Giter Club home page Giter Club logo

hwfwbypass's Introduction

hwfwbypass

This program can be used to bypass/fool hardware firewalls. The program has to be started with administrator level privileges on a server. When a client connects from the TCP source port specified in the client_sourceport parameter, to the TCP destination port original_dstport. the kernel driver will redirect the traffic to the new_dstport on the server. This trick is useful when the restrictive firewall is blocking bind shells, or thwarting log analysis, because all traffic will use legitimate service port.

usage: hwfwbypass.exe client_sourceport original_dstport new_dstport [disablechecksum] [debug] examples: hwfwbypass.exe 1337 3389 31337 hwfwbypass.exe 1337 3389 31337 disablechecksum debug

disablechecksum: when this parameter is set, it will disable the calculation of the TCP or IP checksums. It is useful when the network adapter driver does the checksum calculations (offload).

debug: print debug info on the screen about the original and modified traffic.

Compilation notes: Download http://reqrypt.org/download/WinDivert-1.1.4-MSVC.zip or later from http://reqrypt.org/windivert.html Update packages in windivert_32_lib or windivert_x64_lib Copy the compiled windivert files (dll, sys) to the compiled hwfwbypass directory (32/64, debug/release)

=============================================================== Known problems, errors:

error: failed to open the WinDivert device (5)

solution: Start the executable with administrator level privileges. Check if the DLL and SYS file is in the same directory.

error: msvcrxxx.dll is missing:

solution: Download the corresponding Microsoft Visual Studio redistributable files, and either install it, or put the DLL's in the same directory where the hwfwbypass binary is. msvcr110.dll -> Visual studio 2012 msvcr120.dll -> Visual studio 2013 Always install the same architecture (32/64 bit) of the DLL as it is the binary. Additional information: the windivert dll file has been compiled with VS2012, and hwfwbypass has been compiled with VS2013

=============================================================== Limitations:

  1. The bind shell should listen on the same interface where the service with original_dstport listens. The driver can't forward the traffic to the "non-existent" loopback interface.

  2. Only TCP traffic is supported at the moment.

hwfwbypass's People

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.