Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: remote admin program that uses http encaspulation
From: Alexander Klimov <alserkli () inbox ru>
Date: Tue, 23 Aug 2005 18:30:41 +0300 (IDT)
On Mon, 22 Aug 2005 fad3r () hushmail com wrote:

I would like to show a client that although he has a proxy server
set up that it is still possible to abuse it and connect remotely
to servers on the outside via a remote program that uses http
encapsulation.

I tested this with dameware and pcanywhere and both do not seem to
support it.  Does anyone know a program that does this?  It does
not have to be very robust, just enough to give a console session.


http://proxytunnel.sourceforge.net/intro.html:

 ``ProxyTunnel is a program that connects stdin and stdout to a server
 somewhere on the network, through a standard HTTPS proxy. We mostly
 use it to tunnel SSH sessions through HTTP(S) proxies, allowing us
 to do many things that wouldn't be possible without ProxyTunnel.

 Proxytunnel can currently do the following:

    * Create tunnels using HTTP and HTTPS proxies (That understand the
      HTTP CONNECT command).
    * Work as a back-end driver for an OpenSSH client, and create SSH
      connections through HTTP(S) proxies.
    * Work as a stand-alone application, listening on a port for
      connections, and then tunneling these connections to a specified
      destination.''

-- 
Regards,
ASK

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]