Global hooking, to get OpenFile(), CreateFIle() functions and filter argv “cookie.sqlite” and block when programm route is different of firefox.exe.Turn tunnel into an unkillable process.Insert persistence, using function RegOpenKeyEx() to open path “SoftwareMicrosoftWindowsCurrentVersionRun” and write with function RegSetValueEx() to launch a program automatically at system startup.Read also: Android pre-tests: Basic concepts and an introduction to the topic In order to see this in action I have created a repository with everything you need and even a PoC. The Program then opens a HTML in hidden mode and sends the result of CMD to the evil server.The result of the command shell is used to write a HTML with javascript that auto submits the content result.Tunnel gets the cookie from evil server (cookie.sqlite) and uses that to call a command shell.The program calls Firefox Browser in hidden mode, sends a URL that contains an evil server and finally that evil server sends a cookie with a command.To create a program like firefox tunnel, follow these steps to get started: I was studying the firefox internals, reading something about the use of SQLite to work with cookies, and that gave me a different focus. Did you know that x32 and 圆4 architecture need different approaches for development? (later I discovered that easyhook api can solve that). This is not impossible, yet DLL injection sometimes can be boring to implement and even harder to make it portable. The objective of the attack is to use Firefox to make all communication between client and server using hookings. We have a lot of weapons to work in that perspective, something like veil framework, msfvenom… but sometimes following a different path, will generally bring good results. You can also listen to the audio version of this article:Īt this blog post, the content is about a different attack approach to get remote control of the machine and bypass the firewall. This content on Firefox tunnel to bypass any firewall is meant for good purposes, don’t worry. If the red team wins, they can help building a better defense for the Blue Team in the future. A crucial element for the Red Team’s task is having stealth to perform the attack, success in the ability to expose an aggressive mindset and a true cracker’s point of view.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |