Collaborate Disseminate
Is it possible to send a TCP payload to an open port that executes a specific arbitrary command on the target device using Metasploit or any other program? For example with Windows 10 Server OS?
I searched for any answers to my question, b… Continue reading Arbitrary command execution on remote devices
I am developing a TCP-Proxy in C#/.NET using dotNetty (Port of Netty). The proxy is translating messages between two different systems. It will be hosted on a server in the company network, so it is not exposed to the internet.
I am wonder… Continue reading Securing an internal tcp proxy
I understand that the TCP itself provides a byte stream connection, but has no idea nor does it care what its payload is and how it is segmented to fit into individual packets that travel on the wire.
Observing the process in Wireshark, I … Continue reading How underlying protocol, like TLS, determines which TCP payloads should be combined to form a complete PDU? [closed]
We have started TLS and MTLS enforcement in all our private customer connections on our servers but we are facing design constraints in regards to High Availability TLS deployments.
For context, we are dealing with long-lived TCP sockets t… Continue reading TLS and high-availability [migrated]
I am investigating censorship in India, and know with a high degree of confidence that it is being blocked based on the SNI extension in the TLS ClientHello.
I am in control of both the Client (in India) and the Server (in Germany). I sus… Continue reading Possible to determine who on the Internet is resetting (RST) my TCP connection? [closed]
I am a newbie cyber security engineer working on IoT. Today, a task is given to me. The task was making pentest to a cooker. Because of the privacy, I cannot share the brand of the cooker. The cooker has its own wifi card and connects to w… Continue reading Next movement in IoT pentest when you have restricted information
I am studying how to determine which packets carrying TLS records belong to the same TLS session (much like Wireshark does).
For a given TLS record that belongs to a specific packet(s), are we always able to determine its relation to its o… Continue reading Are TCP source and destination port numbers sufficient to determine which packets carrying TLS records belong to a specific TLS session? [closed]
I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address obfuscation, requirements to be met to receive … Continue reading How would you hide yourself whilst conducting a scan on a target network to identify open service ports?
While setting up a new VPS instance running Ubuntu, I found that I needed to set AllowTcpForwarding yes in /etc/ssh/sshd_config to achieve a remote VS Code connection. I am and will be the sole user who can log in on that instance, root lo… Continue reading Security Implications of Allowing TCP Forwarding to Use vscode-server
I am currently trying to learn the TCP session creating (3 way handshake) process in detail. I was wondering what the sequence number means and also why is the ack num for the next ACK packet always the sequence number of the previous pack… Continue reading What is sequence number and why is it used as the ACK number for the next ACK packet? [closed]