NOZK Posted October 26, 2017 Share Posted October 26, 2017 Hello guys I will hear about if it was possible to connect packet squirrel between Router and Switch and have computers on connected and than let the Packet squirrel run a payload that spreads to theres computers there connected to the switch and then Connect to theres computers and later connect to them on lan by the payload there are on ? Greetings Link to comment Share on other sites More sharing options...
mr.buddy Posted October 26, 2017 Share Posted October 26, 2017 Uhhh... Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 27, 2017 Share Posted October 27, 2017 You are speaking of a worm. You talking about turning the Packet Squirrel into a "Can of Worms"? You have to understand worms for that to work. For one, you need a way into the other machines. Intercepting packets will not get you in. Having credentials or exploits get you in. Without those, you are just chucking shellcode across the wire to no available which may get detected. So, no credentials, no exploits, no infecting. Link to comment Share on other sites More sharing options...
InfoSecREDD Posted October 27, 2017 Share Posted October 27, 2017 What your asking is very possible... But I doubt anyone will tell you exactly how to do it. What you are asking for is pretty much "malicious codes" which is kinda frowned upon.. You would need to modify the PacketSquirrel with a couple different programs to make "such task" work.. (You wont get it out of me, but maybe someone else might help you.) -Ar1k88 Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted October 27, 2017 Share Posted October 27, 2017 26 minutes ago, Ar1k88 said: What your asking is very possible... But I doubt anyone will tell you exactly how to do it. What you are asking for is pretty much "malicious codes" which is kinda frowned upon.. You would need to modify the PacketSquirrel with a couple different programs to make "such task" work.. (You wont get it out of me, but maybe someone else might help you.) -Ar1k88 I think I misread his post. Looks like he maybe talking about a network driveby but no autospread from victim which is a little better than the worm thing I thought he was thinking of doing but he still will need an exploit that works on packet intercept for it to work. Best advice is if you do not know of an exploit, it is not possible. Now, if the discussion is of a worm, be aware, accidentally releasing infectious code in the wild will have the feds knocking on your door. Does not matter if it does damage or not. Ask Samy. So, worms would fall underneath that. For safety, avoid self replicating code with the intent to self spread on its own. Link to comment Share on other sites More sharing options...
zoro25 Posted October 27, 2017 Share Posted October 27, 2017 I didn't read it as a worm but to attack machines attached to a switch, (let's say 8 devices) As previously mentioned it's going to be hard as it sounds like he's looking for persistence. Those 8 machines could be any OS/IOT devices so yes you can MITM them to grab credentials etc, but getting persistent access is going to be hard as this usually means exploiting some kind of bug in the underlying OS or software running on the device. (see the earlier reply from PoSHMagiC0de) I think you should instead be looking at how to exploit 1 device on the switch with high certainty using the squirrel and then you need to know/learn how to pivot from there to gain further access to other devices. This is how most engagements work. People never really start with owning the network, but find a weak point (phishing etc) and pivot from there. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.