LEGAL DISCLAMER
The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build to show how resource files can automate tasks.
penthefire – Security tool implementing attacks test the resistance of firewall.
TODO:
+ IRC
Data packet is received, the attacker send a forged DCC command.
+ FTP
Client connection is open by the attacker. Connect to the ftp server behind a firewall and initiate a real connection. Once the session is setup, he launch the attack by sending a forged 227 command, if using IPv6 using 229 command.
Open selected pin hole in firewall
Dependencies:
– libnetfilter-queue-dev
– python 2.7.x with NetfilterQueue module
How to use:
Install Dependencies Debian/Ubuntu Base system apt-get install build-essential python-dev libnetfilter-queue-dev pip install NetfilterQueue git clone https://github.com/BREAKTEAM/penthefire && cd penthefire example: python wolffirewall.py --attacker -t 192.168.22.2 --helper ftp --port 29 -v -i eth0 192.168.22.2 python client.py -t 192.168.22.2 --port 29
Source: https://github.com/BREAKTEAM