Jump to content
NOZK

Packet Squrriel Payload Spreadning?

Recommended Posts

Hello guys 

I will hear about if it was possible to connect packet squirrel between Router and Switch and have computers on connected and than let the Packet squirrel run a payload that spreads to theres computers there connected to the switch and then Connect to theres computers and later connect to them on lan by the payload there are on ? 

Greetings 

Share this post


Link to post
Share on other sites

You are speaking of a worm.  You talking about turning the Packet Squirrel into a "Can of Worms"?  You have to understand worms for that to work.  For one, you need a way into the other machines.  Intercepting packets will not get you in.  Having credentials or exploits get you in.  Without those, you are just chucking shellcode across the wire to no available which may get detected.  So, no credentials, no exploits, no infecting.

Edited by PoSHMagiC0de

Share this post


Link to post
Share on other sites

What your asking is very possible... But I doubt anyone will tell you exactly how to do it. What you are asking for is pretty much "malicious codes" which is kinda frowned upon..

You would need to modify the PacketSquirrel with a couple different programs to make "such task" work..

(You wont get it out of me, but maybe someone else might help you.)

 

-Ar1k88

Share this post


Link to post
Share on other sites
26 minutes ago, Ar1k88 said:

What your asking is very possible... But I doubt anyone will tell you exactly how to do it. What you are asking for is pretty much "malicious codes" which is kinda frowned upon..

You would need to modify the PacketSquirrel with a couple different programs to make "such task" work..

(You wont get it out of me, but maybe someone else might help you.)

 

-Ar1k88

I think I misread his post.  Looks like he maybe talking about a network driveby but no autospread from victim which is a little better than the worm thing I thought he was thinking of doing but he still will need an exploit that works on packet intercept for it to work.  Best advice is if you do not know of an exploit, it is not possible.

Now, if the discussion is of a worm, be aware, accidentally releasing infectious code in the wild will have the feds knocking on your door.  Does not matter if it does damage or not.  Ask Samy.  So, worms would fall underneath that.  For safety, avoid self replicating code with the intent to self spread on its own.

Share this post


Link to post
Share on other sites

I didn't read it as a worm but to attack machines attached to a switch, (let's say 8 devices) As previously mentioned it's going to be hard as it sounds like he's looking for persistence. 

Those 8 machines could be any OS/IOT devices so yes you can MITM them to grab credentials etc, but getting persistent access is going to be hard as this usually means exploiting some kind of bug in the underlying OS or software running on the device.  (see the earlier reply from PoSHMagiC0de)

I think you should instead be looking at how to exploit 1 device on the switch with high certainty using the squirrel and then you need to know/learn how to pivot from there to gain further access to other devices. This is how most engagements work. People never really start with owning the network, but find a weak point (phishing etc) and pivot from there.

Edited by zoro25

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...