on Linux, kqueue on FreeBSD). • Lightweight execution units based on greenlet. • API that re-uses concepts from the Python standard library (for example there are gevent.event.Events and gevent.queue.Queues).
STEM - NOT MY BUGS  https://trac.torproject.org/projects/tor/ticket/10072 Error Message In Windows: The Message => ImportError: No module named pwd On Function => launch_tor_with_config The Reason => Theres import of pwd lib on stem.util.system, pwd lib is not exist on windows. Solution => if statement on the import / Try Except.
BRUTEFORCE DEMO
PYMULTITOR – IT’S DEMO TIME
Can We Prevent It? DOES IT REFER ONLY TO TOR?
WE WILL SEE HOW IT GOES FOR NETFLIX…
Solutions for an application world. devcentral.f5.com T.Zait@f5.com

Recommended

Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
OWASP Delhi
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
Ahmed Mater
 
Defcon 22-metacortex-grifter-darkside-of-the-internet
Defcon 22-metacortex-grifter-darkside-of-the-internetDefcon 22-metacortex-grifter-darkside-of-the-internet
Defcon 22-metacortex-grifter-darkside-of-the-internet
Priyanka Aash
 
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peopDefcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Priyanka Aash
 
Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)
Saprative Jana
 
10 tk3193-firewall 2
10 tk3193-firewall 210 tk3193-firewall 2
10 tk3193-firewall 2
Setia Juli Irzal Ismail
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
Mohammed Bharmal
 

Recommended

Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh BhatiaDarknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
Darknets - Introduction & Deanonymization of Tor Users By Hitesh Bhatia
OWASP Delhi
 
TOR NETWORK
TOR NETWORKTOR NETWORK
TOR NETWORK
Rishikese MR
 
Tor project and Darknet Report
Tor project and Darknet ReportTor project and Darknet Report
Tor project and Darknet Report
Ahmed Mater
 
Defcon 22-metacortex-grifter-darkside-of-the-internet
Defcon 22-metacortex-grifter-darkside-of-the-internetDefcon 22-metacortex-grifter-darkside-of-the-internet
Defcon 22-metacortex-grifter-darkside-of-the-internet
Priyanka Aash
 
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peopDefcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Defcon 22-adrian-crenshaw-dropping-docs-on-darknets-how-peop
Priyanka Aash
 
Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)Hacking Tor ( How does Tor work ?)
Hacking Tor ( How does Tor work ?)
Saprative Jana
 
10 tk3193-firewall 2
10 tk3193-firewall 210 tk3193-firewall 2
10 tk3193-firewall 2
Setia Juli Irzal Ismail
 
Tor: The Second Generation Onion Router
Tor: The Second Generation Onion RouterTor: The Second Generation Onion Router
Tor: The Second Generation Onion Router
Mohammed Bharmal
 
2012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 20122012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 2012
44CON
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
INSIGHT FORENSIC
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
Abdul Rahman
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
Brent Muir
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
Khaled Mosharraf
 
The Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in SecurityThe Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in Security
Sherif Mansour
 
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat LandscapeWeaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Priyanka Aash
 
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverYour Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Ahmed EL-KOSAIRY
 
New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)
André Fucs de Miranda
 
UTOPOLL白皮書.pdf
UTOPOLL白皮書.pdfUTOPOLL白皮書.pdf
UTOPOLL白皮書.pdf
aipaypoll
 
Lesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptxLesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptx
Jezer Arces
 
OTG-Recon
OTG-ReconOTG-Recon
OTG-Recon
Sedthakit Prasanphanich
 
2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection
APNIC
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
Mikal Villa
 
Utopoll Whitepaper.pdf
Utopoll Whitepaper.pdfUtopoll Whitepaper.pdf
Utopoll Whitepaper.pdf
blondialvarez3520
 
Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]
Setia Juli Irzal Ismail
 
Polyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and morePolyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and moreDefconRussia
 
Open Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and ArchitectureOpen Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and Architecture
Kai Wähner
 
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama ElhamerBSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama ElhamerShellmates
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Duo Security
 
FIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT AgentsFIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT Agents
FIWARE
 

More Related Content

What's hot

2012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 20122012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 2012
44CON
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
INSIGHT FORENSIC
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
Abdul Rahman
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
Ahmed Mater
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
Brent Muir
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
Khaled Mosharraf
 

What's hot (6)

2012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 20122012 in review: Tor and the censorship arms race - 44CON 2012
2012 in review: Tor and the censorship arms race - 44CON 2012
 
