Data Exfiltration without ever making a connection. Using TCP header space.

Related tags

Networkingtcpwned
Overview

TCPwned

PoC toy code to exfiltrate data without ever making a TCP connection. This will never show up in firewall logs, much less, actually be monitored as there is never even a valid TCP session. This is pretty obscure, and requires raw sockets on the victim, but if it is sensitive enough, this could be useful. Network middleboxes will break this if they are full proxies, meaning there is a connection from client to proxy, and a separate connection from proxy to server.

Example Video

Method

We are using the two-byte window field in the TCP header, and crafting packets that place chunks of data into that field and send SYN packets out. The remote side needs not run an actual service, and the server will actually send RST back to the client, but none of that matters. We are merely shipping data one-way to be reassembled. Considering there is no full handshake, this would be considered connectionless, and has no guarantee of delivery or validity. Similar to UDP transport.

Usage

Victim

Run the victim.py script to pull a secret and send it.

Attacker

Run the attacker.py script on a remote system. It will listen for 60 seconds and receive anything it hears on port 4444. After receiving the data, it will reassemble and print to screen.

Owner
Internet plumber, security engineer, distinguished engineer at Presidio. Husband, father, person. Brought to you by Carl's Jr.
GitHub Repository
A python tool auto change proxy or ip after dealy time set by user

Auto proxy Ghost This tool auto change proxy or ip after dealy time set by user how to run 1. Install required file ./requirements.sh 2.Enter command

Harsh Tagra 0 Feb 23, 2022
It can be used both locally and remotely (indicating IP and port)

It can be used both locally and remotely (indicating IP and port). It automatically finds the offset to the Instruction Pointer stored in the stack.

DiegoAltF4 13 Dec 29, 2022
A Simple Web Server made by Python3.

A Simple Web Server made by Python3.

GGN_2015 2 Nov 27, 2021
批量检查目标是否为cdn

🐸 Frog For Automatic Scan 🐶 Doge For Defense Evasion&Offensive Security Frog-checkCDN 批量检查目标是否为cdn Usage: python3 checkCDN.py list.txt list内可以为ip或者d

TimWhite 119 Dec 27, 2022
Blockchain-Enabled IoT Sensor Framework that uses Augmented Reality and Artificial Intelligence.

Arduino + Raspberry Pi + Unity3D + Cloud + Hyperledger Our Mission: Keep it simple, leave no one behind. Blockchain-Enabled Smart Sensor Framework usi

DappAR 23 Dec 05, 2021
Utility for converting IP Fabric webhooks into a Teams format.

IP Fabric Webhook Integration for Microsoft Teams and/or Slack Setup IP Fabric Setup Go to Settings Webhooks Add webhook Provide a name URL will b

Community Fabric 1 Jan 26, 2022
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more

FullHunt 3.2k Jan 02, 2023
Start a simple TCP Listener on a specified IP Address and Port Number and receive incoming connections.

About Start a simple TCP Listener on a specified IP Address and Port Number and receive incoming connections. Download Clone using git in terminal(git

AgentGeneric 5 Feb 24, 2022
A tiny end-to-end latency testing tool implemented by UDP protocol in Python 📈 .

udp-latency A tiny end-to-end latency testing tool implemented by UDP protocol in Python 📈 . Features Compare with other existing latency testing too

Chuanyu Xue 5 Dec 02, 2022
Dos attack a Bluetooth connection!

Bluetooth Denial of service Script made for attacking Bluetooth Devices By Samrat Katwal. Warning This project was created only for fun purposes and p

Samrat 1 Oct 29, 2021
BlueHawk is an HTTP/1.1 compliant web server developed in python

This project is done as a part of Computer Networks course. It aims at the implementation of the HTTP/1.1 Protocol based on RFC 2616 and includes the basic HTTP methods of GET, POST, PUT, DELETE and

2 Nov 11, 2022
A transport agnostic sync/async RPC library that focuses on exposing services with a well-defined API using popular protocols.

WARNING: This is from spyne's development branch. This version is not released yet! Latest stable release can be found in the 2_13 branch. If you like

1.1k Dec 23, 2022
A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook

k8s-tcpdump-webhook A simple tcpdump sidecar injector to demonstrate Kubernetes's Mutating Webhook Build and Deploy Build docker image; docker build -

Bilal Ünal 2 Sep 01, 2022
User-friendly packet captures

capture-packets: User-friendly packet captures Please read before using All network traffic occurring on your machine is captured (unless you specify

Seth Michael Larson 2 Feb 05, 2022
Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries

TriOp Tool for quickly gathering information from Shodan.io about the number of IPs which satisfy large number of different queries For furt

Jan Kopriva 27 Nov 03, 2022
A simple chat room using socket and threading for handle multiple connections.

• Socket Chat Room was a little project for socket study. It works with a server handling the incoming connections from the clients. Clients send encoded messages while waiting for others clients mes

Guilherme de Oliveira 2 Mar 03, 2022
Minimal, self-hosted, 0-config alternative to ngrok. Caddy+OpenSSH+50 lines of Python.

If you have a webserver running on one computer (say your development laptop), and you want to expose it securely (ie HTTPS) via a public URL, SirTunnel allows you to easily do that.

Anders Pitman 423 Jan 02, 2023
Domain To Api [ PYTHON ]

Domain To IP Usage You Open Terminal For Run The Program python ip.py Input & Output Input Your List e.g domain.txt Output ( For Save Output File )

It's Me Jafar 0 Dec 12, 2021
API to establish connection between server and client

Socket-programming API to establish connection between server and client, socket.socket() creates a socket object that supports the context manager ty

Muziwandile Nkomo 1 Oct 30, 2021
📨 Share files easily over your local network from the terminal! 📨

Fileshare 📨 Share files easily over your local network from the terminal! 📨 Installation #

Dopevog 11 Sep 10, 2021