|
04-25-2006, 04:56 PM | |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
Hacking or Getting Around Proxy Servers At work?
this is in theory
Proxy server called "Blue Coat" - www.bluecoat.com - How would I go about getting around it? Now it seems just like an HTTP proxy as i can still run CMD and do an ftp command from the console. Email Ports are working and functional. How to get around the "Blue Coat" Last edited by SLAG; 09-01-2006 at 09:17 PM.. |
Posts: 11,177
|
04-28-2006, 05:50 PM | #31 |
MVP
Join Date: Aug 2003
Casino cash: $7737309
|
http://www.tartarus.org/~simon/putty.../x86/putty.exe
Putty is a GUI SSH client that does not install. Just execute the binary and off you go. |
Posts: 10,620
|
04-28-2006, 07:22 PM | #32 | |
Playing for #1 Draft Pick
Join Date: Oct 2003
Location: Just West of Lambs land
Casino cash: $10004900
|
Quote:
__________________
sig test for this screwy schema |
|
Posts: 25,901
|
04-28-2006, 07:42 PM | #33 |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
Too Bad my Microsoft Thumb Drive Has not Arrived Damnit Bill
|
Posts: 11,177
|
05-03-2006, 06:35 PM | #34 | ||
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
I found this at the bottem of some page--
Quote:
I am also getting this error once i start ssh back up after editiing my sshd_config - Quote:
|
||
Posts: 11,177
|
05-03-2006, 08:12 PM | #35 | |
Pain Cake
Join Date: Nov 2002
Location: Lawrence, KS
Casino cash: $10004900
|
Quote:
__________________
|
|
Posts: 10,170
|
05-03-2006, 10:38 PM | #36 |
MVP
Join Date: Aug 2003
Casino cash: $7737309
|
DOH!!!
My bad, sorry! You actually need one line for every port, so... Port 22 Port 23 Port 25 Port 389 etc. Sorry 'bout that. Got apache stuck in my head where you can define multiple ports using commas. And yes, FTP uses 2 ports, 21 for control and 22 for data. Also, they are both UDP, and HTTP is TCP. Even if you change ports, the firewall will not let it through, as it is only letting UDP through over 21 and 22. |
Posts: 10,620
|
05-03-2006, 10:39 PM | #37 | |
MVP
Join Date: Aug 2003
Casino cash: $7737309
|
Quote:
|
|
Posts: 10,620
|
05-07-2006, 02:45 PM | #38 | |
Rookie
Join Date: May 2006
Location: Hi
Casino cash: $10004900
|
Quote:
FTP is tcp based and uses TCP 20, and 21. http://www.faqs.org/rfcs/rfc959.html http://www.networksorcery.com/enp/protocol/ftp.htm TFTP is UDP based and uses UDP 69. http://www.networksorcery.com/enp/protocol/tftp.htm http://www.faqs.org/rfcs/rfc1350.html SSH utilizes port 22 TCP |
|
Posts: 11
|
05-07-2006, 04:37 PM | #39 | |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
Quote:
I also found out that there are static I.P.'s that are going to be Immune to the bluecoat restrictions, I found a list of the unrestricted IP. Address along with all the correct DNS, WINS's Server information Does this change the plan of the Hypothetical Attack |
|
Posts: 11,177
|
05-07-2006, 05:18 PM | #40 | |
Rookie
Join Date: May 2006
Location: Hi
Casino cash: $10004900
|
Quote:
|
|
Posts: 11
|
05-08-2006, 07:58 AM | #41 |
'Tis my eye!
Join Date: Aug 2000
Location: Chiefsplanet
Casino cash: $10199900
|
FYI, most current firewalls can detect FTP data spoofing on TCP 21.
Use a different port... |
Posts: 100,071
|
05-08-2006, 05:29 PM | #42 |
Rookie
Join Date: May 2006
Location: Hi
Casino cash: $10004900
|
I wouldn't recommend doing it all. I think its an easy way to lose your job. In fact, if you spent all this time working, that you have trying to circumvent the rules, they most likely never would have spent the money on the proxy.
They most likely have logs that look for any connection going outbound to IP addresses that they've blacklisted. Your best chance to do get away with it is to use encrypted channels utilizing ports higher than 1024 and most likely higher than 6500. Don't use backup http ports 80-88, 8080-8088, or 443. Don't use SOCKS ports for that matter as well. I'd try and use persuasion... Here's a recent article on web surfing at work...show it to your bosses...try and get some feedback on at least getting a few websites returned. http://www.msnbc.msn.com/id/12462332/ |
Posts: 11
|
05-12-2006, 04:31 PM | #43 |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
ok... after today's day on the job I am Determined to get around the proxy server... .my best bet seems to tunnel x11 over PuTTY,
This is where i am stuck, I have added all those ports to the sshd config file, now sshd starts fine, nmap dosent seem to be a reconized command, I cannot connect to the PC from my laptop on MY LAN... any other tips or suggestions, i ran some traceroutes and netstats as well i think i know the ip address of the Proxy or of the gateway, login.oscar.aol.com port 5190 is open to connect to AIM using lotus, but if i go to the web browser and type in login.osacr.aol.com i get nowhere. This is more than hacking to browse the net or chiefs planet... this is personal |
Posts: 11,177
|
05-13-2006, 12:43 AM | #44 |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
Ok i can log in remotley ( havent tested work yet... ) into linux from my XP box using putty..
when i try to throw the command Code:
startx Code:
Fatal server error: Server is already active for display 0 If this server is no longer running, remove /tmp/.X0-lock and start again. When reporting a problem related to a server crash, please send the full server output, not just the last messages. Please report problems to http://www.suse.de/feedback. Xlib: connection to ":0.0" refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key giving up. xinit: unable to connect to X server xinit: No such process (errno 3): Server error. |
Posts: 11,177
|
05-13-2006, 07:16 AM | #45 |
Superbowl MVP
Join Date: Oct 2005
Location: OOOOOOOOOOOOOLATHE
Casino cash: $9910252
|
ok i'm at work now and it looks as ssh was/is open--- now if we can get past that error message -- thanks chiefs planet You rock
|
Posts: 11,177
|
|
|