The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build to show how resource files can automate tasks.
penthefire – Security tool implementing attacks test the resistance of firewall.
Data packet is received, the attacker send a forged DCC command.
Client connection is open by the attacker. Connect to the ftp server behind a firewall and initiate a real connection. Once the session is setup, he launch the attack by sending a forged 227 command, if using IPv6 using 229 command.
– python 2.7.x with NetfilterQueue module
How to use:
Install Dependencies Debian/Ubuntu Base system
apt-get install build-essential python-dev libnetfilter-queue-dev
pip install NetfilterQueue
git clone https://github.com/BREAKTEAM/penthefire && cd penthefire
python wolffirewall.py --attacker -t 192.168.22.2 --helper ftp --port 29 -v -i eth0 192.168.22.2
python client.py -t 192.168.22.2 --port 29