[TOOL] TunnelShell, Tunneling Shell Access via TCP/UDP/Fraged/ICMP/RawIP Packets
From: support@securiteam.comDate: 02/27/02
- Previous message: support@securiteam.com: "[NT] Buffer Overflow in Microsoft Internet Explorer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Wed, 27 Feb 2002 06:47:34 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
TunnelShell, Tunneling Shell Access via TCP/UDP/Fraged/ICMP/RawIP Packets
------------------------------------------------------------------------
DETAILS
TunnelShell is a program written in C for Linux users that works with as
client-server application. The server opens a /bin/sh that clients can
access though a virtual tunnel. The following types of tunnels are
supported:
Frag: Using IPv4 fragmented packets to encapsulate data. When some routers
and firewalls (like Cisco routers and default Linux installation) receive
fragmented packets without headers for the fourth layer, they permit them
to pass along, even if they have a rule to deny it (You could select layer
four protocols with flag -o).
TCP: Establishing a virtual TCP connection without the use of the three
handshakes (useful when you have a router with ACL or a Linux server with
ipchains). It does not bind to any port, so you can use a port already
used by any another process.
UDP: Standard UDP packet. It does not bind any port, so you can use a port
already used by any another process.
ICMP: Standard ICMP packet (echo-reply/echo-request)
IP: Raw IPv4 packets, you can specify a layer four protocol with flag -o.
Useful if IPSec has been enabled between servers.
Because packets are not sequenced, you might want to use the -d flag to
make sure that they will be received in the right order. Lost packets are
not recovered at current version.
ADDITIONAL INFORMATION
The tool can be downloaded from:
<http://www.geocities.com/fryxar/> http://www.geocities.com/fryxar/.
The information has been provided by <mailto:fryxar@yahoo.com.ar> fryxar
fryxar.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NT] Buffer Overflow in Microsoft Internet Explorer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
