Collaborate Disseminate
I’m using netcat -l 555 option to communicate between two computers(Linux) on port 555, is there any way I can eavesdrop to whats going on in that conversation from a 3rd computer?
After the second machine responds with netc… Continue reading Eavesdropping on a specific port of machine in the WLAN from a different machine, possible? (using arpspoof)
Does a host create a separate thread for each TCP SYN request? Or it depends on the socket implementation for the host?
I was reading RFC4987 describing SYN cookies and seems Maximum Segment Size (MSS) is encoded in the SYN cookie and I am not sure why that is the case? Can someone explain why we need the MSS in the SYN cookie?
I was reading about TCP sequence prediction which is described as almost impossible on all updated Operating System nowadays.
The total amount of possible sequence numbers is 2^32-1 which, if we try to brute force it, will be… Continue reading Is TCP Sequence Bruteforcing dangerous nowadays?
In a situation, where the spoofed IP is a real existing remote IP and it is found that the TCP 3-way handshake has been made with a server.
The MiTM machine sends the packet with spoofed IP to the server. Does the real IP a… Continue reading IP Spoofing with real IP when TCP 3-way handshake has been made
Please take a look at this picture, can anybody tell me are those packets sent from some kind of malware?
It is the same source IP address, different port numbers, SEQ number is always 0, and there are a lot of those packets… Continue reading Large number of spurious retransmission – is my server under attack
The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM position also affects some 1.4 billion Android devices, Lookout researchers have warned. “We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9% of the Android ecosystem,” they noted. This fact should not … More → Continue reading Attackers can hijack unencrypted web traffic of 80% of Android users
Researchers at Lookout said that 80 percent of Android devices remain vulnerable to a critical Linux vulnerability disclosed last week. Continue reading TCP Flaw in Linux Extends to 80 Percent of Android Devices
Off-path attack means malicious hackers can be located anywhere on the Internet. Continue reading Linux bug leaves 1.4 billion Android users vulnerable to hijacking attacks
msfconsole is a cool opensource pentesting tool from metasploit.
Once the exploit is valid, we can set payload to the victim. For persistent connection, we may need meterpreter.
But we often test security in Virtual Machines running ms… Continue reading How to set reverse tcp connection when doing pentesting in VMs?