GRAY-WORLD.NET TEAM
¼ÆËã»úÍøÂ簲ȫ¼¼Êõ ²»Í¬Ñ°³£µÄÍøÂç·ÃÎÊ¿ØÖÆϵͳÓػؼ¼Êõ

Soon her eye fell on a little glass box that was lying under the table: she opened it, and found in it a very small cake, on which the words "EAT ME" were beautifully marked in currants. "Well, I'll eat it," said Alice, "and if it makes me grow larger, I can reach the key; and if it makes me grow smaller, I can creep under the door: so either way I'll get into the garden, and I don't care which happens!"

Lewis Carroll "Alice In Wonderland"
 		Alice
English French Russian Spanish Polish Italian
ÍøÕ¾Ê×Ò³ | ¿ª·¢ÏîÄ¿ | ¼¼ÊõÂÛÎÄ | ×ÔÓÉÂÛ̳ | ¹ØÓÚÎÒÃÇ | ÈÈÃÅÁª½Ó | ÔÞÖúÖ§³Ö
 ¿ª·¢ÏîÄ¿ 

¿ª·¢ÏîÄ¿

Active port forwarder ÔËÓð²È«Ì×½Ó×ÖЭÒéʵÏÖ°²È«ËíµÀ¡£ÕâÊÇרΪÄÇЩ²»¾ßÓÐÍⲿIPµØÖ·È´ÈÔÏëʵÏÖ»¥ÁªÍø·þÎñµÄÈËÉè¼ÆµÄ¡

Cctt, "Covert Channel Tunneling Tool" - ¹ËÃû˼Ò壬ÕâÊÇÒ»ÖÖÒþ²ØͨµÀ¹¤¾ß¡£ËûÌṩ¼¸ÖÖ¿ÉÐз½·¨À´ÊµÏÖÔÊÐíÔÚÒѱ»ÍøÂç·ÃÎÊ¿ØÖÆϵͳÊÚȨµÄÊý¾ÝÁ÷ÉÏ´´½¨²¢½¨Á¢ÈÎÒâÊý¾ÝÁ÷´«ÊäÐŵÀ¡£

Cooking channels - from the paper How to cook a covert channel is a set of two python scripts (CGI and client) allowing to build a communication channel over HTTP cookies.

Firepass - Ò»ÖÖËíµÀ¼¼Êõ¹¤¾ß£¬Í¨¹ýËü¿ÉÒԱܿª·À»ðǽµÄ¹æÔòÔ¼Êø£¬½«Êý¾ÝÁ÷·â×°ÔںϷ¨µÄHTTP POSTÇëÇóÖС£ÈκλùÓÚTCP/UDPЭÒéµÄ×ÓЭÒé¿ÉÒÔͨ¹ýËüÀ´´©Ô½HTTP´úÀí·þÎñÆ÷¶ÔHTTPЭÒéµÄÑϸñÉó²é¡£µ½Ä¿Ç°ÎªÖ¹£¬¿Í»§¶ËºÍ·þÎñÆ÷¶Ë½öÓÃPerlÓïÑÔ±àд¡£·þÎñÆ÷¶Ë×÷Ϊһ¸öCGI½Å±¾ÔËÐÐÔÚWEB·þÎñÆ÷ÉÏ¡£

g00gle CrewBots - from the paper g00gle CrewBots is a set of two POC python scripts allowing set up communication channels over the g00gle.

MsnShell - Ò»ÖÖÒþ²ØͨµÀ¹¤¾ß£¬ÍâÍøµÄ¼ÆËã»ú¿ÉÒԱܿª·À»ðǽµÄÑϸñÊý¾ÝÉó²é£¬Ô¶³Ì¿ØÖÆһ̨ÄÚÍø¼ÆËã»ú¡£Ëü°ÑShellÃüÁî/ÏìÓ¦Òþ±ÎµØ·â×°ÔÚMSNЭÒéÖд«ËͳöÈ¥¡£±ØҪʱ»¹¿ÉÒÔ½«MSNЭÒé°ü·â×°ÔÚHTTPЭÒéÖд«ËͳöÈ¥¡£ËüÎÞÐè°²×°¿Í»§¶Ë£¬Ö»ÓÉÒ»¸ö¿ÉÖ´ÐгÌÐò×é³É·þÎñ¶Ë¡£

