SOCKS Proxy

Go to [beacon] -> Pivoting -> SOCKS Server to setup a SOCKS4 or SOCKS5 proxy server on your team server.Or, use socks 8080 to setup a SOCKS proxy server on port 8080 (or any other port you choose).

All connections that go through these SOCKS servers turn into connect, read, write, and close tasks for the associated Beacon to execute. You may tunnel via SOCKS through any type of Beacon (even an SMB Beacon).

Beacon’s HTTP data channel is the most responsive for pivoting purposes. If you’d like to pivot traffic over DNS, use the DNS TXT record communication mode.

Use socks [port] [socks4 | socks5] [enableNoAuth | disableNoAuth] [user] [password] [enableLogging | disableLogging] to start a SOCKS4a (by default when no server version is specified) or SOCKS5 server on the specified port. This server will relay connections through this Beacon

SOCKS5 servers can be configured with NoAuth authentication (default), User/Password authentication, and some additional logging.

SOCKS5 Servers currently do not support GSSAPI authentication and IPV6.

To see the SOCKS servers that are currently setup, go to View -> Proxy Pivots.

Use socks stop to stop the SOCKS servers and terminate existing connections.

Traffic will not relay while Beacon is asleep. Change the sleep time with the sleep command to reduce latency.

Commands

1) socks [port] [socks4 | socks5] [enableNoAuth | disableNoAuth] [user] [password] [enableLogging | disableLogging] (By default starts a SOCKS4 proxy when no server version is specified)

2) socks stop (Stop the SOCKS servers and terminate existing connections)

PreviousReverse Port Forward NextSSH Sessions

Last updated 8 months ago