Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
For any nonsense or banter that doesn't fit anywhere else. LoL! omg! ROFL! 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
pwnat
Posted by: thrill
Date: February 17, 2010 11:01PM

I've been thinking about this little program for a few weeks now.. from a hacker perspective it's pretty stinking awesome. From a Network Security Engineer it's freaking scary.. I've even had conversations with cisco security guys on having them add automatic detection for it on the firewall code.. but the truth is I wanted to hear opinions on what the rest of you think..

You can find the source here: http://samy.pl/pwnat/

From my perspective in trying to secure a network, it is easy enough to block the default 3.3.3.3 traffic, however, if someone like me were to think about installing it in someone's network, obviously I'd be using a different unreachable IP.. yes, there are thousands of those. Enough to where I would need to write very specialized regex on cisco firewalls in order to detect the traffic.

But then again, from a hacker standpoint, I'm thinking that it'd be nice to have some sort of a 'scanner' to automatically search out installed 'vanilla' versions of this, and obviously, having the source, it could be very easy to write a scanner to send out packets to random hosts in order to find routers that say "hey, I know someone who is looking for that address!"..

I imagine the average user who installs this is NOT going to set a password, but even if they did, it's not like it is going to be doing much logging that people are going to be looking at to figure out if someone tried to connect to it or even brute force a password..

So in reality, just throwing it out there.. your thoughts are welcomed.. well.. mostly about this subject. ;)

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: pwnat
Posted by: sirdarckcat
Date: February 17, 2010 11:47PM

I like this as much as the myspace worm.. that guy rocks..

--------------------------------
http://sirdarckcat.blogspot.com/ http://www.sirdarckcat.net/ http://foro.elhacker.net/ http://twitter.com/sirdarckcat

Options: ReplyQuote


Sorry, only registered users may post in this forum.