GRAY-WORLD.NET TEAM
Unusual firewall bypassing techniques, network and computer security.

It was all very well to say `Drink me,' but the wise little Alice was not going to do that in a hurry. `No, I'll look first,' she said, `and see whether it's marked "poison" or not'; for she had read several nice little histories about children who had got burnt, and eaten up by wild beasts and other unpleasant things, all because they would not remember the simple rules their friends had taught them: such as, that a red-hot poker will burn you if you hold it too long; and that if you cut your finger very deeply with a knife, it usually bleeds; and she had never forgotten that, if you drink much from a bottle marked `poison,' it is almost certain to disagree with you, sooner or later.

Lewis Carroll "Alice In Wonderland"
 		Alice
Chinese French Russian Spanish Polish Italian
Home | Projects | Papers | Forum | Team | Links | Contributions
 Projects 

With this Proof Of Concept tool, you can simply create an ICMP tunnel between two computers, which may be located in different networks and separated by a firewall. Skeeve utilizes ICMP packets and IP address spoofing technology to create a data channel in order to redirect TCP connections inside this channel.

Skeeve creates an ICMP tunnel which is based on the use of a Bounce server.

This method relies upon the basic IP address spoofing technology. The Client of the tunnel is trying to send a packet to the Bounce server with an address of the destination Server as a source IP. The Bounce Server can replay this packet and forward it to the destination Server. By adding some payload to the packet, we can establish a covert communication channel between two computers without direct network interaction.

Skeeve Client accepts TCP connections and works as a converter of the IP header (by changing protocol flag from TCP to ICMP echo_request|reply and making some other slight modifications). Skeeve Server is doing the reverse procedure and restores original IP header settings. Both parts are implemented in one C program as a Loadable Kernel module.

Ilya
Current Skeeve version: 1.0; README
Download | md5sum: 6fba1f136f30d695114a0b81216f9e90
http://gray-world.net/projects/skeeve/skeeve-1.0.tar.gz

Index of projects



MsnShell - is a kind of covert channel tunneling tool allowing to remotely control a Linux computer through the use of the MSN protocol.
[learn more]


Team member's sites: www.infosecwriters.com/ hhworld/ The Hitchhiker's World e-zine


GNU  GNU General Public License
 GNU Free Documentation License 		IRC://irc.gray-world.net:6677/gray-world.net
CHANGELOG, MIRRORS, LEGAL NOTICE
20/11/2008 [13:18:56] GMT+03:00 / Unique IPs today: 3468 / Hits: 61405