Untraceable Web Blocker Bypass

Okay to state I an a script kiddie who wants to grow up to be a white hat. (In a childlike voice) Anyways my father has a server that tracks every little url. If I try to get any pen testing programs or "hacker stuff" I get I in trouble blah blah blah cut to the chase ginger or die … I was wondering is there a possibility that i can encrypt the url so that only one time it can be used. So for instance he can't highlight the text copy it to a url and figure out I am looking for more wifi cracking software. I was able to get a Linux Backtrack 4 r2 iso and I can run it from my laptop. I created a partition for it of a little over 40 gigs for the backtrack, I don't have access to the server or the internet when using backtrack (Hopefully backtrack is of use). Anyways I could use some help here thanks.

Be fair to your father and have a good convo with him. If he blocks you from learning stuff he isn't doing a great job.

Thing is he doesn't exactly trust me I accessed a wireless network, and apparently it was something called a honey-pot. So the hacker who was running that put what we believe is a root kit on either my laptop, pc or my brother's pc. After formatting my father beefed up the security.

There are a number of approaches you coild use to 'bypass' it.

One way is to write / use a web server proxy script and add some custom encoding and encryption - probably still obvious that you're doing 'something'… perhaps a chance if you happen to have some webspace with HTTPS to add another layer of encryption but by no mesns makes it 'impossible' to decrypt…

Another is to use an SSH, or similar, tunnel and route everything through a shell account that allows tunneling - such as cjb.net. same deal here another form of transport layer encryption but using PuTTY, can't rwmember for Linux forgive me, one can even forward connections on the local loopback on spcific ports through the SSH connection.

On one hand I think the reaction to beef up security is justified, the method chosen isn't all that amazing though…I would expect rootkits don't necessaerily use obvious protocols - they are convenient though and cannot be ruled out…

Good luck, hope this has helped!

Jim,

Thank you Jim, I can't use proxies though as stated earlier he highlights it copy pastes it to the url and realizes I was on Metasploit. Putty Ill take a look at.

zombiesloth wrote: Thank you Jim, I can't use proxies though as stated earlier he highlights it copy pastes it to the url and realizes I was on Metasploit. Putty Ill take a look at.

If general web proxies are a problem because of unobfuscated URLs, you can design/use a proxy that sends the requested page through POST, rather than GET requests. However, it would also require encryption if his "Web Blocker" did any deep inspection of the request.

Also, there is a difference between web proxies and HTTP proxies. I'm pretty sure HTTPS proxies will not have the problem that you mentioned above, because the entire protocol is sent tunneled through the proxy, rather than web proxies where the content is merely bounced around and you still have to make a URL request in the clear to the proxy. I'm not certain on this, however. :/

Personally, I'd go with Jim's suggestion. SSH tunneling is always the best option if it's available to you, but there are other paths to take if you can't do SSH tunneling.

Be sure to let us know how it turns out.

Alright so I tried to figure out what ssh tunneling is. I realized either I couldn't pay attention to it or it was just to complex for me to fathom my way of getting around the blocker. I'm probably just going to crack the neighbor's wifi password and go from there. I just need to do it at o'dark 30 so its less likely nobody notices I'm on their wifi.

nihnjha tiem:ninja:

zombiesloth wrote: Alright so I tried to figure out what ssh tunneling is. I realized either I couldn't pay attention to it or it was just to complex for me to fathom my way of getting around the blocker. I'm probably just going to crack the neighbor's wifi password and go from there. I just need to do it at o'dark 30 so its less likely nobody notices I'm on their wifi.

nihnjha tiem:ninja:

Dude. It's way less freakin' complicated to just use tunneling.

SSH Tunneling is simply "passing" a connection (like a web page request) through an SSH connection, and then having the connection go from the SSH server to the destination. That way, the SSH encrypts the otherwise-would-be-un-encrypted request.

Eg: (Normal) Your computer –– Router –– Web Server

(Tunneling) Your computer |||| Router |||| SSH Server –– Web Server

"––" represents a possibly unencrypted request (like HTTP) "||||" represents encrypted data

So, while Tunneling, all the data is encrypted that the router can see, and therefore cannot sniff your traffic.

Common, this is easier than cracking wifi and having to wait 'till late at night. Besides, how are you going to get the information/tools to crack wifi without your monitor knowing?

As stealth has explained, pretty clearly, it is a much easier solution :)

Well it's not so much that it "can't sniff the traffic", it can but… it will be completely meaningless to the "HTTP filter" (or w/e) without capturing the public and private keys and decrypting it :D

Also, if I am not mistaken, if you're going to crack a WiFi connection you want some machines to be "connected" to the router/node of interest to capture some data to crack the key easier and avoid MAC filtering issues because you just spoof your network adapter MAC to align with another machine on the target network …

Enjoy.

Jim,

j4m32 wrote: Also, if I am not mistaken, if you're going to crack a WiFi connection you want some machines to be "connected" to the router/node of interest to capture some data to crack the key easier and avoid MAC filtering issues because you just spoof your network adapter MAC to align with another machine on the target network …

Having a client connected to the target network is only necessary for WPA cracking, and not because it generates traffic. If needed, the attacker can inject packets to stimulate network traffic significantly faster than any legitimate client would be doing.

Well it's not so much that it "can't sniff the traffic", it can but… it will be completely meaningless to the "HTTP filter" (or w/e) without capturing the public and private keys and decrypting it :D

Right, that is correct. You know what I meant though ;)

Okay layout of my dad's network

Everybodies computer including magic jack, xmbc, and media pc—–Server—–Firewall||||| (somehow the encryption is so good nobody can man in the middle us) Router|||||Metasploit framework.

zombiesloth wrote: Okay layout of my dad's network

Everybodies computer including magic jack, xmbc, and media pc—–Server—–Firewall||||| (somehow the encryption is so good nobody can man in the middle us) Router|||||Metasploit framework.

No, it's exactly like Jim corrected me on. You can still be man-in-the-middle'd, but while the data is encrypted the attacker can't make any use of it and therefore can't accomplish anything (like reading what you're doing).

The network layout is irrelevant, tunneling will still work. In this case it would just look like:

Computer||||Server||||Firewall<<<<Router<<<<Metasploit framework(?)||||SSH server––Web Server

Where <<<< is data that has been encrypted twice (once by the tunneling, once by your dad's network).

Either way, it's entirely regardless of how the network is set up, because the encrypted connection from your PC to the SSH server on the internet cannot be broken into, and therefore nobody on your LAN can see that your downloading mettasploit manuals, for instance.

Does it make sense?

Download TOR from another web connection and use it.

fashizzlepop wrote: Download TOR from another web connection and use it.

If he has SSH tunneling available, TOR would be a complete waste of time and effort.