lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <C1BFF1E40C5B98468C6A9B0BA0A3EA2BF60131@infosvrs02.infosec.net>
Date: Mon, 25 Jan 2010 19:04:05 +0900
From: ±è¹«¼º <kimms@...osec.co.kr>
To: <full-disclosure@...ts.grok.org.uk>,
	<pen-test@...urityfocus.com>
Subject: Question about IPTV pentestng - packet
	manipulation for subscribing charged content

Hello list.

2010.1.14, I sent to list Below e-mail.

So someone gave me information. about netsed

http://lcamtuf.coredump.cx/soft/netsed.tgz

It was a tool which I want

 

Structure)

Monitor - IPTV STB - PC(attacker) - VDSL modem - internet

 

PC have two NIC.

Bridge mode.

 

Ex)      ifconfig eth0 0.0.0.0

           Ifconfig eth1 0.0.0.0

           Brctl addbr br0

           Brctl addif br0 eth0

           Brctl addif br0 eth1

           Ifconfig br0 up

 

And then run tcpdump

 

bash# tcpdump -n -i eth0                         

                       ...

         (lots of funny stuff)

                       ...

bash# tcpdump -n -i eth1

                       ...

         (lots of funny stuff)

 

And I could watch IPTV normally.

 

Netsed have a localport.

So if packet is sent localport, netsed will edit this packet and forward.

 

Bash# netsed     tcp      10000      0           0       s/abc/def

                 Protocol  localport  remoteIP   rPort     rule

 

For IPTV packet forwarding to netsed¡¯s localport, run these command. 

 

bash# ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 \

        --ip-destination-port 80 -j redirect --redirect-target ACCEPT

 

bash# iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 \

        -j REDIRECT --to-port 10000

 

Because IPTV is on bridge network, I use ebtables and iptables.

 

Finally, when IPTV want to look for VoD list, it send http packet.

But netsed cannot receive forwarded packet. So I cannot watch VoD list.

 

All of this is to subscribe charged content.

What was wrong?

 

------------------------------------------------------------------------------------------------------------------------

Hello list.

 

I¡¯m pen testing IPTV.

 

Example)

 

Monitor - IPTV STB - PC(attacker) - VDSL modem - internet

PC has two NIC

Two NIC are bridge mode

 

IPTV STB sends request packet for knowing that where is specific file for playing.

 

To server port 8080.

POST /VoD/whereisvod.cgi

a1d1.mpg

 

 

Server¡¯s response is 

 

HTTP/1.1 200 OK

192.168.10.10

 

And then

IPTV STB sends RTSP packet to 192.168.10.10.

 

To server port 554

           DESCRIBE a1d1.mpg

 

And play.

 

I wanna edit this file name. (a1d1.mpg is free, a1d2.mpg not free)

 

POST /VoD/whereisvod.cgi

a1d2.mpg

 

DESCRIBE a1d2.mpg

 

For this, I have to packet sniffing and blocking them and manipulation packet and resend.

Are there tools?

 


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