Wsh, "Web Shell" - Ô¶³Ì¿ØÖÆUNIX/WIN SHELL£¬Ëü»ùÓÚHTTP/HTTPSЭÒ飬´ËÈí¼þ°üº¬Á½¸ö·Ö±ð¶ÔÓ¦Æä¿Í»§¶Ë/·þÎñÆ÷¶ËµÄPERL½Å±¾ºÍÒ»¸ö·þÎñ¶ËCÓïÑÔ³ÌÐò¡£¿Í»§¶Ë½Å±¾Óë¿ØÖÆ̨ÖÕ¶ËÓ÷¨ÏàËÆ¡£·þÎñÆ÷¶ËÒÔÒ»¸öCGI½Å±¾µÄÐÎʽ³öÏÖÔÚÄ¿±ê£¨ÊÜ¿Ø£©Ö÷»úÉÏ¡£

ËíµÀ/Òþ²ØͨµÀ̽²â£º

Cctde - ÕâÊÇ¡°»ÒÉ«µÄÊÀ½ç¡±Ð¡×éµÄµÚÒ»¸öÒþ²ØͨµÀ̽²âÖ´ÐгÌÐò¡£´Ë³ÌÐòÊÇ´ËÇ°µÄһƪÃûΪ¡°»ùÓÚHTTPЭÒéµÄÒþ²ØͨµÀ/ËíµÀµÄ̽²â¼¼Êõ£ºGWÖ´ÐÐÔ­ÀíÉè¼Æ¡±Ä¿Ç°£¬Ëü±»Éè¼ÆΪһ¸öSnortµÄºó¶Ë·ÖÎöÊØ»¤½ø³Ì¡£Snort - Ò»ÖÖÍøÂçÈëÇÖ̽²âϵͳ¹¤¾ß£¬Äܹ»ÌṩʵʱµÄ´«Êä·ÖÎöÒÔ¼°Êý¾Ý°ü¼Í¼»úÖÆ¡£Ëü»¹ÌṩЭÒé·ÖÎöÀ´Âú×ã²éÕÒ/Æ¥Å䣬Ëü±»ÓÃÓÚ̽²â´óÁ¿µÄ¹¥»÷/̽²â¡£

NACS bypassing (Proof Of Concept)

Skeeve is a POC tool you can use to simply create an ICMP tunnel between two computers, which may be located in different networks and separated by a firewall. Skeeve utilizes ICMP packets and IP address spoofing technology to create a data channel in order to redirect TCP connections inside this channel.

HttPostNG is a funny poc to convert a text file into one or several png images and send them to a remote CGI in HTTP POST requests so that the network based "detector" has to figure if all POST images it monitors are legitimate or suspicious.

Trt-scapy is another implementation for the 0trace tool based on scapy.

ÆäËûÔÓÏ

etc/passwd - ´ÓÊÕ¼¯googleÉϵij£ÓöñÒâÎļþÃû¹Ø¼ü×ÖÁÐ±í¡£

µ±Ç°ÏîÄ¿£º

ÈôÒªÁ˽â¸ü¶à£¬Çë·ÃÎÊ:
http://team.gray-world.net/public/.



MsnShell - Ò»ÖÖÒþ²ØͨµÀ¹¤¾ß£¬ÍâÍøµÄ¼ÆËã»ú¿ÉÒԱܿª·À»ðǽµÄÑϸñÊý¾ÝÉó²é£¬Ô¶ ³Ì¿ØÖÆһ̨ÄÚÍø¼ÆËã»ú¡£Ëü°ÑShellÃüÁî/ÏìÓ¦Òþ±ÎµØ·â×°ÔÚMSNЭÒéÖд«ËͳöÈ¥¡£±ØҪʱ»¹¿É ÒÔ½«MSNЭÒé°ü·â×°ÔÚHTTPЭÒéÖд«ËͳöÈ¥¡£
[¸ü¶à]


Team member's sites: www.infosecwriters.com/ hhworld/ The Hitchhiker's World e-zine


GNU  GNU General Public License
 GNU Free Documentation License 		IRC://irc.0x557.org:3331/gray-world.net
CHANGELOG, MIRRORS, LEGAL NOTICE