Hacking a Computer ( bypassing firewall )
(Note: All tutorials here are for only educational purpose ,.. we aren't responsible for trying these to do .,....these are taken from other sites ... )
Firewalls aren't "bypassed" in the sense Hollywood would have you believe. They operate by checking incoming and outgoing traffic against a set of rules. These rules might be based on metadata (e.g. port number, IP address, protocol type, etc) or real data, i.e. the payload of the packet.
For example:
- Drop all incoming packets from IP address 1.2.3.4
- Drop all incoming TCP packets on port 22, unless they're from IP address 2.3.4.5
- Drop all incoming TCP packets with the RST flag set, when the sequence number does not match that of a known connection.
- Drop all incoming and outgoing NetBIOS packets.
- Drop all incoming packets on TCP port 80 that contain the ASCII string
0x31303235343830303536.
- Base rule set - usually "block all" followed by a list of exceptions for commonly used services / protocols (e.g. outgoing HTTP requests)
- Custom rule set - a set of user rules designed to override / complement the base rule set.
- Signature rule set - a set of signatures to prevent against known exploits. The last rule in my list is an example of this - it detects the Havij SQL injection tool. These usually override all other rules. This set is analogous to an anti-malware database, and must be updated frequently.
Ways I can think of to get round a firewall:
- Literally go around it. Find another entry point to the network that does not pass through the firewall. For example, send some malware or an exploit to an internal user via email.
- Exploit a misconfigured firewall by crafting packets that don't trigger the rules. Difficult, but potentially possible.
- Send custom exploit payloads to the target on an open port. Firewalls can only identify known exploits.
