Data Exfiltration without ever making a connection. Using TCP header space.

Related tags

Networkingtcpwned
Overview

TCPwned

PoC toy code to exfiltrate data without ever making a TCP connection. This will never show up in firewall logs, much less, actually be monitored as there is never even a valid TCP session. This is pretty obscure, and requires raw sockets on the victim, but if it is sensitive enough, this could be useful. Network middleboxes will break this if they are full proxies, meaning there is a connection from client to proxy, and a separate connection from proxy to server.

Example Video

Method

We are using the two-byte window field in the TCP header, and crafting packets that place chunks of data into that field and send SYN packets out. The remote side needs not run an actual service, and the server will actually send RST back to the client, but none of that matters. We are merely shipping data one-way to be reassembled. Considering there is no full handshake, this would be considered connectionless, and has no guarantee of delivery or validity. Similar to UDP transport.

Usage

Victim

Run the victim.py script to pull a secret and send it.

Attacker

Run the attacker.py script on a remote system. It will listen for 60 seconds and receive anything it hears on port 4444. After receiving the data, it will reassemble and print to screen.

Owner
Internet plumber, security engineer, distinguished engineer at Presidio. Husband, father, person. Brought to you by Carl's Jr.
GitHub Repository
A Python Tor template on Gitpod

A Python Tor template on Gitpod This is template configured for ephemeral development environments on Gitpod. prebuild Get Started With Your Own Proje

Ivan Yastrebov 1 Dec 17, 2021
Burp Extension that copies a request and builds a FFUF skeleton

ffuf is gaining a lot of traction within the infosec community as a fast portable web fuzzer. It has been compared and aligned (kinda) to Burp's Intruder functionality. Thus, Copy As FFUF is trying t

Desmond Miles 81 Dec 22, 2022
Build custom OSINT tools and APIs (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whois, Metadata & built-in database for more info) with this python package

Build custom OSINT tools and APIs with this python package - It includes different OSINT modules (Ping, Traceroute, Scans, Archives, DNS, Scrape, Whoi

QeeqBox 52 Jan 06, 2023
Simple threaded Python Rickroll server. Listens on port 23 by default.

Terminal Rickroll Simple threaded Python Rickroll server. Listens on port 23 by default. Rickroll video made using Video-To-Ascii and the standard ric

AG 10 Sep 13, 2022
NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX is a Python package for the creation, manipulation, and study of the structure, dynamics, and functions of complex networks.

NetworkX 12k Jan 02, 2023
Truetool - A TrueCharts automatic and bulk update utility

truetool A easy tool for frequently used TrueNAS SCALE CLI utilities. Previously

TrueCharts 125 Jan 04, 2023
TsuserverMoS - A Python-based server for Attorney Online,

tsuserverMoS A Python-based server for Attorney Online, forked from RealKaiser/tsuserverCC Requires Python 3.7+ and PyYAML. Changes/additions from tsu

1 Dec 30, 2021
the objective of this project is to create a Node Js server with a Python client

Socket.io-Server-client Objective The objective of this project is to send data real time ,we use socket.io(server, client) on this project Server Nod

Reda Ennakouri 5 Mar 07, 2022
Network Dynaimcs Simulation

A Final Year Project in CUHK, Autumn 2021 Network Dynaimcs Simulation Files param.h edit all the variables & settings here simulate.c the main program

Likchun 0 Mar 28, 2022
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

FullHunt 3.2k Jan 02, 2023
ASC - Api Server Controller

ASC - Api Server Controller

Uriel Alves 1 Jan 03, 2022
A web-based app that allows easy, simple - and if desired high-throughput - analysis of qPCR data

qpcr-Analyser A web-based GUI for the qpcr package that allows easy, simple and high-throughput analysis of qPCR data. As is described in more detail

1 Sep 13, 2022
The can package provides controller area network support for Python developers

python-can The Controller Area Network is a bus standard designed to allow microcontrollers and devices to communicate with each other. It has priorit

Brian Thorne 904 Dec 29, 2022
This Tool Help To Information gathering for domain name or ip address...

Owl-Eye This Tool Help To Information gathering for domain name or ip address... follow this command $apt update && upgrade $apt install python apt in

Black Owl 6 Nov 12, 2022
Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite

PortScanner Simple Port Scanner script written in Python, plans is to expand upon this script to turn it into a GUI based pen testing suite. #IMPORTAN

1 Oct 23, 2021
API Server for VoIP analysis (CDR + Audio CODECs)

Swagger generated server Overview This server was generated by the swagger-codegen project. By using the OpenAPI-Spec from a remote server, you can ea

Noor Muhammad Malik 1 Jan 11, 2022
This is a simple python script to collect sub-domains from hackertarget API

Domain-Scraper 🌐 This is a simple python script to collect sub-domains from hackertarget API Note : This is tool is limited to 20 Queries / day with

CHINO TECH TOOLS 4 Sep 09, 2021
This script aims to make the dynamic public ip of your local server, public.

EZ DDNS CLOUDFLARE This script aims to make the dynamic ip of your local server, public. It does this by regularly updating cloudflare's dns record. B

3 Feb 13, 2022
A simple python script that parses the MSFT Teams log file for the users current Teams status and then outputs the status color to a MQTT connected light.

Description A simple python script that parses the MSFT Teams log file for the users current Teams status and then outputs the status color to a MQTT

Lorentz Factr 8 Dec 16, 2022
A Python package for handling free proxies from sslproxies.org

SSLProxies Get free working proxy from https://www.sslproxies.org/ and use it in your script This is a port/rewrite of free-proxy with additional feat

Nate Harris 2 Mar 17, 2022