Amazing technology: using php socket5 proxy for Intranet penetration testing

Amazing technology: using php socket5 proxy for Intranet penetration testing

During penetration testing, we often encounter webshells, but webserver provides web services through web port ing on the Intranet. If you have protection software that causes abnormal server permissions, you cannot create socket proxy and port forwarding. At this time, if you want to penetrate the Intranet web service, you need the server you win to provide Proxy services for you.

The tool I used is phpsocks and goagent, which is often used by everyone. The two software have their own advantages. phpsocks needs to connect to the database, however, you can solve this problem by modifying his PHP script and java client. Yesterday I wanted to change this program, and I was interrupted by various things, so I had no time to solve it, after some time, it will be shared again. Based on the socket5 proxy, we can directly put the php script on the web server and set the proxy 127.0.0.1: 10080 to directly access the Intranet through ssh or http, it is equivalent to a VPN. Goagent does not seem to support php socket proxy, so this is the biggest problem.

The following describes phpsocks usage. This is an open-source program. The project address is http://code.google.com/p/phpsocks5 /.

Decompress the package as follows:

Run deploy. bat first.

Follow the prompts to enter the database information, modify debuginfo to false, enter w to write the configuration, and copy the generated PHP file to the web server you won to access, enter the address at the prompt on the cmd interface,

Run run_without_polipo.bat

If started is displayed, it indicates that the startup is successful, and then you can set up a proxy just like the usual use of the software. If the software does not have the proxy function, you can use sockscap to directly proxy

Test SSH connection