Pages: [1]

Author Topic: TCP/IP knowledge : how far does it get you ?  (Read 645 times)

0 Members and 1 Guest are viewing this topic.

Offline deed

  • /dev/null
  • *
  • Posts: 8
  • Cookies: 0
    • View Profile
TCP/IP knowledge : how far does it get you ?
« on: September 16, 2015, 02:34:08 pm »
Hello fellas.
 
So, as we all know, the power of knowledge is Huge, especially in computering or more specifically in hacking.
Programming is of course one if the most beneficial quality.


After programming, i wondered how far could networking get me. Reading several books about tcp/IP and how each protocol functions in each layer. But i cant seem to find a way to exploit all this information to Pen test devices in my local network (remotely).

Report to moderator   Logged

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: TCP/IP knowledge : how far does it get you ?
« Reply #1 on: September 16, 2015, 06:26:01 pm »
Maybe you can give scapy(google it) a go and start to reconstruct some common network attacks such as ARP spoofing, DNS, the regular stuff.
When you get a feel for that you could start looking into exploiting other network protocols such as ST,VLAN etc
That might be a point where you could design your own network hacks/exploits.
Something that I enjoyed doing was writing a tool that could piggyback data on existing packets , there are many things to be done in the field, just use your imagination.
on-the-fly traffic manipulation over a bridge etc etc etc.
« Last Edit: September 16, 2015, 06:26:30 pm by proxx »
Report to moderator   Logged
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline xor

  • Peasant
  • *
  • Posts: 59
  • Cookies: 32
    • View Profile
Re: TCP/IP knowledge : how far does it get you ?
« Reply #2 on: September 17, 2015, 08:54:17 am »
Protocols in the lower layers of the OSI Model as shown in the link below, have very well defined structures.

TCP for example has certain flags which are set depending on the point in the three way handshake. Applications such as nmap take advantage of this to perform SYN scans, RST scans, etc.

You can modify an IP header to spoof the source IP address of a packet.
You can give a packet an invalid checksum so see how a receiving device handles it.
You can say the size of the packet is really large, but only send them a small amount of data, or vice versa.
You can even fuzz these structures to find weaknesses in the layers themselves that you might be able to take advantage of.

There's a lot to learn by learning networking as well.

Reference:
http://f.tqn.com/y/compnetworking/1/S/g/basics_osimodel.jpg
Report to moderator   Logged

Offline deed

  • /dev/null
  • *
  • Posts: 8
  • Cookies: 0
    • View Profile
Re: TCP/IP knowledge : how far does it get you ?
« Reply #3 on: September 17, 2015, 05:17:12 pm »
Uhm... Being familiar with the OSI model and the Protocols that define it, I however have no idea of how I could "mess" with the packets (Modify flags, checksums, headers of various layers).
Report to moderator   Logged

Offline xor

  • Peasant
  • *
  • Posts: 59
  • Cookies: 32
    • View Profile
Re: TCP/IP knowledge : how far does it get you ?
« Reply #4 on: September 18, 2015, 03:06:49 am »
First, you can use a packet sniffer such as wireshark to see what a particular protocol packet looks like.
This will show you the entirety of the packets structure.

Then you want to learn how to write packets using the RAW format.

http://www.tenouk.com/Module43a.html
http://www.binarytides.com/raw-socket-programming-in-python-linux/
https://msdn.microsoft.com/en-us/library/windows/desktop/ms740548(v=vs.85).aspx
http://www.winsocketdotnetworkprogramming.com/clientserversocketnetworkcommunication8h.html
Report to moderator   Logged
Pages: [1]