Add Proxies support to creating a session with postgres_login #18847
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR allows the
postgres_login
module to work with proxies.This was tested using MacOS host and an Ubuntu VM running Docker.
The MacOS host was running two framework consoles. One for setting up a meterpreter session on the Ubuntu VM and the socks proxy job, and the second instance was using the socks proxy to connect to the internal Docker IP.
Before
After
Wireshark
This shows us that the PostgreSQL session is routed through the Ubuntu VM (192.168.112.132), and the host is isolated from that VM's Docker IP address range.
The above screenshot shows the query
select version()
being executed. This TCP stream is encrypted, and we are routing it correctly 👍Verification
You might want to ensure that on your host, you have no Docker containers running so that false positives with the same IP on the host and VM are avoided.
msfconsole
on your hostroute add
to add the internal Docker IP from Ubuntu to the routing table (you may be able to callroute add 172.17.0.1/24 -1
)use socks_proxy
use postgres_login
proxies=
option pointing to your IP and port used by the socks_proxyrun proxies=socks5:your_ip:1080 rhost=ubuntu_vm_internal_docker_ip rport=5432 stop_on_success=true CreateSession=true username=postgres password=whatever_password_you_picked verbose=true