Follow us on Twitter!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Wednesday, April 16, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 20
Guests Online: 19
Members Online: 1

Registered Members: 82807
Newest Member: Black Hawk
Latest Articles
View Thread

HellBound Hackers | Computer General | Increasing Security

Author

Untraceable Web Blocker Bypass

zombiesloth
Member

Your avatar

Posts: 14
Location:
Joined: 26.09.10
Rank:
Guest
Posted on 02-01-11 12:46
Okay to state I an a script kiddie who wants to grow up to be a white hat. (In a childlike voice) Anyways my father has a server that tracks every little url. If I try to get any pen testing programs or "hacker stuff" I get I in trouble blah blah blah cut to the chase ginger or die ... I was wondering is there a possibility that i can encrypt the url so that only one time it can be used. So for instance he can't highlight the text copy it to a url and figure out I am looking for more wifi cracking software. I was able to get a Linux Backtrack 4 r2 iso and I can run it from my laptop. I created a partition for it of a little over 40 gigs for the backtrack, I don't have access to the server or the internet when using backtrack (Hopefully backtrack is of use). Anyways I could use some help here thanks.
Author

RE: Untraceable Web Blocker Bypass


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 02-01-11 18:46
Be fair to your father and have a good convo with him. If he blocks you from learning stuff he isn't doing a great job.


Author

RE: Untraceable Web Blocker Bypass

zombiesloth
Member

Your avatar

Posts: 14
Location:
Joined: 26.09.10
Rank:
Guest
Posted on 02-01-11 20:40
Thing is he doesn't exactly trust me I accessed a wireless network, and apparently it was something called a honey-pot. So the hacker who was running that put what we believe is a root kit on either my laptop, pc or my brother's pc. After formatting my father beefed up the security.
Author

RE: Untraceable Web Blocker Bypass

j4m32
Member

Your avatar

Posts: 81
Location:
Joined: 01.05.10
Rank:
Newbie
Posted on 03-01-11 01:19
There are a number of approaches you coild use to 'bypass' it.

One way is to write / use a web server proxy script and add some custom encoding and encryption - probably still obvious that you're doing 'something'... perhaps a chance if you happen to have some webspace with HTTPS to add another layer of encryption but by no mesns makes it 'impossible' to decrypt...

Another is to use an SSH, or similar, tunnel and route everything through a shell account that allows tunneling - such as cjb.net. same deal here another form of transport layer encryption but using PuTTY, can't rwmember for Linux forgive me, one can even forward connections on the local loopback on spcific ports through the SSH connection.

On one hand I think the reaction to beef up security is justified, the method chosen isn't all that amazing though...I would expect rootkits don't necessaerily use obvious protocols - they are convenient though and cannot be ruled out...

Good luck, hope this has helped!

Jim,

Edited by j4m32 on 03-01-11 01:21
Author

RE: Untraceable Web Blocker Bypass

zombiesloth
Member

Your avatar

Posts: 14
Location:
Joined: 26.09.10
Rank:
Guest
Posted on 03-01-11 02:04
Thank you Jim, I can't use proxies though as stated earlier he highlights it copy pastes it to the url and realizes I was on Metasploit. Putty Ill take a look at.
Author

RE: Untraceable Web Blocker Bypass

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 03-01-11 05:03
zombiesloth wrote:
Thank you Jim, I can't use proxies though as stated earlier he highlights it copy pastes it to the url and realizes I was on Metasploit. Putty Ill take a look at.


If general web proxies are a problem because of unobfuscated URLs, you can design/use a proxy that sends the requested page through POST, rather than GET requests. However, it would also require encryption if his "Web Blocker" did any deep inspection of the request.

Also, there is a difference between web proxies and HTTP proxies. I'm pretty sure HTTPS proxies will not have the problem that you mentioned above, because the entire protocol is sent tunneled through the proxy, rather than web proxies where the content is merely bounced around and you still have to make a URL request in the clear to the proxy. I'm not certain on this, however. :/

Personally, I'd go with Jim's suggestion.
SSH tunneling is always the best option if it's available to you, but there are other paths to take if you can't do SSH tunneling.

Be sure to let us know how it turns out.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 03-01-11 05:04
http://www.stealth-x.com
Author

RE: Untraceable Web Blocker Bypass

zombiesloth
Member

Your avatar

Posts: 14
Location:
Joined: 26.09.10
Rank:
Guest
Posted on 07-01-11 10:11
Alright so I tried to figure out what ssh tunneling is. I realized either I couldn't pay attention to it or it was just to complex for me to fathom my way of getting around the blocker. I'm probably just going to crack the neighbor's wifi password and go from there. I just need to do it at o'dark 30 so its less likely nobody notices I'm on their wifi.


nihnjha tiem:ninja:
Author

RE: Untraceable Web Blocker Bypass

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 08-01-11 08:34
zombiesloth wrote:
Alright so I tried to figure out what ssh tunneling is. I realized either I couldn't pay attention to it or it was just to complex for me to fathom my way of getting around the blocker. I'm probably just going to crack the neighbor's wifi password and go from there. I just need to do it at o'dark 30 so its less likely nobody notices I'm on their wifi.


nihnjha tiem:ninja:


Dude. It's way less freakin' complicated to just use tunneling.