(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation(130727) #fitalk anonymous network concepts and implementation
(130727) #fitalk anonymous network concepts and implementation
 
Phases of penetration testing
Phases of penetration testingPhases of penetration testing
Phases of penetration testing
 
Tor Project and The Darknet
Tor Project and The DarknetTor Project and The Darknet
Tor Project and The Darknet
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 
Introduction to anonymity network tor
Introduction to anonymity network torIntroduction to anonymity network tor
Introduction to anonymity network tor
 

Similar to PyMultitor

The Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in SecurityThe Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in Security
Sherif Mansour
 
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat LandscapeWeaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Priyanka Aash
 
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverYour Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Ahmed EL-KOSAIRY
 
New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)
André Fucs de Miranda
 
UTOPOLL白皮書.pdf
UTOPOLL白皮書.pdfUTOPOLL白皮書.pdf
UTOPOLL白皮書.pdf
aipaypoll
 
Lesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptxLesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptx
Jezer Arces
 
OTG-Recon
OTG-ReconOTG-Recon
OTG-Recon
Sedthakit Prasanphanich
 
2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection
APNIC
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
Mikal Villa
 
Utopoll Whitepaper.pdf
Utopoll Whitepaper.pdfUtopoll Whitepaper.pdf
Utopoll Whitepaper.pdf
blondialvarez3520
 
Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]
Setia Juli Irzal Ismail
 
Polyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and morePolyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and moreDefconRussia
 
Open Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and ArchitectureOpen Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and Architecture
Kai Wähner
 
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama ElhamerBSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama ElhamerShellmates
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
Duo Security
 
FIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT AgentsFIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT Agents
FIWARE
 
AtlSecCon 2016
AtlSecCon 2016AtlSecCon 2016
AtlSecCon 2016
Earl Carter
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 
WHONIX OS
WHONIX OSWHONIX OS
WHONIX OS
Akshay Vasava
 
Turbot - A Next Generation Botnet
Turbot - A Next Generation BotnetTurbot - A Next Generation Botnet
Turbot - A Next Generation Botnet
Itzik Kotler
 

Similar to PyMultitor (20)

The Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in SecurityThe Myth of The Iron Triangle in Security
The Myth of The Iron Triangle in Security
 
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat LandscapeWeaponizing Intelligence: Interdiction in Today’s Threat Landscape
Weaponizing Intelligence: Interdiction in Today’s Threat Landscape
 
Your Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet TakeoverYour Botnet is My Botnet: Analysis of a Botnet Takeover
Your Botnet is My Botnet: Analysis of a Botnet Takeover
 
New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)New Botnets Trends and Threats (BH Europe 2007)
New Botnets Trends and Threats (BH Europe 2007)
 
UTOPOLL白皮書.pdf
UTOPOLL白皮書.pdfUTOPOLL白皮書.pdf
UTOPOLL白皮書.pdf
 
Lesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptxLesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptx
 
OTG-Recon
OTG-ReconOTG-Recon
OTG-Recon
 
2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection
 
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)TSC Summit #4 - Howto get browser persitence and remote execution (JS)
TSC Summit #4 - Howto get browser persitence and remote execution (JS)
 
Utopoll Whitepaper.pdf
Utopoll Whitepaper.pdfUtopoll Whitepaper.pdf
Utopoll Whitepaper.pdf
 
Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]Chapter 9 system penetration [compatibility mode]
Chapter 9 system penetration [compatibility mode]
 
Polyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and morePolyakov how i will break your enterprise. esb security and more
Polyakov how i will break your enterprise. esb security and more
 
Open Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and ArchitectureOpen Source IoT Project Flogo - Introduction, Overview and Architecture
Open Source IoT Project Flogo - Introduction, Overview and Architecture
 
BSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama ElhamerBSides Algiers - Metasploit framework - Oussama Elhamer
BSides Algiers - Metasploit framework - Oussama Elhamer
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 
FIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT AgentsFIWARE Global Summit - Developing New IoT Agents
FIWARE Global Summit - Developing New IoT Agents
 
AtlSecCon 2016
AtlSecCon 2016AtlSecCon 2016
AtlSecCon 2016
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
 
WHONIX OS
WHONIX OSWHONIX OS
WHONIX OS
 
Turbot - A Next Generation Botnet
Turbot - A Next Generation BotnetTurbot - A Next Generation Botnet
Turbot - A Next Generation Botnet
 

More from Tomer Zait

Escaping the python sandbox
Escaping the python sandboxEscaping the python sandbox
Escaping the python sandbox
Tomer Zait
 
