How to Hack a Cisco Router ACL – PacketBomb

How to Hack a Cisco Router ACL

By Kary | tutorial

May 25

In this video you will learn:

  • How to connect to a server protected by a Cisco router ACL
  • How to manipulate TCP flags of packets sent and received by your computer
  • How I’m not a l33t h4x0r

Ok, let’s go!

Leave a comment:

  • Do tell me what you liked and understood
  • Do tell me what you didn’t like and didn’t understand
  • DON’T complain about me using the word “hack” in this context. I’ll fight you

Extra credit challenges (you don’t need a Cisco router ACL to play with divert sockets):

  • Get divert sockets working on Windows
  • Get divert sockets working on Linux
  • Edit the divert script to use a single script for client and server instead of separate scripts for each
  • What problems could occur with the firewall divert rules I used?
  • Knowing what you now know about the “established” keyword, what are some other ways to “hack” the ACL without using divert sockets?

Resources:

Share this post! Spread the packet gospel!

Facebooktwitterredditlinkedinmail
Follow

About the Author

I like being the hero. Being able to drop a bucket of root cause analysis on a burning network problem has made me a hero (to some people) and it feels real good, y’all. Get good at packet analysis and be the hero too. I also like french fries.

Leave a Comment:

(23) comments

John Getzke May 27, 2014

Karl,

I enjoyed this video about working around ACL’s.

This makes me wonder about device hosted ACLs such as HP LaserJet printers. Could a similar procedure be created to work around those ACLs too?

Reply
    Kary May 27, 2014

    Hi John,

    If you mean a ACL on a printer itself, I don’t think this tactic would work there. There could be a way around it, but this tactic depends on the behavior of the “established” keyword with Cisco router ACLs.

    Reply
thejerk May 27, 2014

Can you do a write up? No offence but a 17 min video of you for something that would take 5 mins to read is just a dick move by you. Why do people want to be fucking youtube famous so bad?

Reply
    Kary May 27, 2014

    Hi thejerk,

    A well formatted text version would be nice. I will consider doing that in the future. The videos should get tighter as I get better at producing them. Also, video is a better format to showcase my hilarious, informative style. (that was slight sarcasm, btw)

    Reply
      Rafael February 1, 2017

      LOL. Keep the videos. I actually disagree. Writing techy stuf … screenshots and all that, it’s a pain in the ass. I know … i’m looking towards changing my blogs into videos soon. A video, you do your thing while recording it, then you post it. As long as you know what you talking about (which is your case), it is much easier than writing it up.

      Keep it up dude :) Funny or not, I dot’ care. It was very informative.

      Reply
    Nathan December 3, 2019

    This is entertainment for network types. Do you know what network people do when they are not a work… watch videos about networks, think about networking, dream about their networking problems, talk to their wives about networks … the list goes on. Thanks for the interesting content. It’s almost like thejerk is a windows admin or somethig gui like that.

    Reply
Chris May 27, 2014

Hi Kary,
Great video. Not only did it have some good technical info, but the style kept me thoroughly entertained. Hopefully more from reddit end having a chance to see this. Not to put any pressure on you, but can’t wait to see your next vid.

Reply
    Kary May 27, 2014

    Thanks, Chris! I just got back from crying in the bathroom after thejerk’s comment so this made my day!

    Reply
John G May 27, 2014

Nifty video, and nice calm and fun style. Please keep it up!

Mic quality is great too, which makes it easy to listen.

Reply
    Kary May 27, 2014

    Thanks John!

    Reply
The Troll May 27, 2014

thejerk is a jerk

also, my name is Andrew and I was kidding about the troll part.

This was hilarious so forget the haters. Makes me want to learn this stuff and I don’t even know how to use the terminal on my mac.

Reply
Name validation is not stronk May 27, 2014


i have no sound at work so i can't hear this video.

i should learn lipreading.

Reply
    Kary May 27, 2014

    Give me your phone number, I’ll call and do it live over the phone for you :-P

    Reply
Christian May 28, 2014

Your shirt looks way to serious! :)

Reply
John N May 28, 2014

Nice job, well thought out and not “too serious”, hope to see more!!!

Reply
John Crawford June 6, 2014

Informative and easy to follow. Hilarious – keep it up, can’t wait for the next installment. Vid and sound quality very good, makes it easy to follow.

Reply
Matjaz May 2, 2015

Hello

very nice done. Interesting. How gets complicated if NAT is in between ?

thanks , Matjaz

Reply
    Kary May 9, 2015

    If the NAT is happening in between the two hosts, it shouldn’t really matter because the trick is happening on the hosts themselves.

    Reply
Arunprasath May 21, 2015

What happens if the divert socket not installed on the remote server ?

Reply
    Kary May 21, 2015

    The server is receiving a packet that is not a connection initiation nor part of an established connection so it will likely send a RST back

    Reply
mitch October 9, 2015

You’re hilarious dude. I was literally lol’ing. Great vid!!!

Reply
Rafael February 1, 2017

Hi mate. I bumped into your site through packetpushers website. What you did there iss actually very cool indeed. I thought that’s possible byut didnt know aobut the divert tool.

It really just how quickly it is for “kidos” to hack into systems and call themselves hackers :) To some extent, it’s about knowing the right tools.

Now in this particular case, you would still need either someone, or something to run the script on the server side :)

Well done. Really good explanation otherwise ;)

Peace!

Reply
something cool September 22, 2018

So this assumes you already know the ACL on the cisco router. How would you go about if you dont know it but want to? will you do any vid about such a thing too? acquiring the info about ACLs in the cisco router?

Reply
Add Your Reply

Leave a Comment:

Previous Post How to Hack a Cisco Router ACL Next Post Understanding the tcptrace Time-Sequence Graph in Wireshark