mirror of
https://github.com/carlospolop/hacktricks.git
synced 2023-12-14 19:12:55 +01:00
Created 1080
I tried to keep to your format and style for the document. very sorry if this is not fully correct. Thank you again for all of your hardwork!
This commit is contained in:
parent
75163b0688
commit
52883e4161
51
pentesting/1080-Pentesting-Socks.md
Normal file
51
pentesting/1080-Pentesting-Socks.md
Normal file
|
@ -0,0 +1,51 @@
|
|||
# 1080 - Pentesting Socks 4/5
|
||||
|
||||
## Basic Information
|
||||
|
||||
SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication,
|
||||
so only authorized users may access a server.
|
||||
|
||||
Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.
|
||||
SOCKS performs at Layer 5 of the OSI model
|
||||
|
||||
**Default Port:** 1080
|
||||
|
||||
## Enumeration
|
||||
|
||||
### Authentication Check
|
||||
|
||||
```bash
|
||||
nmap -p 1080 <ip> --script socks-auth-info
|
||||
```
|
||||
|
||||
## Brute Force
|
||||
|
||||
### Basic usage
|
||||
```bash
|
||||
nmap --script socks-brute -p 1080 <ip>
|
||||
```
|
||||
### Advanced usage
|
||||
```bash
|
||||
nmap --script socks-brute --script-args userdb=users.txt,passdb=rockyou.txt,unpwdb.timelimit=30m -p 1080 <ip>
|
||||
```
|
||||
|
||||
## Tunneling and Port Forwarding
|
||||
|
||||
### Basic proxychains usage
|
||||
|
||||
Setup proxy chains to use socks proxy
|
||||
```bash
|
||||
nano /etc/proxychains4.conf
|
||||
```
|
||||
|
||||
Edit the bottom and add your proxy
|
||||
```bash
|
||||
socks5 10.10.10.10 1080
|
||||
```
|
||||
|
||||
With auth
|
||||
```bash
|
||||
socks5 10.10.10.10 1080 username password
|
||||
```
|
||||
|
||||
## More info: [Tunneling and Port Forwarding](../tunneling-and-port-forwarding.md)
|
Loading…
Reference in a new issue