The evolution of credential hijacking
The evolution of credential hijackingThe evolution of credential hijacking
The evolution of credential hijacking
Tomer Zait
 
PyMultiTor
PyMultiTorPyMultiTor
PyMultiTor
Tomer Zait
 
Hacking 101 for developers
Hacking 101 for developersHacking 101 for developers
Hacking 101 for developers
Tomer Zait
 
Buffer overflow – Smashing The Stack
Buffer overflow – Smashing The StackBuffer overflow – Smashing The Stack
Buffer overflow – Smashing The Stack
Tomer Zait
 
Java - abstract class methods
Java - abstract class methodsJava - abstract class methods
Java - abstract class methods
Tomer Zait
 

More from Tomer Zait (6)

Escaping the python sandbox
Escaping the python sandboxEscaping the python sandbox
Escaping the python sandbox
 
The evolution of credential hijacking
The evolution of credential hijackingThe evolution of credential hijacking
The evolution of credential hijacking
 
PyMultiTor
PyMultiTorPyMultiTor
PyMultiTor
 
Hacking 101 for developers
Hacking 101 for developersHacking 101 for developers
Hacking 101 for developers
 
Buffer overflow – Smashing The Stack
Buffer overflow – Smashing The StackBuffer overflow – Smashing The Stack
Buffer overflow – Smashing The Stack
 
Java - abstract class methods
Java - abstract class methodsJava - abstract class methods
Java - abstract class methods
 

Recently uploaded

原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
3ipehhoa
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
ufdana
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
3ipehhoa
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
Javier Lasa
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
nhiyenphan2005
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
nirahealhty
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
Arif0071
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
GTProductions1
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
Rogerio Filho
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Brad Spiegel Macon GA
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
3ipehhoa
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
laozhuseo02
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
harveenkaur52
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Florence Consulting
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
Gal Baras
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
laozhuseo02
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
keoku
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
CIOWomenMagazine
 

Recently uploaded (20)

原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
原版仿制(uob毕业证书)英国伯明翰大学毕业证本科学历证书原版一模一样
 
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
一比一原版(CSU毕业证)加利福尼亚州立大学毕业证成绩单专业办理
 
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
急速办(bedfordhire毕业证书)英国贝德福特大学毕业证成绩单原版一模一样
 
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdfJAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
JAVIER LASA-EXPERIENCIA digital 1986-2024.pdf
 
Bài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docxBài tập unit 1 English in the world.docx
Bài tập unit 1 English in the world.docx
 
This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!This 7-second Brain Wave Ritual Attracts Money To You.!
This 7-second Brain Wave Ritual Attracts Money To You.!
 
test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...test test test test testtest test testtest test testtest test testtest test ...
test test test test testtest test testtest test testtest test testtest test ...
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
Comptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guideComptia N+ Standard Networking lesson guide
Comptia N+ Standard Networking lesson guide
 
guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...guildmasters guide to ravnica Dungeons & Dragons 5...
guildmasters guide to ravnica Dungeons & Dragons 5...
 
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptx
 
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
1比1复刻(bath毕业证书)英国巴斯大学毕业证学位证原版一模一样
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027Italy Agriculture Equipment Market Outlook to 2027
Italy Agriculture Equipment Market Outlook to 2027
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdfMeet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
Meet up Milano 14 _ Axpo Italia_ Migration from Mule3 (On-prem) to.pdf
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
一比一原版(SLU毕业证)圣路易斯大学毕业证成绩单专业办理
 
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
Internet of Things in Manufacturing: Revolutionizing Efficiency & Quality | C...
 

