Results 1 to 1 of 1

Thread: sharing a Single Packet Auth Mechanism I wrote for BT

  1. #1
    Junior Member the_rooster's Avatar
    Join Date
    Apr 2008
    Posts
    25

    Default sharing a Single Packet Auth Mechanism I wrote for BT

    Hello BT community. I’ve had some conversations a while back with some members about honeynets and Single Packet Auth mechanisms and I thought I’d share a console based Single Packet application I have written. It works well on BT4 after installing a few libs. This application consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (both Windows and Linux).

    It involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet…which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made.

    Yeah, it’s a little bit like using a cannon to kill a mosquito, but it puts some interesting theory to practical use. For anyone interested, I put up some documentation and all the source code at http://sourceforge.net/projects/simplespa/

    There is some room for improvement on this for sure. I welcome any decent criticisms and opinions on this and SPA in general.
    Last edited by Archangel-Amael; 01-17-2011 at 09:54 AM. Reason: Fixed URL

Similar Threads

  1. Tool I wrote sniff.sh
    By ghero in forum Experts Forum
    Replies: 17
    Last Post: 04-12-2011, 02:51 AM
  2. Open network but can't capture a single packet - any idea why?
    By utilizeartisan in forum Beginners Forum
    Replies: 8
    Last Post: 11-03-2010, 06:54 PM
  3. Two new tools I wrote
    By Twarter369 in forum Beginners Forum
    Replies: 3
    Last Post: 11-03-2010, 06:42 PM
  4. Replies: 1
    Last Post: 09-29-2010, 11:44 AM
  5. Single packet port knocking with Fwknop
    By compaq in forum OLD Newbie Area
    Replies: 1
    Last Post: 08-03-2008, 11:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •