Search the Community

EV is a tool that allows you to craft TCP packets and leverage some well-known TCP/IP packet manipulation techniques to evade IDS devices. It supports HTTP protocol but unfortunately not HTTPS protocol. The handshake process of TLS is quite complicated and I haven’t figured out how to craft TLS packets elegantly. This tool is written in Python and QT5, using Scapy to make packets. So though this software is tested on the Windows platform only, it theoretically works on other platforms like Linux or MacOS. Fill IP, Port, and Payload fields and click the “Send” button to send the TCP packet to the target. You can also set TCP options and source port. Remember that TCP options are tcp options supported by scapy. You can view response packets in the “Received packets” window and click the packet to view it in the “View Received Packet” window. This is implemented by scapy’s sniff() function, it finds packets that match the target IP or is ICMP protocol(so that you can find TTL exceeded packets). However, sniff() sometimes records packets duplicately. So I strongly recommend users use WireShark if you’ve installed one to see received packets. Request Split You can use TCP Segmentation and IP Fragmentation to break the TCP packet into pieces and send them to the target. This may defeat IDS devices that don’t support TCP/IP reassembly. Increasing wait time or sending packets out of order may also circumvent IDS devices who has a very limited capability in TCP/IP reassembly. Sending Distractor Packets Distractor packets are packets that might be ignored by the target and be recognized by IDS devices. Small TTL distractor packets are packets’ TTL are subtracted to 0 between the IDS device and the target. The target will not receive this packet because the packet has been dropped before reaching the target. But IDS might think that the packet arrives at the target. Therefore, sending small TTL distractor packets containing junk data or RST flags may distract the process of reassembling TCP packets, leading to an evasion. Bad Checksum packets are packets with the wrong TCP checksum. Packets with the wrong checksum are ignored by the target, but IDS devices may not calculate the checksum and reassemble all packets directly, which leads to an evasion. Corrupt ack distractor packets are packets’ ACK field is corrupted. The target ignores such packets because of the wrong ACK field, but IDS might reassemble all packets directly, which leads to an evasion. [hide][Hidden Content]]

proxify Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering, and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. Features Simple and modular code base making it easy to contribute. HTTP and SOCKS5 support for upstream proxy Native MITM support Full traffic dump (request/responses) Traffic Match / Filter with DSL language Traffic Match and Replace support Traffic replay in Burp Changelog v0.0.6 Fix for cert endpoint not working + Internal engine by @Mzack9999 in #82 [hide][Hidden Content]]

Proxify Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering, and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally, a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. Features Simple and modular code base making it easy to contribute. HTTP and SOCKS5 support for upstream proxy Native MITM support Full traffic dump (request/responses) Traffic Match / Filter with DSL language Traffic Match and Replace support Traffic replay in Burp [hide][Hidden Content]]

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, wireshark, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining techniques (VLAN hopping+ARP cache poisoning, VoIP decoding on WEP protected channel, ...), etc. Scapy supports Python 2.7 and Python 3 (3.4 to 3.7). It's intended to be cross platform, and runs on many different platforms (Linux, OSX, *BSD, and Windows). Download: [HIDE][Hidden Content]]

V-SOL GPON/EPON OLT Platform version 2.03 suffers from a link manipulation vulnerability. View the full article

Responsive FileManager version 9.13.4 suffers from bypass, cross site scripting, remote file read, remote file write, and traversal vulnerabilities. View the full article

FLIR Systems FLIR thermal traffic cameras suffers from a websocket device manipulation vulnerability. View the full article