Collaborate Disseminate
I’m looking for any guidance around testing a service I’ve found running on a target server. I’m doing a ‘black-box’ pen-test and the company is one of those ‘I-don’t-want-to-tell-you-anything’ types so they won’t tell us wha… Continue reading Black-box fuzzing a TCP Port running an unknown applicaiton
I am running encrypted communication with ping tacked on after decryption and deserialization is complete.
I.e.
incoming data -> split into packets -> decrypt -> deserializer -> actual message or ping
outgoing message or ping -> serializer -> encrypt -> send
I would prefer ping be handled before any decryption happens and make it part of the lowest socket layer instead.
What I wonder is if I introduce any weakness this way. (The actual crypto layer may be TLS or similar.)
I don’t see how manipulating the unencrypted ping would enable much, given that I only use it to test the liveness of the connection and get a RTT.
Am I overlooking something?
EDIT:
Just so this is clear – it relates to a custom server-client protocol for a game. The “ping” here is simply a special packet periodically sent from server to client and then back again.
This helps both client and server ensure that communication is open: one can implement the check “if ping isn’t seen within x seconds, assume that the connection is broken”.
Little time ago, me and my friends argued if TCP handshake can be passed with a spoofed IP address.
Assume I have a web server that allows only certain IP addresses.
Can anyone connect that web server by IP spoof?
Continue reading Is it possible to pass TCP handshake with spoofed IP address?
I have a question regarding your experience of TCP Sequence Prediction that I am hoping someone could help with.
I am aware of how TCP Sequence Prediction works and how the connection can be hijacked by an attacker predictin… Continue reading TCP Sequence Prediction and it’s prominence in modern systems/networks