SSH Tunneling is simply "passing" a connection (like a web page request) through an SSH connection, and then having the connection go from the SSH server to the destination. That way, the SSH encrypts the otherwise-would-be-un-encrypted request.

Eg:
(Normal)
Your computer ---- Router ---- Web Server

(Tunneling)
Your computer |||| Router |||| SSH Server ---- Web Server

"----" represents a possibly unencrypted request (like HTTP)
"||||" represents encrypted data

So, while Tunneling, all the data is encrypted that the router can see, and therefore cannot sniff your traffic.

Common, this is easier than cracking wifi and having to wait 'till late at night. Besides, how are you going to get the information/tools to crack wifi without your monitor knowing?


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Untraceable Web Blocker Bypass

j4m32
Member

Your avatar

Posts: 81
Location:
Joined: 01.05.10
Rank:
Newbie
Posted on 08-01-11 13:06
As stealth has explained, pretty clearly, it is a much easier solution Smile

Well it's not so much that it "can't sniff the traffic", it can but... it will be completely meaningless to the "HTTP filter" (or w/e) without capturing the public and private keys and decrypting it Grin

Also, if I am not mistaken, if you're going to crack a WiFi connection you want some machines to be "connected" to the router/node of interest to capture some data to crack the key easier and avoid MAC filtering issues because you just spoof your network adapter MAC to align with another machine on the target network ...

Enjoy.

Jim,
Author

RE: Untraceable Web Blocker Bypass

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 08-01-11 19:33
j4m32 wrote:
Also, if I am not mistaken, if you're going to crack a WiFi connection you want some machines to be "connected" to the router/node of interest to capture some data to crack the key easier and avoid MAC filtering issues because you just spoof your network adapter MAC to align with another machine on the target network ...


Having a client connected to the target network is only necessary for WPA cracking, and not because it generates traffic. If needed, the attacker can inject packets to stimulate network traffic significantly faster than any legitimate client would be doing.

Well it's not so much that it "can't sniff the traffic", it can but... it will be completely meaningless to the "HTTP filter" (or w/e) without capturing the public and private keys and decrypting it Grin


Right, that is correct. You know what I meant though Wink


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Untraceable Web Blocker Bypass

zombiesloth
Member

Your avatar

Posts: 14
Location:
Joined: 26.09.10
Rank:
Guest
Posted on 09-01-11 18:49
Okay layout of my dad's network


Everybodies computer including magic jack, xmbc, and media pc-----Server-----Firewall||||| (somehow the encryption is so good nobody can man in the middle us) Router|||||Metasploit framework.
Author

RE: Untraceable Web Blocker Bypass

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 09-01-11 21:48
zombiesloth wrote:
Okay layout of my dad's network


Everybodies computer including magic jack, xmbc, and media pc-----Server-----Firewall||||| (somehow the encryption is so good nobody can man in the middle us) Router|||||Metasploit framework.


No, it's exactly like Jim corrected me on. You can still be man-in-the-middle'd, but while the data is encrypted the attacker can't make any use of it and therefore can't accomplish anything (like reading what you're doing).

The network layout is irrelevant, tunneling will still work. In this case it would just look like:

Computer||||Server||||Firewall<<<<Router<<<<Metasploit framework(?)||||SSH server----Web Server

Where <<<< is data that has been encrypted twice (once by the tunneling, once by your dad's network).

Either way, it's entirely regardless of how the network is set up, because the encrypted connection from your PC to the SSH server on the internet cannot be broken into, and therefore nobody on your LAN can see that your downloading mettasploit manuals, for instance.

Does it make sense?


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com
Author

RE: Untraceable Web Blocker Bypass

fashizzlepop
Member



Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank:
Moderate
Posted on 11-01-11 07:38
Download TOR from another web connection and use it.


"The definition of insanity is doing the same thing over and over again and expecting different results.
~Albert Einstein~


csullivan.codeinspire.net/images/boomsig2.png
fashizzlepop@gmail.com http://csullivan.codeinspire.net/
Author

RE: Untraceable Web Blocker Bypass

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 12-01-11 02:06
fashizzlepop wrote:
Download TOR from another web connection and use it.


If he has SSH tunneling available, TOR would be a complete waste of time and effort.


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .
http://www.stealth-x.com