Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[TOOL] Skeeve - Software For Creating Cover Channel With ICMP Tunnel

from [SecuriTeam] Network Security [Permanent Link]
Subject: [TOOL] Skeeve - Software For Creating Cover Channel With ICMP Tunnel
Date: 25 Jan 2005 18:44:28 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Skeeve - Software For Creating Cover Channel With ICMP Tunnel
------------------------------------------------------------------------


SUMMARY



DETAILS

With this Proof Of Concept tool, you can create an ICMP tunnel between two 
computers, which may be located in different networks and separated by a 
Firewall. Skeeve utilizes ICMP packets and IP address spoofing technology 
to create a data channel in order to redirect TCP connections inside this 
channel.

How it works:
Skeeve creates an ICMP tunnel which is based on the use of a Bounce 
server.

This method relies upon the basic IP address spoofing technology. The 
Client of the tunnel is trying to send a packet to the Bounce server with 
an address of the destination Server as a source IP. The Bounce Server can 
replay this packet and forward it to the destination Server. By adding 
some payload to the packet, we can establish a covert communication 
channel between two computers without direct network interaction.

Skeeve Client accepts TCP connections and works as a converter of the IP 
header (by changing protocol flag from TCP to ICMP echo_request|reply and 
making some other slight modifications). Skeeve Server is doing the 
reverse procedure and restores original IP header settings. Both parts are 
implemented in one C program as a Loadable Kernel module.

Download Information:
The tool can be obtained from:  
<http://gray-world.net/projects/skeeve/skeeve-1.0.tar.gz> 
http://gray-world.net/projects/skeeve/skeeve-1.0.tar.gz


ADDITIONAL INFORMATION

To keep updated with the tool visit the project's homepage at:  
<http://gray-world.net/poc_skeeve.shtml> 
http://gray-world.net/poc_skeeve.shtml



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [TOOL] Skeeve - Software For Creating Cover Channel With ICMP Tunnel, SecuriTeam <=
Previous by Date:  [REVS] Data Tastes Better Seasoned: Introducing the ASH Family of Hashing Algorithms, SecuriTeam
Next by Date:  [TOOL] L7-Filter - Application Layer Packet Classifier for Linux, SecuriTeam
Previous by Thread:  [REVS] Data Tastes Better Seasoned: Introducing the ASH Family of Hashing Algorithms, SecuriTeam
Next by Thread:  [TOOL] L7-Filter - Application Layer Packet Classifier for Linux, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]