Packet fragmentation
A common technique for evading firewalls is to fragment data packets so that they are sent in separate parts. This makes it difficult to detect malicious traffic, as the firewall may not be able to reconstruct the entire contents of the packet and analyze it properly. Obviously, this technique can be exploited to hide your malicious activity in the midst of legitimate traffic,Suppose we want to bypass a firewall to send a malicious file over the network. Instead of sending the entire file in a single packet, we decide to fragment the file into multiple smaller packets and send them separately. This makes it more difficult for the firewall to detect and analyze the traffic, since the entire contents of the file are not contained in a single packet.
For this we can use specific tools, such as Scapy in Python, to fragment the packets in a customized way. Below is a simplified example of how packet fragmentation could be performed in Python using Scapy:
from scapy.all import IP, fragment
# source and destination IP address
src_ip = "192.168.0.100"
dst_ip = "10.0.0.2"
# Data to send (malicious file)
data = b "Malicious file..."
# Fragment the data into smaller packets.
fragments = fragment(IP(src=src_ip, dst=dst_ip) / data, mtu=1500)
# Send the fragmented packets
for fragment_packet in fragments:
fragment_packet.show()
send(fragment_packet)
In this example, an IP packet is created with the source and destination IP address, and the contents of the malicious file are included in the packet data. Then, using Scapy's fragment() function, the packet is fragmented into smaller fragments according to the specified MTU (Maximum Transmission Unit) (in this case, 1500 bytes).
Finally, the fragmented packets are sent over the network using Scapy's send() function. Each fragmented packet will be intercepted by the firewall as separate packets, making it difficult to detect and analyze the full contents of the malicious file.
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding