Follow us on Twitter!
I'd prefer to die standing, than to live on my knees - Che Guevara
Thursday, April 24, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 17
Guests Online: 16
Members Online: 1

Registered Members: 82889
Newest Member: Geriztul
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

How to bypass firewall

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 23-04-08 03:33
Well, yesterday I was trying to attack a site, which i prefer not to mention for now.

When I noticed that my connections were immediately dropped out, it made me curious since I know the server is online since I pinged it.

So I made a quick trace, and found that it was connected to another server, so at first I made a whois command on the computer, and since it couldn't figure out the computer, I used zenmap and scanned the address.

According to the scan results, the computer acts as a firewall, and it runs m0n0wall based on the FreeBSD kernel, with port 53 (DNS) open.

I tried to arp-spoof the network, but the firewall kept dropping my connections (I was doing this with proxies, on my laptop in a wifi network)
so I'm stumped for now.

Does anyone around here have any suggestions on what I can do to bypass the firewall?


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht
catinthecpu@hotmail.com
Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 03:38
war dialer.


Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 03:47
give up...


Author

RE: How to bypass firewall

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 23-04-08 03:51
as if i'll give up. I was just getting started, and if you don't have any answers, just shut up, will you, COD3?


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht
catinthecpu@hotmail.com
Author

RE: How to bypass firewall

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 23-04-08 03:51
sorry, double posted. damn bandwidth


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht

Edited by fuser on 23-04-08 03:54
catinthecpu@hotmail.com
Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 03:54
wow..umm.way to go there double posting twat...penguins..i mean cmon man, grow a pair


Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 04:00
well i am just learning about the network stuff but wouldn't using a war dialer on a pool of phone lines connected to network possably find a hole in the modem and gain you access to the network.

like i said i'm just learnig this stuff and i'm trying to help


Author

RE: How to bypass firewall

Futility
Member



Posts: 725
Location: USA
Joined: 17.12.07
Rank:
God
Posted on 23-04-08 04:04
COD3 wrote:
wow..umm.way to go there double posting twat...penguins..i mean cmon man, grow a pair

Wow... creative insult. At least, it would be if it hadn't been posted by someone else in another thread about an hour ago. (A thread that you happened to post in as well) Now that I mention you stealing other people's things, what's with the userbar? I could have sworn I saw moshbat with the same exact thing weeks ago.

When was the last time you actually said something useful, anyway? You just seem to float around here bragging about how awesome you are, with no proof whatsoever, and putting everyone else down. So you wanna do us all a favor and fuck off. Come back when you've matured a little and learned that if you want to earn respect that you have to be worthy of it. But hey, who am I to judge you. You obviously know waaaaay more than me. Have fun becoming that accomplished hacker that you're obviously meant to be.


i252.photobucket.com/albums/hh11/zanimabean/Zim.png
Futility91@hotmail.com Futility91
Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 04:14
COD3 wrote:
give up...


honestly what exactly was your intention for posting that?

to pick a fight?


Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 04:16
back on topic


did some searching for you and found this

HTTPort.
and
HTTPtunnel
are both tools that should help to bypass a firewall


Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 04:27
Bypass firewall for what? First try the CLI not zenmap, although it is a nice gui you need to learn how to get your hands dirty.

Second ARP spoofing does not work like that! Read up.
http://en.wikipedia.org/wiki/Arp_spoofing

Second, YOU probably have no chance in hell bypassing the firewall, so your best bet would be to find a dns exploit...which you will not find either, at least not a current one.

Start looking at another way in.....

What you might want to do is enumerate the target in ALOT more detail.
Google enumeration! Here is a head start:
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html

Later!:ninja:

Author

RE: How to bypass firewall

richohealey
Member



Posts: 1022
Location: #!/usr/local/bin/python
Joined: 01.05.06
Rank:
Monster
Posted on 23-04-08 04:48
Octal wrote:
Bypass firewall for what? First try the CLI not zenmap, although it is a nice gui you need to learn how to get your hands dirty.

Second ARP spoofing does not work like that! Read up.
http://en.wikipedia.org/wiki/Arp_spoofing

Second, YOU probably have no chance in hell bypassing the firewall, so your best bet would be to find a dns exploit...which you will not find either, at least not a current one.

Start looking at another way in.....

What you might want to do is enumerate the target in ALOT more detail.
Google enumeration! Here is a head start:
http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html

Later!:ninja:




There are plenty of dns exploits, you just have to think laterally.

You use teh dns exploit to attack other services, a nameserver's first resolver is itself..


bitchohealey at hotmail dot com skype:richohealey www.psych0tik.net
Author

RE: How to bypass firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 06:41
Your right! If you take control of the nameserver you can poison the cache. Was this your thought?
About a year ago Bind9 was vulnerable to this type of attack but most servers should have been patched by now...?
Author

RE: Bypassing a firewall


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-08 07:07
Is there a hosting company involved ? If so they may have other sites and
servers that are less protected . You may be able to get in to a server
on the subnet and hack into the other target server from the side .

Theres many ways to do that :

If php is in play a c99 shell can help perform this task . Im not sure
how this works exactly . But i was informed , that while in a server or
having control of a control panel that is tied to a server on the same
subnet as the initial target victim server . The shell can assist in
gaining entry . My knowledge of this is limited .

Playing wih the Adress Resolution Protocol
Overloading the CAM with MAC addresses
Attacks on the routing protocol


Theres alot of ways around it if theres a host involved . But if the target
firewall is privately owned and managed , your situation may be more
difficult having to face it head on . If you havent read it already go here :

http://www.hellboundhackers.org/articles/739-steps-to-serious-penetration.html

That article helped me get a grip on alot of this . I hope it helps .
I know its long as hell . But its worth it . I had to read it and google
many times before i got the slightest idea what M3DU54 was saying .
Im still learning on most of the topics he talks about , like BGP .
Methods of attacks that i havent been pushed to attempt .

tóg go bog é , Neqtan


Author

RE: How to bypass firewall

fuser
Member



Posts: 960
Location: in front of a computer (duh)
Joined: 05.04.07
Rank:
Mad User
Posted on 23-04-08 11:41
wow, thanks for the advice everyone.

Octal,thanks for the advice, but firstly, I customized my own scanning profile in zenmap, since the options given by default are quite limited.

I wanted to bypass the firewall so that i could enter the server I was trying to attack, and since the firewall was protecting it, it's obvious that I had to pass the firewall.

And the servers are hosted on their own sites, which means no hosting company is involved.

And yeah, I should've known that arp spoofing can't help me, silly me. But
it was the only thing I can think of at that time.

Thanks for pointing out the article, neqtan. I'll have to do some serious reading on it and about dns exploits now if I want to conquer the system.

and fallingmidget, I wasn't referring to you when I said if you have nothing useful to say, just shut up.

that, as usual, is targeted to our favorite insult target, COD3


img.userbarz.com/51/10006.png
img.userbarz.com/146/29144.gif
img.userbarz.com/99/19602.jpg
img.userbarz.com/4/600.png
img.userbarz.com/45/8814.gif
img360.imageshack.us/img360/9231/bfbarlr0.jpg
[url=http://userbarz.com/][img]ht

Edited by fuser on 23-04-08 11:50
catinthecpu@hotmail.com