How to think as a hacker – Firewall blocked office case study

So, for several months I have been trapped in firewalled office. There, the firewall had 2 restrictions on us. The first one is extension restriction. Because of this restriction, several file type (exe,avi,etc) can’t be downloaded. The second restriction is address restriction. Several sites, like youtube.com, rapidshare, fileserve, etc is blocked.

Now, that’s the case. The security is tight. But, is there any crack in the wall ? Luckily there is 😀 This is my framework to solve this case.

Open blocked sites

So, the firewall on blocking sites is working like this. It is looking at our typed address. If it found some of the keywords (or ip) that’s categorized as blocked, it will block our request and voila we can’t access the sites. For this problem, usually there’re 2 solving. The first one is type the IP instead the address name in hope that the IP itself hasn’t blocked yet. But sadly, the administrator is not that reckless 😦 So we need another way around.

Well, the IP has been blocked, so we need help of anonymizer (ex : http://kproxy.com/) . Anonymizer websites will download our requested web page, put in their buffer and show it to us. But there’s some limitation with this technique. It is because we are using buffered web, we can’t had some file that’s placed on the web server. And because of that, file sharing sites (like fileserve or rapidshare) can’t be used to download.

Well, it’s problematic for file sharing, but… After some experiment I had the salvation after all 🙂

Download exe or blocked filetype

For download blocked file, we need help from sites like download at work (http://dlatwork.com/) or underget(http://www.underget.com/). Sites like this do this kind of logic. Let’s say exe file type is blocked. But, logically there won’t be any people who blocked html file or txt file, aren’t they ? The internet will be useless without them. So these sites take our request and modified it so the firewall thinks that we are downloading html document. So the firewall can be passed 🙂

But, how about file sharing ( still 😛 ) ? Luckily we had enough ammunition to talk about this now 😀

Download from file sharing

For download blocked file, we need leecher (ex : http://www.filezup.com/) . Leecher is server that’s used to copy the file of filesharing to their own server. So after, the file is exist in their file server, we can download it directly (cos it is not blocked). But there’s a simple problem about this. The firewall is set to block zip file type too 😦 But don’t worry because we had the solution to bypass the extention lock before 🙂 We can use the former technique to download the link then. But maybe, for me using service like that can decrease my performing speed, so instead of using automatic tools, I modified the filename manually.

Conclusion

Even the strongest firewall can be turned down with this technique, cos we can’t lock everything. There’ll always exist unblocked tool to do our job.

All of these material is only posted to help you guys learn. Use the knowledge wisely, and if you had modified version of this let me know, so we can share 🙂

Good Luck and Have Fun

May Help.

-Archie-

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s