Marco Pontello's Home Page
Home
Old News
Software
Awards
TrID
TrIDNet
Online TrID
TrIDScan
File extension defs
PBTracer
Extra Redcode Kit
Screenshots
SendMex
PEDu
BDLLScan
MiniDumper
RIFFStrip
MPCBitsGUI
Twin
LeakOut
PFCEx
BitmapRip
PlugIns
JFLua
EPScan
TBClamWin
DogLua
Samples gallery
Reference info
tBDW
Code/Libs
PowerBLua
TrIDEngine
TrIDLib
Links
Friends
Forum
Useful Stuff
Core Wars
Contacts Info      
Questa pagina in italiano
(Last updated: 08/03/07)
 

 

LeakOut - Firewall outbound control tester

LeakOut is a simple tool to demonstrate how it is possibile, in certain circumstances, to circumvent the outbound control/filtering systems of personal firewalls such as ZoneAlarm, Outpost, Kerio, Sygate, Look'n'Stop, and others.

Other tools that do a similar test, using slightly different techniques, are Tooleaky, LeakTest, FireHole, and others..

LeakOut doesn't use any especially exotic or refined techniques. That's by design to demonstrate that the "sense of security" derived from an advertised active outbound filtering and/or application control/fingerprinting system is often just an illusion.

LeakOut just uses the default browser to access a specific URL (a page on this same site) to pass a bit of data appended to the URL. The data is demonstration data only, specifically: your user name, your machine's name, and the Windows's directory.

LeakOut should be able to do this in these situations:

  • No firewall is present; or a firewall that doesn't have any form of outbound filtering (e.g., Windows XP's standard firewall) is the only one present.
  • A properly configured firewall with outbound filtering & application control active is installed but full access has been granted to the default browser (this is probably the case with the vast majority of PCs).
  • A properly configured firewall as above, but setup to 'Ask' every time even for the browser and authorization has been given to the browser at least once and the browser is still open. This should work if the browser is Firefox or Opera, for example, as they normally open a new URL in the same window & process that's already open.
    •  

    Download

    LeakOut v1.03, 7KB ZIP

    Change Log

    LeakOut v1.03 - 03/02/05:
    * Fixed another little bug in the browser detection code.

    LeakOut v1.02 - 02/02/05:
    * Fixed default browser detection.

    LeakOut v1.00 - 01/02/05:
    - First version available.