reGeorg

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

Source: https://github.com/sensepost/reGeorg

  1. like Tunna, we need to upload a file in a web server

  2. We'll use socks proxy, so make sure the proxychains in configured

  3. The web shells are not reliable

Prerequisites

  • Python 2.7

  • Be able to upload a file in a web server

Usage

reGeorgSocksProxy.py -p 8080 -u http://webserver:8080/tunnel.nosocket.php

Here we're:

  • Showing all the tunnels available in reGeorg

  • Opening a web server with PHP

php server
on Kali - /etc/proxychains.conf
Connect to the reGeorg web shell
Nmap with Proxychains

In the same way, we can extract files through the proxy

Others web shells like PHP, JSP, ASPx didn't work out for me

trying PHP web shell
error function dl() PHP

PreviousTunnaNextNeo-reGeorg

Last updated