PyMultitor

  • 1. PyMultitor Bypass restrictions based on IP counters like a Boss Tomer Zait Security Researcher, F5 Networks
  • 2. ABOUT ME Tomer Zait • Security Researcher at F5 • Practical Software Engineer (Ort Singalovsky) • Offensive Security Certified Professional (OSCP) • LinkedIn: https://il.linkedin.com/in/realgame • GitHub: https://github.com/realgam3
  • 3. SUBJECTS • The Problem • About Tor • About BruteForce • About PyMultitor • Can We Prevent It?
  • 5. WHAT IS THE PROBLEM? • Security solutions that rely on IP counters  Bruteforce  DoS  Anti-Scanning
  • 7. ABOUT TOR • Tor is a network infrastructure that allows browsing the web anonymously (This can be argued). • The Tor network is constantly growing and includes over 4,500 servers through which one can browse the internet anonymously. In essence, this means that each server can act as an anonymous proxy with a different IP address. • Since the Tor communication can be encrypted, it allows the communication between the end user and the proxy to be encrypted, making it harder to identify the true source.
  • 8. WHAT IS TOR BROWSER? • The Tor Browser was first developed and utilized by the United States Navy as an onion-routing tool to protect digital government communications • The inventors were employees of the United States Naval Research Laboratory • Initially designed solely for U.S. government activities, the browser is now widely used by governments around the world as well as journalists, activists, and various others
  • 9. POSITIVES OF THE TOR BROWSER • Encrypts government communications for many smaller nations • Protects users from intrusive government surveillance o Used by many American citizens for simple tasks such as checking bank accounts in order to prevent network logging of information
  • 10. POSITIVES OF THE TOR BROWSER (1) • Provides increased freedom for journalists in oppressed nations • Allows individuals in nations with censorship issues to express their opinions without worry of prosecution • In extreme censorship cases, the Tor Browser simply allows people to access everyday sites such as Facebook, Twitter, and YouTube
  • 12. WORLDWIDE USE OF TOR (1)
  • 14. WHAT IS BRUTEFORCE • Brute forcing consists of systematically enumerating all possible candidates for the solution and checking whether each candidate satisfies the problem's statement. • In web application testing, the problem we are going to face with the most is very often connected with the need of having a valid user account to access the inner part of the application. • Therefore we are going to check different types of authentication schema and the effectiveness of different brute- force attacks.
  • 16. ONE USER MANY PASSWORDS Username Password Password Password
  • 17. ONE PASSWORD MANY USERS Password Username Username Username
  • 18. MANY USERS MANY PASSWORDS (COMBO) Password Password Password Username Username Username
  • 20. ABOUT THE PROJECT Did you ever want to be at two different places at the same time? When I asked myself this question, I actually started developing this solution in my mind. While performing Penetration Tests there are often problems caused by security devices that block the "attacking" IP.
  • 21. ABOUT THE PROJECT (1) This really annoyed me so I wrote a script to supply a solution for this problem. With a large number of IP addresses performing the attacks, better results are guaranteed. Especially when attempting attacks to bypass Web Application Firewalls, Brute-Force type attacks and many more.
  • 22. WHY DID I CHOOSE TOR? • Reliable o Anonymous proxies die fast and sometimes are not so anonymous. • Programmable • Tor has a Framework (Stem – Uses Control Port)
  • 23. HOW DOES PYMULTITOR WORK? • PyMultitor work with EventLoop (Gevent) and multiple Tor processing (Sub Processes). • Each Tor process is responsible for the connection between a single IP address (Proxy) and the target. Furthermore, each Tor process has two addresses – an internet address (Socks 4a Proxy) and a management address. • Each time the programs identifies that the IP is blocked, a new identity is requested from Tor meaning a new IP address is issued to this connection. The request that was blocked is re-sent and the testing process will continue.
  • 24. FUTURE GOALS • The main goal is to allow programmers to work with the PyMultitor framework with ease. • Creating a Class that will manage an organized configuration, a Class that will manage performing actions and allow testing for known attacks like Brute-Force, Local File Inclusion (LFI), Cross Site Scripting (XSS), Fuzzing and more. • Combining the Multi Processing ability with Gevent can significantly accelerate the work and allow using almost all the benefits of asynchronous programming.
  • 26. GLOBAL INTERPRETER LOCK (GIL) What is the Global Interpreter Lock, or GIL? A “mutex” that prevents multiple native threads from executing Python bytecodes at once. This lock is necessary mainly because CPython's memory management is not thread-safe. (However, since GIL exists, other features have grown to depend on the guarantees that it enforces.)
  • 27. GEVENT gevent is a coroutine -based Python networking library that uses greenlet to provide a high-level synchronous API on top of the libev event loop. Features include: • Fast event loop based on libev (epoll on Linux, kqueue on FreeBSD). • Lightweight execution units based on greenlet. • API that re-uses concepts from the Python standard library (for example there are gevent.event.Events and gevent.queue.Queues).
  • 28. STEM - NOT MY BUGS  https://trac.torproject.org/projects/tor/ticket/10072 Error Message In Windows: The Message => ImportError: No module named pwd On Function => launch_tor_with_config The Reason => Theres import of pwd lib on stem.util.system, pwd lib is not exist on windows. Solution => if statement on the import / Try Except.
  • 31. Can We Prevent It? DOES IT REFER ONLY TO TOR?
  • 32. WE WILL SEE HOW IT GOES FOR NETFLIX…
  • 33. Solutions for an application world. devcentral.f5.com T.Zait@f5.com