Penetration Testing mailing list archives
Re: command-line reverse connection tunnel?
From: Ivan Buetler <ivan.buetler () csnc ch>
Date: Fri, 20 Dec 2002 17:03:33 +0100
pls. checkout the TCP/IP GenderChanger http://www.csnc.ch/downloads/docs/techdocs/TCP-IP_GenderChanger_CSNC_V1.0.pdf or the famous SOCAT (for ux) utility Ivan On Friday 20 December 2002 03:07, Nick Jacobsen wrote:
As to the subject, I don't know how else to describe what I need in simple words :) I am hoping one of you might have an idea on how to implement the following, keeping in mind that everything MUST be done using a command-line only. I have a machine ("SERVER1") behind a firewall that lets in only port 80, on which there is an HTTP server, but lets out all traffic. I need to connect my machine ("CLIENT") to that server's Remote Desktop, which runs on port 3389. I have command line access to the remote machine by sending a reverse command prompt. So, the question is, what tools are out there that would let me create a tunnel as follows: SERVER1 ----> CLIENT1(port whatever) <---- CLIENT1(Listener port 3389) CLIENT1(RDP client program) -----> CLIENT1(port 3389) <- Existing Pipe -> SERVER1(port 3389) To explain, I need a program on SERVER1 that creates a connection to CLIENT1. the connection that is created to CLIENT1 then needs to listen on port 3389. When CLIENT1 recieves a connection, it needs to pass it through the existing pipe, and SERVER1 needs to connect to itself on port 3389. Sort of confusing, I know, and any other suggestions would be welcome, with the stipulation that, again, SERVER1 can only accept outside connections from port 80, but can make connection to any computer. Thanks, Nick Jacobsen Ethics Design nick () ethicsdesign com --------------------------------------------------------------------------- - This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
-- _____________________________________________________________ Ivan Buetler Compass Security Network Computing AG, CSNC Tel: +41 55 214 41 62 Fax: +41 55 214 41 61 E-mail: ivan.buetler () csnc ch Web site: http://www.csnc.ch/ PGP: 8511 1194 E7DA BFB0 596C 4446 4CCA 337D GnuPGP: 5F2B AA5F C435 F60A FE96 CA33 54C1 630D E77D 1B48 "Security Review - Penetration Testing" _____________________________________________________________ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- command-line reverse connection tunnel? Nick Jacobsen (Dec 20)
- Re: command-line reverse connection tunnel? Michael Thumann (Dec 20)
- Re: command-line reverse connection tunnel? David Pick (Dec 20)
- Re: command-line reverse connection tunnel? Ivan Buetler (Dec 20)