In this video, see how to install and review the DET tool and exfiltrate data using ICMP.
- [Instructor] DET is a tool provided by SensePost…which provide examples of exfiltration…using multiple protocols.…We can clone it from the git repository shown here.…I'll clone this into my user share folder,…the tools being cloned now and we can run pip…to install the tool requirements.…
The requirements have been set up,…so let's see what we've got.…We can see the det.py file in a folder for plugins.…We can see the various protocol plugin files,…including DNS, HTTP, ICMP and Twitter.…Gmail, Google Docs and Slack are also there,…as are the TCP and UDP files.…Let's do an ICMP exfiltration using DET.…
I've got two terminals set up and…I'll run one as the target…which is exfiltrating data…the ICMP client.…And the other as the collector the ICMP server.…The L switch which indicates this is a listening server…and is now waiting for traffic.…Let's start up the exfiltrator.…
We've started the exfiltration,…and it sends the file in stages sleeping in between.…This is to minimize the noise.…The collector confirms it's receiving the data.…
Author
Released
12/11/2018- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS
Skill Level Advanced
Duration
Views
Related Courses
-
Ethical Hacking: Penetration Testing
with Lisa Bock1h 29m Intermediate -
Penetration Testing Essential Training
with Malcolm Shore2h 29m Intermediate -
Penetration Testing: Advanced Kali Linux
with Malcolm Shore2h 22m Intermediate
-
Introduction
-
Disclaimer1m 16s
-
1. Preparing the Lab
-
2. Tunneling
-
Introduction to tunneling6m 21s
-
Secure Shell (SSH) tunneling1m 30s
-
Running a local SSH tunnel2m 27s
-
Dynamic SSH tunneling2m 26s
-
-
3. Pivoting
-
What is a pivot?1m 48s
-
Pivoting with Armitage4m 7s
-
Pivoting with Metasploit1m 45s
-
-
4. Exfiltration
-
Introduction to exfiltration3m 44s
-
Beaconing3m 46s
-
Installing PyExfil2m 34s
-
Exfiltrating using DET2m 19s
-
Enhancing the Cachetalk tool3m 26s
-
Exfiltrating using DNS3m 7s
-
Installing OpenPuff1m 50s
-
-
Conclusion
-
Next steps1m 38s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Exfiltrating using DET