ishhaa.blogg.se

9 November 2022 - 19:52
Socat usage
Allmänt
Socat usage





socat usage

Use socat option -b to make datagrams small enough to fit with overhead on the network.

socat usage

Wildcards in the certificate are supported. You would want to look at using a defence in depth approach to secure the back end infrastructure and redirectors. Socat checks the peer certificates subjectAltName or commonName against the addresses option openssl-commonname or the host name. There are key opsec considerations here but hopefully this has given you an idea of the overall architecture and demo setup. You could deploy many VPS forwarders and have these redirect traffic back to infrastructure. Here we have a simple setup for forwarding traffic from a VPS to a web server at another public facing IP. You can also use a service such as shields up. Now port scan/http request from another public IP. Special handling is only required for the different address types at initialization. Run this command with the -h option to print usage information. It can create listeners or clients and connect them to listeners and perform various different types of binding. Now when we visit our VPS IP we will get the traffic redirected through our VPS hosted server back to our backend web server: This example mimics some of the capabilities of the socat command-line utility. Clearly this isn’t amazing as a web server etc. You will want to keep the certificate out of the web server path (hence the. We will need a certificate, for this demo we create a self-signed cert: openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes Socat permet de rediriger un flux mono ou bi directionnel vers un autre flux mono ou bi directionnel. Httpd.socket = ssl.wrap_socket (httpd.socket, certfile=’./server.pem’, server_side=True) We will need an HTTPS service so for this demo we are going to use a simple python https server: https.py Now you will likely want to do this at the network fabric layer but for this instance we are going to use the host based firewall (we could use Iptables but for this UFW is nice and simple).Īpply a rule to allow inbound on TCP 443 from your redirector IP: sudo ufw allow from to any port 443 On the target server we will need to have a public IP or a NAT’d Public IP with the appropriate ports, in this instance TCP 443. You will make this a “service” for production use. ProcessĬreate a linux virtual machine in a cloud services provider:įorward Traffic socat TCP4-LISTEN:443,fork TCP4:xx.xx.xx.xx:443īear in mind this is running as a user context. Ever wanted to run honeypots all over the world but don’t want to deploy actual servers, or psudo servers everywhere? Ever wanted to run a C2 server but don’t want to expose your own IP and want a pool of redirectors? Well here’s a quick look at using SOCAT to forward HTTPS traffic from a VPS to a backend web server.







Socat usage
0 kommentar(er)
Om Mig: