I searched around on the Internet for a program named Loki. It was supposed to send traffic using ICMP. The idea is to hide stuff in there that firewalls would not detect/block. I did find rumors of this program. But could not find the program or even the code for it. Damn.
What is a programmer to do? Write my own version I say. I broke out Microsoft Visual Studio and wrote some C++ code. There were surprisingly few lines of code in my program. Essentially I am making a socket() call to set up the communications, and a sendto() call to push out the data.
Unfortunately the socket() call kept failing with an error of 10013, which is also called WSAEACCES. This is some kind of permission denial on Windows. I tried overriding this by setting a value in the Windows registry. No luck. I am logged on as an administrator on my machine. So I should be able to open up a raw socket.
A couple web site gave me some other ideas. In the end, I had to start my Visual Studio IDE, running it as an administrator. So to begin I just was sending myself some ICMP packets. At least I thought I was. Downloaded Wireshark to record the output and prove the thing was working.
Initially Wireshark did not pick anything up. I broke out the Windows ping program to test Wireshark. It captured that data, but not my own program's messages. Then I modified my program to send some ICMP packet to Google instead of myself. Bam. We are rocking and rolling.
Right now I just send a bunch of garbage in my ICMP packets (sorry Google). And this is just the client end that sends messages. I need to write a server end that runs on another machine. And instead of sending garbage data, I might just have to send some commands over ICMP that "take control" so to say.
This has been an exciting start to researching programs of interest that bypass firewalls. There were some rough patches. But I am learning to power through adversity, like not being able to find my programs. Also broke out an old but good book "UNIX Network Programming" by Richard Stevens. Good stuff.
Work Smarter not Harder
-
We have large data sets in my current project. Every year tons more data is
loaded into the system. So we only keep the majority of data for 4 years.
After...