search

Tunna

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments.

Source: https://github.com/SECFORCE/Tunnaarrow-up-right

hashtag
Prerequisites

  • A vulnerable web server to upload the web shell
  • Tunna now Supports Python3

hashtag
How to use

Open the webserver.py on the Target
Creating a webserver on target port 5555

  • -l = (local) - it opens a local SOCKS proxy server

  • -r = (remote) - it redirects a port of the target to the tunnel port

  • In this case I'm using the .jsp, but there is also a .php and .aspx that works the same

Accessing the webshell
Show the content of the webserver via tunnel

When we access the file with Curl, we can see the confirmation of the access on TunnaWebServer and in our python webserver as a demonstration

poc 1
poc 2

hashtag

hashtag
Transfer Files

We can extract files using the same method

set a netcat
grab the file through the tunnel
wireshark results

hashtag
The web shell is not very reliable, and we have to open ports individually

PreviousRpivotNextreGeorg

Last updated