Evading an Authentication Proxy Using ICMPTX(使用ICMPTX实现能ping通AP就能上网)
2015-01-30 15:22
302 查看
ICMP: The Internet Control Message Protocol
As you know, ICMP is a protocol that is used detect the presence of a active host. We can determine if a host is active (pay attention, newbies) by simply typing:kali > ping <IPaddress>
There are multiple types of ICMP messages, but this one is echo request(Type 0) and echo
reply (Type 8). Although nearly all of us use ping one time or another, keep in mind that there are other types of ICMP that can come
in handy when scanning or hacking systems that may block or drop ICMP Type 0.
If a server accepts ICMP (many won't as a security precaution), you can use ICMP to bypass the need for authentication via the proxy (that webpage that asks you for credentials). Because it is very slow, I don't recommend this for daily use, but in a pinch,
this can be a very innovative way to get your email when you don't want to buy access to the service, or—you want to access the web without leaving a trace.
Step 1: Fire Up Kali & Download Icmptx
To begin, let's fire up KaliLinux and download icmptx. Since icmptx is in the Kali repository, all we need to do is:
kali > apt-get install icmptx
This will install icmptx to your Kali operating system.
Step 2: Getting Help
Next, let's take a look at the help file for icmptx. Simply type:kali > icmptx
This help screen will appear. As you can see, the syntax is very straightforward and simple. Unfortunately, the implementation is not.
When we downloaded icmptx, it installed a manual page, so let's take a look at it by typing:
kali > man icmptx
The manual page doesn't offer much more information than the help page.
Step 3: Server Side Proxy
The way icmptx works is that you need to set up a proxy/server between you, the client, and the intended target on the web. First, let's set up the proxy/server.To set up the up the proxy/server, the syntax is simple:
kali > icmptx -s 10.0.0.1
This points the server/proxy at the IP address 10.0.0.1. This is only an example; you will need to replace this IP with whatever the target IP address you are trying to connect to.
Step 4: Tunneling
Next, we need to set up a tunnel. A tunnel provides a packet transmission and reception place for user-based applications. Since icmptx is a user-based application, we need to set up a tunnel to send and receive packets, in this case, ICMP packets.We can check to see whether our kernel supports tunneling by typing:
kali > ifconfig tun0
This response indicates that our Debian operating system (that Kali is built on) supports tunneling. Let's set up a tunnel on the server now.
Step 5: IP Forwarding
Next, we need to set up this server to first, ignore ICMP requests and second, forward IP traffic. If we didn't tell the kernel to ignore ICMP requests, it would respond with a echo reply (Type 8), which is the normal response. We don't want that. We want theICMP traffic to enter the server and pass right through it.
We can tell the kernel to ignore ICMP traffic by typing:
kali > exho 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
Then we need to forward IP traffic, by typing:
kali > echo 1 > /proc/sys/net/ipv4/ip_forward
Step 6: Set Up the Client
Now, let's set up our client. This is the system we will be using to access the Internet from. We need to install icmptx on this system as well, but here we will be using the client and not the server setup.To do so, type:
kali > icmptx -c <IP address of the proxy/server>
Then we need to establish a tunnel on this system as well.
Next, we need to set up a route to the proxy.
Lastly, we need to set a route through the tunnel we created (tun0) to the server on the web we want to access.
Now, when you want to access that site on the web, you can do so without authenticating and be almost totally invisibly!
Although using icmptx is probably not a practical means of accessing the web on a daily basis, in a pinch or under severely clandestine circumstances, it will get you past web-based authentication and leave almost no trail. Few, if any, security administrators
will be looking for ICMP traffic to trace your activities and, since you did not have to authenticate, your trail is almost invisible. In addition, if you set up the server on a zombie system, the only trail will lead back to the server/zombie without a highly
skilled forensic investigation.
from: http://null-byte.wonderhowto.com/how-to/hack-wi-fi-evading-authentication-proxy-using-icmptx-0150347/
相关文章推荐
- luyikk 的C# PING 工具 与 传统的不一样的是 他可以修改你的 IP地址实现伪造ICMP数据包 ,当然 XP下无法使用 2003下才可以使用
- C#使用命令行方式实现Ping简单功能
- 如何使用"MySQL-Proxy"实现读写分离
- COM笔记 (1)SAMPLE: MFCAxs.exe Implements an Active Script Host Using MFC 用MFC实现script引擎host
- ITCAST视频-Spring学习笔记(使用JDK中的Proxy技术实现AOP功能)
- 成功的实现了共享上网,使用的是交换机,软件HomteShare
- [转]使用java简单模拟ping和telnet的实现
- 使用proxifier实现二级http代理上网
- 使用java简单模拟ping和telnet的实现
- 15_传智播客Spring2.5视频教程_使用JDK中的Proxy技术实现AOP功能 2
- 使用BeanNameAutoProxyCreator实现spring的自动代理
- 使用java简单模拟ping和telnet的实现
- 使用java简单模拟ping和telnet的实现
- 使用java简单模拟ping和telnet的实现
- 网络管理 之 使用 FireStarter 实现共享 Internet 上网
- C#使用命令行方式实现Ping简单功能 http://www.cnblogs.com/kevinton/archive/2007/06/28/798581.html
- ubuntu 8.04下使用命令行方式实现无线上网
- Using Theme in an Application--在应用中使用主题(Symbian)
- [翻译]使用LINQ实现动态搜索(Implementing Dynamic Searching Using LINQ)
- 15_传智播客Spring2.5视频教程_使用JDK中的Proxy技术实现AOP功能 3