Mirrors/hacktricks
2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2024-12-02 09:29:59 +00:00
Code Issues Projects Releases Packages Wiki Activity
hacktricks/generic-methodologies-and-resources/pentesting-network/ids-evasion.md

74 lines
4.4 KiB
Markdown
Raw Normal View History

Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
{% hint style="success" %}
Učite i vežbajte hakovanje AWS-a:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Obuka AWS Crveni Tim Stručnjak (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Učite i vežbajte hakovanje GCP-a: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Obuka GCP Crveni Tim Stručnjak (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
<details>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
<summary>Podržite HackTricks</summary>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
* Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
* **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili nas **pratite** na **Twitteru** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Delite hakovanje trikova slanjem PR-ova na** [**HackTricks**](https://github.com/carlospolop/hacktricks) i [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repozitorijume.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
{% endhint %}
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# **Manipulacija TTL-om**
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Pošaljite nekoliko paketa sa TTL-om dovoljnim da stignu do IDS/IPS-a, ali ne dovoljnim da stignu do krajnjeg sistema. Zatim pošaljite još paketa sa istim sekvencama kao prethodni, tako da će IPS/IDS misliti da su to ponavljanja i neće ih proveriti, ali zapravo nose zlonamerni sadržaj.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
**Nmap opcija:** `--ttlvalue <vrednost>`
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# Izbegavanje potpisa
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
Jednostavno dodajte smeće podatke u pakete kako bi se izbegao potpis IPS/IDS-a.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
**Nmap opcija:** `--data-length 25`
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
# **Fragmentirani Paketi**
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Jednostavno fragmentirajte pakete i pošaljite ih. Ako IDS/IPS nema sposobnost da ih ponovo sastavi, stići će do krajnjeg domaćina.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
**Nmap opcija:** `-f`
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# **Nevažeći** _**checksum**_
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Senzori obično ne računaju kontrolnu sumu iz performansnih razloga. Dakle, napadač može poslati paket koji će biti **tumačen od strane senzora, ali odbačen od strane krajnjeg domaćina.** Primer:
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Pošaljite paket sa zastavicom RST i nevažećom kontrolnom sumom, tako da će IPS/IDS možda pomisliti da ovaj paket zatvara vezu, ali će krajnji domaćin odbaciti paket jer je kontrolna suma nevažeća.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# **Neobične IP i TCP opcije**
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Senzor može odbaciti pakete sa određenim zastavicama i opcijama postavljenim unutar IP i TCP zaglavlja, dok odredišni domaćin prihvata paket po prijemu.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# **Preklapanje**
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
Moguće je da kada fragmentirate paket, postoji neka vrsta preklapanja između paketa (možda prva 8 bajta paketa 2 preklapa se sa poslednjih 8 bajta paketa 1, a poslednjih 8 bajta paketa 2 preklapa se sa prva 8 bajta paketa 3). Zatim, ako IDS/IPS ponovo sastavi pakete na drugačiji način od krajnjeg domaćina, biće tumačen drugačije.\
Ili možda, dolaze 2 paketa sa istim offsetom i domaćin mora odlučiti koji uzima.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
* **BSD**: Ima prednost za pakete sa manjim _offsetom_. Za pakete sa istim offsetom, izabraće prvi.
* **Linux**: Kao BSD, ali preferira poslednji paket sa istim offsetom.
Translated to Serbian
2024-02-10 13:11:20 +00:00
* **Prvi** (Windows): Prva vrednost koja dolazi, vrednost koja ostaje.
* **Poslednji** (cisco): Poslednja vrednost koja dolazi, vrednost koja ostaje.
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
Translated to Serbian
2024-02-10 13:11:20 +00:00
# Alati
GitBook: [master] 351 pages and 442 assets modified
2020-07-15 15:43:14 +00:00
* [https://github.com/vecna/sniffjoke](https://github.com/vecna/sniffjoke)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
{% hint style="success" %}
Učite i vežbajte hakovanje AWS-a:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Obuka AWS Crveni Tim Stručnjak (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Učite i vežbajte hakovanje GCP-a: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Obuka GCP Crveni Tim Stručnjak (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
<details>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
<summary>Podržite HackTricks</summary>
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
* Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
* **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili nas **pratite** na **Twitteru** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Delite hakovanje trikova slanjem PR-ova na** [**HackTricks**](https://github.com/carlospolop/hacktricks) i [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repozitorijume.
Ad hacktricks sponsoring
2022-04-28 16:01:33 +00:00
</details>
Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md
2024-07-18 18:27:34 +00:00
{% endhint %}
Reference in a new issue Copy permalink