Penetration Testing mailing list archives

Re: CORKSCREW 2.0

From: Carric Dooley <carric () com2usa com>
Date: Fri, 28 Sep 2001 12:04:00 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Thre is a perl script that has been floating around since like 1999 that
does this.. all you're doing is  connecting to the proxy on it's proxy
port, and then issuing a connect to the host in the void. I have not
really looked at corkscrew, but I am assuming, like the other script, it
just shovels everything  through that pipe. The only value-added feature I
can see is the "http proxy login" thin.


On Thu, 27 Sep 2001, Marco de Vivo [UCV] wrote:

Hi,

Can somebody address me to where to find some CORKSCREW (tunneling ssh via
HTTP proxies) documentation?. If there isn't any, can at least somebody
explain me the basic architecture of this tool? I mean an overall
explanation  of the way it works.

TIA

Marco de Vivo



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
Comment: Made with pgp4pine 1.75-6

iQA/AwUBO7SfilUqWOkDpMZ2EQI6qQCgi8+G3uZ1yUnAyXjwXJmONW7VzwAAn0hS
Ql83HTTYQFQiHVPX+GUVNobv
=05eY
-----END PGP SIGNATURE-----



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

CORKSCREW 2.0 Marco de Vivo [UCV] (Sep 28)
- Re: CORKSCREW 2.0 Carric Dooley (Sep 28)
- Re: CORKSCREW 2.0 Nexus (Sep 29)
- <Possible follow-ups>
- RE: CORKSCREW 2.0 Dawes, Rogan (ZA - Johannesburg) (Sep 28)