Penetration Testing mailing list archives

Re: command-line reverse connection tunnel?

From: Ivan Buetler <ivan.buetler () csnc ch>
Date: Fri, 20 Dec 2002 17:03:33 +0100


pls. checkout the TCP/IP GenderChanger 

http://www.csnc.ch/downloads/docs/techdocs/TCP-IP_GenderChanger_CSNC_V1.0.pdf

or the famous SOCAT (for ux) utility


Ivan



On Friday 20 December 2002 03:07, Nick Jacobsen wrote:

As to the subject, I don't know how else to describe what I need in simple
words :)

I am hoping one of you might have an idea on how to implement the
following, keeping in mind that everything MUST be done using a
command-line only. I have a machine ("SERVER1") behind a firewall that lets
in only port 80, on which there is an HTTP server, but lets out all
traffic.  I need to connect my machine ("CLIENT") to that server's Remote
Desktop, which runs on port 3389.  I have command line access to the remote
machine by sending a reverse command prompt.  So, the question is, what
tools are out there that would let me create a tunnel as follows:

SERVER1 ----> CLIENT1(port whatever) <---- CLIENT1(Listener port 3389)
CLIENT1(RDP client program) -----> CLIENT1(port 3389) <- Existing Pipe ->
SERVER1(port 3389)

To explain, I need a program on  SERVER1 that creates a connection to
CLIENT1.  the connection that is created to CLIENT1 then needs to listen on
port 3389.  When CLIENT1 recieves a connection, it needs to pass it through
the existing pipe, and SERVER1 needs to connect to itself on port 3389.

Sort of confusing, I know, and any other suggestions would be welcome, with
the stipulation that, again, SERVER1 can only accept outside connections
from port 80, but can make connection to any computer.

Thanks,
Nick Jacobsen
Ethics Design
nick () ethicsdesign com


---------------------------------------------------------------------------
- This list is provided by the SecurityFocus Security Intelligence Alert
(SIA) Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/


-- 
_____________________________________________________________
Ivan Buetler
Compass Security Network Computing AG, CSNC

 Tel: +41 55 214 41 62
 Fax: +41 55 214 41 61

E-mail:     ivan.buetler () csnc ch
Web site:   http://www.csnc.ch/

PGP: 8511 1194 E7DA BFB0  596C 4446 4CCA 337D
GnuPGP: 5F2B AA5F C435 F60A FE96  CA33 54C1 630D E77D 1B48

"Security Review - Penetration Testing"
_____________________________________________________________



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

command-line reverse connection tunnel? Nick Jacobsen (Dec 20)
- Re: command-line reverse connection tunnel? Michael Thumann (Dec 20)
- Re: command-line reverse connection tunnel? David Pick (Dec 20)
- Re: command-line reverse connection tunnel? Ivan Buetler (Dec 20)