-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SOCKS5 updates for BIND requests parsing specs and refactoring #10102
Conversation
Test units all pass:
|
@zeroSteiner provided a TCL script that was helpful for testing BIND, because every other implementation sucks. 😄 TCL clientmsf_socks5.tcl#!/bin/sh
# This line continues for Tcl, but is a single line for 'sh' \
exec tclsh "$0" ${1+"$@"}
# test_client.tcl --
#
# Implements a simple TCP client program utilizing the SOCKS 5 library
#
# Copyright (c) 2011 Blair Kitchen
#
# See the file "license.terms" for information on usage and
# redistribution of this file, and for a DISCLAIMER OF ALL WARRANTIES.
#
set proxyIP "localhost"
set proxyPort "1080"
set serverHost "ubuntu.target.com"
set serverIP "192.168.108.227"
set serverPort "8000"
set root [file join [file dirname [info script]] ..]
source [file join $root socks5.tcl]
set data ""
proc handleConnect {result arg} {
if {$result != "ok"} {
puts "SOCKS error accepting incoming connection: $arg"
return
}
set ::data $arg
}
::socks5::configure -proxy $proxyIP -proxyport $proxyPort -username foo -password bar -bindtimeout 30000
foreach server [list $serverHost $serverIP] {
puts "Attempting CNTRL connection to $server:$serverPort using proxy $proxyIP:$proxyPort"
set cntrl [::socks5::connect $server $serverPort]
puts "CNTRL connection established"
puts "Attempting to create SOCKS5 binding for DATA connection"
set bindInfo [::socks5::bind $server $serverPort handleConnect]
lassign $bindInfo host port
puts "SOCKS server listening for DATA connection on $host:$port"
puts "Sending details via CNTRL connection"
puts $cntrl $host
puts $cntrl $port
flush $cntrl
puts "Waiting for DATA connection"
vwait data
puts "DATA connection established"
puts $cntrl "Hello World (via CNTRL)"
flush $cntrl
puts [gets $data]
puts $data "Hello World (via DATA)"
flush $data
puts [gets $cntrl]
close $data
close $cntrl
puts "---------------"
} Save the above as Sample runthrough:Step 0: Setup a DNS entry in
Step 1: Setup a listener on an "external" server:
Step 2: Run the TCL script to generate the BIND request. You should see a CNTRL connection:
Step 3: Back on the server, you'll get a port for the external server to connect back to the proxy:
Step 4: Connect back to the proxy server on that port, from another window on the external server. You can send strings back to the client via the proxy, and you should see a "Hello World (via DATA)".
|
Many thanks to @zeroSteiner for significant refactoring, assistance with testing, and unit tests! 👍 |
Release Notes
|
This makes some changes to the new SOCKS5 server code base, most notably:
bindata
error
The bind implementation is able to accept reverse connections over sessions. The
implemenation is a bit liberal in the sense that it does not deny connections
from hosts other than the one specified in the request. This is necessary to
make it functional when the user doesn't know where the connection will
originate from.
Verification
be run manually using
rspec spec/lib/rex/proto/proxy
msfconsole
use auxiliary/server/socks5
this tcl implementation for the one)
Bind Testing
Socks clients and libraries supporting bind are hard to come by. For example,
Filezilla forces passive mode when a SOCKS proxy is in use and proxychains-ng
and tsocks simply don't support it. For testing with the tcl implementation
referenced above, the following script (a slight modification from the libraries
example) can be used.
cc: @asoto-r7