Results 1 to 2 of 2

Thread: Bypassing Firewalls in Ettercap + Wireshark

  1. #1
    Just burned his ISO
    Join Date
    May 2009

    Default Bypassing Firewalls in Ettercap + Wireshark

    I was playing around with nifty Ettercap filters earlier tonight, I tried MITM attacks for several boxes in ma Local Network, But Ettercap failed to ARP Poison the boxes which had firewalls enabled. Same way i tried sniffing traffics in Wireshark and again the Wireshark failed to sniff traffics from the boxes which had firewalls enabled in it.
    and once more when i tried pawning one of my network machine via metasploit by using reverse connecting payload my backtrack4 host machine failed to connect to the victim because i had enabled firewall in backtrack(Host), but when i ufwdisabled, Victims machine successfully got connected to my listening netcat on port 3333. So i just wanted to know whether there is anyway we can bypass firewalls so we can run exploits and MITM attacks against the Local PC's. Thanks

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010

    Default Re: Bypassing Firewalls in Ettercap + Wireshark

    Setting aside the use of complicated methods that may allow you to sneak traffic through lame non-stateful firewalls, the ways to get around firewall filtering are actually pretty straightforward:
    • Turn off/reconfigure the firewall (This presumes you have the ability to run commands on the host performing the filtering. The Windows and Linux default firewalls can both be configured via use of the command line.)
    • Use traffic that is already allowed through the firewall (Some traffic is almost always allowed through a firewall, such as web traffic or DNS traffic. Make use of that to get your own traffic out, perhaps by tunneling/protocol encapsulation.)
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Similar Threads

  1. Replies: 3
    Last Post: 04-22-2010, 07:06 PM
  2. Bypassing Mac filter
    By Isohump in forum OLD Wireless
    Replies: 3
    Last Post: 01-18-2010, 07:33 PM
  3. Hardware Firewalls
    By SephStorm in forum OLD General IT Discussion
    Replies: 25
    Last Post: 03-26-2009, 06:05 AM
  4. ettercap doesn't see host that Wireshark sees?
    By ploit in forum OLD Newbie Area
    Replies: 1
    Last Post: 03-23-2008, 05:37 PM
  5. Wireshark + Ettercap
    By moosepks in forum OLD Newbie Area
    Replies: 1
    Last Post: 01-09-2008, 05:35 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts