diff options
Diffstat (limited to 'broken/propagate/README.txt')
-rw-r--r-- | broken/propagate/README.txt | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/broken/propagate/README.txt b/broken/propagate/README.txt new file mode 100644 index 0000000..97b601c --- /dev/null +++ b/broken/propagate/README.txt @@ -0,0 +1,101 @@ +propagate - run commands and proxyfy connections on firewalled machines + +2012 Laurent 'laurent' Ghigonis <laurent@gouloum.fr> + +This tool is not fully functionnal yet +- remote shell works (2012-03-05) + +Some code is from ihf tool i started with warren aka m101. + + +Example of remote interactive shell +=================================== + +Client part addresses are still hardcoded in the software, as we +do not have configuration file handling yet. + +==- server part -== + +./src/pg -l -vv -d + +mkfifo pipe; nc -k -vvv -l 127.0.0.1 3333 < pipe |nc -vvv -U +/tmp/propagate_sock |tee pipe + +==- client part -== + +./src/pg -vv /bin/sh +ls +bak.sh +Makefile +pg.log +pipe +README +src +TODO + + +IDEAS: Usage examples that i want to have in that tool +====================================================== + +Successive example steps that makes you have easy remote shell +from your machine on hosts inside a remote network that you control. +(A) Your machine +(B) Application server running tomcat, where all other connections in/out are blocked +(C) A server behind (B) + +==- I - Remote shell through jsp server running on 1.2.3.4 -== + +-- On the server (B) -- +cat > pg.conf +listen on unix "/tmp/pg.sock" +EOF +pg -l +# deploy fe_srv_http.war to /toto.jsp + +-- On the client (A) -- +cat > pg.conf +route add B using "fe_cli_http.py 1.2.3.4 80 /toto.jsp" async +EOF +pg -t B /bin/sh + +==- II - Remote shell on another server 10.0.0.1 port 3000 living on (B) network -== + +-- On the server (B) -- +cat >> pg.conf +route add C using inet 10.0.0.1 3000 +EOF +pkill -x pg +pg -l + +-- On the server (C) -- +cat > pg.conf +listen on inet 10.0.0.1 3000 +EOF +pg -l + +-- On the client (A) -- +cat >> pg.conf +route add C gw B +EOF +pg -t C /bin/sh + +==- III - Use (B) and (C) from (A) for more than remote shell -== + +-- Connect via ssh to (B) -- +ssh -o ProxyCommand='pg -t B nc 127.0.0.1 22' 127.0.0.1 + +-- Transfer a directory from (C) -- +scp -r -o ProxyCommand='pg -t C nc 127.0.0.1 22' 127.0.0.1:/backups/ . + +-- Use nmap from your machine (A) to scan (B) internal network -== +ssh -D 3333 -o ProxyCommand='pg -t B nc 127.0.0.1 22' 127.0.0.1 +cat > /etc/tsocks.conf + local = 192.168.0.0/255.255.255.0 + server = 127.0.0.1 + server_type = 5 + server_port = 3333 +EOF +tsocks nmap -n 10.0.0.0-255 + +-- Forward a local port on (A) to a port on (C) -- +nc -l 127.0.0.1 4025 |pg -t C nc 127.0.0.1 25 |