Jump to content

tcp file transfer


sc0rpi0
 Share

Recommended Posts

Does anybody know if most firewalls block tcp by default?

I was wondering if it might be a possibility for transferring switchblade logs.

Thanks.

Hardware firewalls block all incoming connections by default.. You specify what incoming ports you want open to what computers are running servers(port forwarding)

Software firewalls are what you have to worry about... They block outgoing connections as well!

Sending email is a no no as most anti-virus / software firewalls detect it and show the contents of the email being sent and to allow it or not.

FTP? nah you don't want to embed your login and password into a program...

So what is a good way thats undetectable and will work even if both software and hardware firewalls are in place?

HTTP POST.

Even if you have a software and hardware firewall, chances are you aren't going to block port 80 outgoing. Its needed for basic web functionality. You wouldn't be able to browse the web if it was blocked.

All thats required is a free web host which offers php + mysql. You have a program read the log file and post the data to a server sided php script. The script then inserts the data into the database ;)

You probably haven't seen it since its on the low on the second page now.

http://hak5.org/forums/index.php?showtopic=9644

Its almost guaranteed that port 80 is open, and its the most undetectable method. Therefore I think it's the best way

Link to comment
Share on other sites

You probably haven't seen it since its on the low on the second page now.

http://hak5.org/forums/index.php?showtopic=9644

Its almost guaranteed that port 80 is open, and its the most undetectable method. Therefore I think it's the best way

Have you think about adding this to the wiki and may be a brief "How to"? I found this thread a few days ago and found it really useful (voted PHP+HTTP+SQL). I know it's the same it does some backdoors too, but the benefits in this stuff are really great.

What would happen if the connection is not active or if it's interrupted when a log (or slurped files) are being uploading?

Note: I don't know if I have posted in the correct place... Maybe I would have done it in the other thread... :mellow:

Link to comment
Share on other sites

Hardware firewalls block all incoming connections by default.. You specify what incoming ports you want open to what computers are running servers(port forwarding)

Software firewalls are what you have to worry about... They block outgoing connections as well!

Sending email is a no no as most anti-virus / software firewalls detect it and show the contents of the email being sent and to allow it or not.

FTP? nah you don't want to embed your login and password into a program...

So what is a good way thats undetectable and will work even if both software and hardware firewalls are in place?

HTTP POST.

Even if you have a software and hardware firewall, chances are you aren't going to block port 80 outgoing. Its needed for basic web functionality. You wouldn't be able to browse the web if it was blocked.

All thats required is a free web host which offers php + mysql. You have a program read the log file and post the data to a server sided php script. The script then inserts the data into the database ;)

You probably haven't seen it since its on the low on the second page now.

http://hak5.org/forums/index.php?showtopic=9644

Its almost guaranteed that port 80 is open, and its the most undetectable method. Therefore I think it's the best way

this sounds pretty cool. the only problem is that it's over my head (i don't know a thing about php nor sql).

I was also looking at the form making tool provided in google docs. when a form is filled out, the contents are uploaded to the owner's account. Is there a way to automate inputting text into an online form?

Thanks for your help.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...