[framework] Http-Tunnel Question
thomas.werth at vahle.de
Thu Apr 20 22:54:34 PDT 2006
Actual i tested how to leak a firewall using http-tunnel. Using software
from http://www.http-tunnel.com/ makes it quite easy, additional i found
gnu http tunnel beeing open source. So i guess including this in ones
evil planes might be easy.
Blocking first one is easy by forbidding proxy end hosts, but second one
with random "tunnel end servers" seems to be impossible. Am i wrong ,
are there other tricks to stop it ( firewalling each host with personal
firewall for example ) ?
Now my question :
Would it be easy to create a http-tunnel payload , so an attack can be
connect back through firewall to outside and infiltrate a firm intranet
? Maybe with an auto-proxy setting from i.e. or similar ?
Or is size for this payload to big to fit into an overflow , so only
really spezialied hackers are able to create such hacks ?
Target of my question is :
May this vuln be exploited ( in future ) by a worm or more likley only a
vision for a good hacker with high motivation ?
Would it be possible to add such a payload into metasploit ?
More information about the framework