This is a follow-up post in connection with my DEF CON 22 presentation.
TL;DR: attackers having admin privileges on Linux/Windows systems can mess with the hardware firewall between the attacker and the server, and use the same ports for backdoor communication as it is allowed in the firewall (e.g. 22, 80, 443, 3389, etc). First, the attacker has to exploit the server, and only after that can bypass the firewall. If you are looking for a tool to bypass a firewall before exploiting a server, this tool won’t help you. If you are still interested, here is the tool: http://github.com/MRGEffitas/hwfwbypass
And there are some cool photos about DEF CON at the end of this post.
more here.............https://blog.mrg-effitas.com/bypass-hardware-firewalls-def-con-22/
TL;DR: attackers having admin privileges on Linux/Windows systems can mess with the hardware firewall between the attacker and the server, and use the same ports for backdoor communication as it is allowed in the firewall (e.g. 22, 80, 443, 3389, etc). First, the attacker has to exploit the server, and only after that can bypass the firewall. If you are looking for a tool to bypass a firewall before exploiting a server, this tool won’t help you. If you are still interested, here is the tool: http://github.com/MRGEffitas/hwfwbypass
And there are some cool photos about DEF CON at the end of this post.
more here.............https://blog.mrg-effitas.com/bypass-hardware-firewalls-def-con-22/