Bypass Resrtriction based on file extension.

People at office or school when ever you guys try to download something (music, applications...etc) you might counter an annoying message which really freaks you out. Say you want to download an file.exe but your admin has blocked .exe at the gateway level. What can one do ??Think about tunneling stuff. Naaaahh .We are hacker ,isn't it? We think smarter not harder. Anyways this is a way by which using your simple web browser you can cheat the best UTM devices in this world. So i had enough talk lets come to the point. Let me give you one live example and show you how exactly it works.

Say you want to download Winamp. You did little bit of googling and found this link :-

You are really happy thinking that you ultimately got your pie . Nope my friend. As soon as you click on that link you will be greeted with a busted message saying Exe is blocked or anything else which really sounds ridiculous.

Then you start thinking like a hack3r. You open your web browser type the same link but garnishing it a little bit with you own tppings:-

Wow no more moronic messages instead a pop-up will show up asking where you want to save the file. Once it downloaded rename the file to winamp.exe. winamp.cda is basically just an example that i'm showing here. You can write anything (.abc , .def.......;) what ever you prefer.

So what happened exactly. Nothing special you are cheating the UTM device extension checking mechanism.

The idea behind this is give you an insight how basically these tunneling tools work. Frankly speaking i have to reverse engineer a very popular tunneling tool Ultrasurf to get this exploit. But the credit must go to the person who found this exploit and create this awesome tool accordingly.

So friends as i said before , Think Smarted Not Harder