Today the division REtested the (SSH tunnel through Proxy) method to bypass HTTP proxy,
CODENAME: "74" successfully blocked our test with "ssl_handshake: Input/output error"
That are good news for the division and bad news for bad people.
A blog about secret plans...
Today the division REtested the (SSH tunnel through Proxy) method to bypass HTTP proxy,
CODENAME: "74" successfully blocked our test with "ssl_handshake: Input/output error"
That are good news for the division and bad news for bad people.
The division tested a new portscanning tool called portbunny,
"
PortBunny 1.0 is a Linux-kernel-based port-scanner created by Recurity Labs. Its aim is to provide a reliable and fast TCP-SYN-port-scanner...
"
The division results:
Yes it's fast, but dramaticly slows down the initiating pc and freezes the division-initiating-pc two times!
But we warned: it might be an illegal hacker tool...
Today the division had success!
Phase1 from project code E is completed,
we successfully cloned the hdd and can now start the root-geeting-process,
Please stay tuned.
HTTP proxy bypassing: SSH (Part b)
The division was assiduously and tried also a setup without an insane "outbound allow ssh"-packetfilter rule on its firewall config to bypass it's proxy. All the traffic should go through the proxy.
What does the division installed and configured therefor?
The tool for this purpose is called proxytunnel and the config is quite easy.
The division setup (/root/.ssh/config):
"
Host mybypasssystem
ProxyCommand /usr/local/bin/proxytunnel -p BIGACMEPROXYSERVER:8080 -d ip-address-of-ssh-server-which-is-owned-by-me:80
"
The division had to setup their outside SSH Server (ip-address-of-ssh-server-which-is-owned-by-me)
to listen for SSH at port 80,
this is because the proxy will normaly olny allow outgoing traffic via CONNECT to Port 80 and 443.
The last things man needs is to configure on his machine
shell: ssh -D 666 mybypasssystem
browser-setup: socks proxy with 127.0.0.1:666
So, does this help to bypass a HTTP proxy over the HTTP Proxy itself (in our test)?: yes
and with some ulterior motives we can do even more than HTTP traffic ....
second technique tested: SSH
Today the division tested another method to bypass HTTP proxy:
a) with SSH
The only thing man needs is to configure on his machine
shell: ssh -D 666 username@ip-address-of-ssh-server-which-is-owned-by-me
browser-setup: socks proxy with 127.0.0.1:666
So, does this help to bypass a HTTP proxy (in our test)?: yes,
because the division does have an insane "outbound allow ssh"-packetfilter rule on its firewall config.
All the HTTP-traffic form the bowser will be forwarded through port 666 to our SSH-Server and this server connects us to the www.
But there are more possibilities! Please stay tuned for Part b) of this article.
The division will check more and let you know