mshenoy Posted May 15, 2009 Share Posted May 15, 2009 hey there hak5'ers, Well I have a setup at school where we first connect to a WIFI access point and then sign in to the VPN to get access to the INTERNET. So the other day I saw the episode 5X04 where mubix has a strategy to ssh through DNS. But now when I connect to the access point I tried pinging outside the network but it wont work not Google nothing. So its apparent that they have disabled "icmp out" at the access point or something like that. I am doing this just to get a hang of this and I just want to know what would be another way to accomplish the same ? Like ping to my server outside without getting on the VPN and only through the access point. I can ping the access point Gateway at least but not at all to the outside.... Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 15, 2009 Share Posted May 15, 2009 Does Google resolve though? The point of DNS tunnelling is that every thing is done with DNS. Ping is not required or optional for DNS tunnelling to work. Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 15, 2009 Author Share Posted May 15, 2009 No it does not... Not until I am inside the VPN... if I am on the access point and I nslookup it gives a "DNS timed out timeout was 2 seconds ***Can't find server name for address 134.88.1.4(which is the gateway probably): timed out" That is precisely the message I get So hence I am confused.... What do you think can be done ? Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 15, 2009 Share Posted May 15, 2009 You could check what DNS servers your computer is given by the DHCP server, and if it's any thing other than the default gateway try setting the default gateway as your DNS resolver. If the DHCP server has a diffrent IP try setting that as the DNS server. If this does not work you cannot use DNS tunnelling. DNS needs to work for DNS tunnelling to work. Be also aware: DNS tunnelling at school and getting caught will probably land you in a pile of shit up to you eyes. Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 15, 2009 Author Share Posted May 15, 2009 hahahah thanks for the warning... I know what you mean ... but I just have to try it .... I am too freaking curious to know what their setup is and how the hell they are blocking it.... thats just me and as what you said I did try that.... tell me tell you how the setup is ... When I connect to the access point the IP I am assigned is 192.168.218.* the gateway is 192.168.216.1 the DHCP server is a different ip 134.88.3.* and the Dns server is 134.88.1.* So as you said I changed the dns server to the gateway and then to the dhcp address respectively but it still wont freaking resolve anything.... Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted May 16, 2009 Share Posted May 16, 2009 hahahah thanks for the warning... I know what you mean ... but I just have to try it .... I am too freaking curious to know what their setup is and how the hell they are blocking it.... thats just me and as what you said I did try that.... tell me tell you how the setup is ... When I connect to the access point the IP I am assigned is 192.168.218.* the gateway is 192.168.216.1 the DHCP server is a different ip 134.88.3.* and the Dns server is 134.88.1.* So as you said I changed the dns server to the gateway and then to the dhcp address respectively but it still wont freaking resolve anything.... What's your mask? if it's /24, your gateway is in a different subnet. I assume their network is setup like this... 192.168.218.x is the WLAN. Those people need to VPN into another subnet, such as 192.168.216.x The 216 subnet has an ACL that allows it out to the internet. The 218 subnet has an ACL that does not. No amount of tunneling will work as long as your IP address is in the 218 range and you are on that WLAN interface. Tunneling is for when ports are filtered. From what you are saying, I don't think that's your problem. Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 17, 2009 Author Share Posted May 17, 2009 So since the WLAN is not allowing me to go outside as per the ACL's there is no way out to the outside world ? Yea as you said I think everything is blocked so I don't see a way out. But I was wondering DNS should have a way out. On that note does anyone have a full fledged article or something on DNS where in I can read the ins and outs of it. Detailing every aspect of it. Let me know if anyone in the community knows.. Thanks for the help so far. What's your mask? if it's /24, your gateway is in a different subnet. I assume their network is setup like this... 192.168.218.x is the WLAN. Those people need to VPN into another subnet, such as 192.168.216.x The 216 subnet has an ACL that allows it out to the internet. The 218 subnet has an ACL that does not. No amount of tunneling will work as long as your IP address is in the 218 range and you are on that WLAN interface. Tunneling is for when ports are filtered. From what you are saying, I don't think that's your problem. Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 17, 2009 Share Posted May 17, 2009 http://www.dns.net/dnsrd/rfc/ http://www.ietf.org/rfc/rfc1035.txt Quote Link to comment Share on other sites More sharing options...
Zimmer Posted May 17, 2009 Share Posted May 17, 2009 If your curious ask. Oh and the shit up to your eyes I wouldn't be going hahahaha, unless you like getting in to shit (I personally have never met someone who does). Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted May 18, 2009 Share Posted May 18, 2009 So since the WLAN is not allowing me to go outside as per the ACL's there is no way out to the outside world ? Yea as you said I think everything is blocked so I don't see a way out. But I was wondering DNS should have a way out. On that note does anyone have a full fledged article or something on DNS where in I can read the ins and outs of it. Detailing every aspect of it. Let me know if anyone in the community knows.. Thanks for the help so far. Why do you think DNS is open? You said before when you do an nslookup it comes back with nothing. DNS probably is open in the VPN'd subnet, not the one you are in. Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 18, 2009 Author Share Posted May 18, 2009 Yea I think DNS isn't open. I was just assuming theres some way to get out to the internet. Anyways thanks for the reply Why do you think DNS is open? You said before when you do an nslookup it comes back with nothing. DNS probably is open in the VPN'd subnet, not the one you are in. Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 18, 2009 Author Share Posted May 18, 2009 If your curious ask. Oh and the shit up to your eyes I wouldn't be going hahahaha, unless you like getting in to shit (I personally have never met someone who does). @zimmer --- dude u havent yet met but now you have... and I don't see why you even replied... cos ur post isnt useful in any aspect to this thread ? Quote Link to comment Share on other sites More sharing options...
mshenoy Posted May 18, 2009 Author Share Posted May 18, 2009 http://www.dns.net/dnsrd/rfc/ http://www.ietf.org/rfc/rfc1035.txt Thanks boris for all the help... great as usual Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.