Giter VIP home page Giter VIP logo

tunnelling-experiments's Introduction

potatun

An experimental packet tunnelling bind shell using obscure techniques to evade IDS/IPS.

  • TCP/UDP (source port encoding)
  • ICMP (payload)
  • SCTP (chunkdata)
  • IPSEC (esp)
  • Netflow (V5, netflow record source port encoding)
  • Netbios (NBNSQueryRequest, question_name)

NOTE:

  • Data encryption is used where applicable.
  • Invalid use of protocols should be detected by a properly configured SIEM. (Which is very much the case for the options above!)

Requirements

  • python3
  • scapy

Usage

root@kali:/opt/potatun# python3 potatun.py -h
usage: potatun.py [-h] [-i I] [-t T] [-m M]

potatun - an experimental packet tunnelling bind shell.

optional arguments:
  -h, --help  show this help message and exit
  -i I        send interface (eth0)
  -t T        send ip:port (10.10.10.1:443)
  -m M        tunnel mode (udp-c/udp-s, tcp-c/tcp-s, icmp-c/icmp-s,
              sctp-c/sctp-s, ipsec-c/ipsec-s, netflow-c/netflow-s, netbios-c/netbios-s)

Netflow (v5 record source port encoding)

Screenshot 2019-12-15 at 07 02 33

UDP (source port encoding)

Screenshot 2019-12-13 at 06 14 07

TCP (source port encoding)

Screenshot 2019-12-13 at 06 30 28

SCTP (chunkdata)

Screenshot 2019-12-15 at 02 18 17

ICMP (payload)

Screenshot 2019-12-13 at 06 36 18

IPSEC (esp)

Screenshot 2019-12-15 at 03 46 41

NetBIOS (NBNSQueryRequest)

Screenshot 2019-12-16 at 11 34 42

Disclaimer

Don't use this script in real-life, bind shells are sketchy, it's purely for research/experimentation, there are a ton of other safe/stable open source options.

Enjoy~

tunnelling-experiments's People

Watchers

avatar avatar

Forkers

jerrychen81

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.