Return to forum
packet to bytecode
by - Thursday, January 1, 1970 at 12:00 AM
cat lover<3
GOD
Posts: 196
Threads: 0
Joined: N/A
Reputation: 764

CoderShoutbox AddictLGBTQ+Transgender
#1
October 16, 2022 at 11:29 AM
useful for when you are making bpf rules  :pomhappy:

example for ssh bpf bytecode
tcpdump -i interface -e -nn  "tcp dst port 22" -ddd | tr '
' ','

then you can use iptables to accept the bpf like:
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "58,0 0 0 0,48 0 0 8,37 54 0 128,37 0 53 93,48 0 0 0,84 0 0 15,21 0 50 5,48 0 0 9,21 0 48 6,40 0 0 6,69 46 0 8191,177 0 0 0,72 0 0 14,2 0 0 8,72 0 0 22,36 0 0 44,7 0 0 0,96 0 0 8,29 0 38 0,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 3,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 3,28 0 0 0,2 0 0 7,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 7,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 128,37 0 45 93,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 64,37 0 45 29,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT

probbaly useless for most people but really useful for people who want to ONLY accept certain traffic  :angel:
Arx &lt;3 Punk
Reply
OG Homie
GOD
Posts: 1438
Threads: 0
Joined: N/A
Reputation: 1474

ServiceBrain WizardActive
#2
October 16, 2022 at 11:30 AM
is this any kind of exploit and you breaching breached rn
//~ Young, Wild &amp; Free ~//

Reply
BreachForums User
Member
Posts: 0
Threads: 0
Joined: N/A
Reputation: 0

#3
October 16, 2022 at 11:35 AM
(October 16, 2022, 11:29 AM)Arx Wrote: useful for when you are making bpf rules  :pomhappy:

example for ssh bpf bytecode
tcpdump -i interface -e -nn  "tcp dst port 22" -ddd | tr '
' ','

then you can use iptables to accept the bpf like:
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "58,0 0 0 0,48 0 0 8,37 54 0 128,37 0 53 93,48 0 0 0,84 0 0 15,21 0 50 5,48 0 0 9,21 0 48 6,40 0 0 6,69 46 0 8191,177 0 0 0,72 0 0 14,2 0 0 8,72 0 0 22,36 0 0 44,7 0 0 0,96 0 0 8,29 0 38 0,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 3,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 3,28 0 0 0,2 0 0 7,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 7,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 128,37 0 45 93,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 64,37 0 45 29,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT

probbaly useless for most people but really useful for people who want to ONLY accept certain traffic  :angel:


https://linuxize.com/post/tcpdump-command-in-linux/, or do some python shit, idc
Reply
Member
Member
Posts: 7
Threads: 0
Joined: N/A
Reputation: 0

#4
October 16, 2022 at 11:43 AM
thank you
Reply
cat lover<3
GOD
Posts: 196
Threads: 0
Joined: N/A
Reputation: 764

CoderShoutbox AddictLGBTQ+Transgender
#5
October 16, 2022 at 11:44 AM
(October 16, 2022, 11:35 AM)CBT Wrote:
(October 16, 2022, 11:29 AM)Arx Wrote: useful for when you are making bpf rules  :pomhappy:

example for ssh bpf bytecode
tcpdump -i interface -e -nn  "tcp dst port 22" -ddd | tr '
' ','

then you can use iptables to accept the bpf like:
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "58,0 0 0 0,48 0 0 8,37 54 0 128,37 0 53 93,48 0 0 0,84 0 0 15,21 0 50 5,48 0 0 9,21 0 48 6,40 0 0 6,69 46 0 8191,177 0 0 0,72 0 0 14,2 0 0 8,72 0 0 22,36 0 0 44,7 0 0 0,96 0 0 8,29 0 38 0,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 3,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 3,28 0 0 0,2 0 0 7,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 7,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 128,37 0 45 93,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT
iptables -t mangle -A PREROUTING -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -m multiport --dports 22 -m state --state NEW -m bpf --bytecode "50,0 0 0 0,48 0 0 8,37 46 0 64,37 0 45 29,48 0 0 0,84 0 0 15,21 0 42 5,48 0 0 9,21 0 40 6,40 0 0 6,69 38 0 8191,177 0 0 0,80 0 0 27,21 0 35 8,80 0 0 12,116 0 0 4,21 0 32 8,80 0 0 20,21 0 30 2,80 0 0 24,21 0 28 1,80 0 0 25,21 0 26 3,80 0 0 28,21 0 24 1,80 0 0 29,21 0 22 1,80 0 0 30,21 0 20 4,48 0 0 6,69 0 18 64,69 17 0 128,40 0 0 2,2 0 0 15,48 0 0 0,84 0 0 15,36 0 0 4,7 0 0 0,96 0 0 15,28 0 0 0,2 0 0 3,177 0 0 0,80 0 0 12,116 0 0 4,36 0 0 4,7 0 0 0,96 0 0 3,29 0 1 0,6 0 0 65536,6 0 0 0" -j ACCEPT

probbaly useless for most people but really useful for people who want to ONLY accept certain traffic  :angel:


https://linuxize.com/post/tcpdump-command-in-linux/,  or do some python shit, idc


omg obviously you can use tcpdump for just capturing a dump, this is for bpf specific, and you call me dumb  :dodgy:

(October 16, 2022, 11:30 AM)Wild Wrote: is this any kind of exploit and you breaching breached rn


OMG NO WHY DOES NO ONE KNOW WHAT BPF IS ON THIS SITE  :angry:
Arx &lt;3 Punk
Reply
OG Homie
GOD
Posts: 1438
Threads: 0
Joined: N/A
Reputation: 1474

ServiceBrain WizardActive
#6
October 16, 2022 at 1:38 PM
(October 16, 2022, 11:44 AM)Arx Wrote:
(October 16, 2022, 11:30 AM)Wild Wrote: is this any kind of exploit and you breaching breached rn


OMG NO WHY DOES NO ONE KNOW WHAT BPF IS ON THIS SITE  :angry:


i barely know how to put off my computer sir its been running for ages
//~ Young, Wild &amp; Free ~//

Reply
cat lover<3
GOD
Posts: 196
Threads: 0
Joined: N/A
Reputation: 764

CoderShoutbox AddictLGBTQ+Transgender
#7
October 16, 2022 at 1:41 PM
(October 16, 2022, 01:38 PM)Wild Wrote:
(October 16, 2022, 11:44 AM)Arx Wrote:
(October 16, 2022, 11:30 AM)Wild Wrote: is this any kind of exploit and you breaching breached rn


OMG NO WHY DOES NO ONE KNOW WHAT BPF IS ON THIS SITE  :angry:


i barely know how to put off my computer sir its been running for ages


Same Mines been on for like 2 weeks
Arx &lt;3 Punk
Reply
Banned
Posts: 160
Threads: 0
Joined: N/A
Reputation: 0

#8
October 25, 2022 at 6:29 AM
I like this
Reply
Member
Member
Posts: 14
Threads: 0
Joined: N/A
Reputation: 0

#9
October 25, 2022 at 6:31 AM
thanks for the info
Reply


 Users viewing this thread: packet to bytecode: No users currently viewing.