TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

Can_Tho_City — GMT

Hi all, Can_Tho_City shall discuss how one can escalate the privileges over corporate internet access by bypassing their corporate's proxies / firewall. In big corporates / companies, employees usually have very limited net access where they can only surf very few sites. They don't have any rights to download any music files(mp3 or wav…), videos or Softwares and also can't visit pornography or hacking sites… Before I shall go in depth, I assume that you are having a sound knowledge on TCP/IP protocol and proxies. Let me explain "proxies" and "socks" in brief. Proxies It is a program which stays in-between the user's system and internet. The request sends by the user's system are processed by the proxy and then forward to the destination server. Proxies are used to distribute the internet access among the nodes. Most of the firewalls comes with inbuilt proxy feature. Firewall proxies increases security for the organisation. SOCKS SOCKS stands for "SOCKetS", these are proxies used for tunneling the connection over the internet for better security. Tunneling provides a protective shield for the data passing over the internet. Since, the data is encrypted it is neither understood by the firewall or the content filters. Visit the following link to know more about SOCK4 / SOCK4a / SOCK5 http://archive.socks.permeo.com/protocol/socks4.protocol (SOCK4) http://archive.socks.permeo.com/protocol/socks4a.protocol (SOCK4a) http://www.ietf.org/rfc/rfc1928.txt (SOCK5) Now I shall discuss how one can make use of SOCKS to bypass the firewall / proxies. Let's assume you want to download music / video files using KaZaa Lite (File Sharing Software) or chat using MSN or Yahoo without getting caught by the system administrator Install a SOCKS client on your system The list of SOCKS Client are as follows: Http-Tunnel - Commercial - http://www.http-tunnel.com/html/ FreeProxy - Freeware - http://www.webattack.com/get/freeproxy.html Hopster - Freeware - http://www.hopster.com/deutsch/ Use one among the free SOCKS proxy (FreeProxy or Hopster). My personal choice is Hopster so here I shall give examples on hopster. Configure SOCKS client to accept connections from the application (KaZaa or MSN etc) Configure Hopster to listen on port 1080/TCP (default port) on your local system. Set your internet proxy address on the SOCK client so that it can connect to it. Click on the link below to view the screenshot: Screenshot1:Set internet proxy address on your sock proxy

In Hopster you also have to set options to accept connection from application like KaZaaLite. View screenshot for details. Screenshot2: Configure Hopster to accept connections from applications (KaZaa)

Configure the application (KaZaa / MSN ) to connect to SOCKS proxy The application must be configured to connect to the local loopback IP address (127.0.0.1) on port 1080/TCP. View the screenshot of KaZaa being configured to connect to the local SOCKS proxy. Screenshot3: Set the loopback proxy address in the application configuration

Once KaZaa has the connection established with the SOCK proxy, you can see the data transfer status both on KaZaa and as well as Hopster. View the screenshot for details. Screenshot5: Data transfer status on hopster

Screenshot6: Download file status on KaZaa

How a SOCKS proxy work? A SOCKS Client sitting on your system acts as a proxy server between your application and your corporate firewall/proxy. This SOCKS client when receive a particular request for the user system, it tunnel the request through http port to the main SOCK proxy server. Since, http port is usually allowed through the firewall / proxy, the tunnel is not detected by the security devices. The main SOCKS proxy then process the request and sends back the data through the http port back to the client machine. The whole sequence of data flow is given below: Step1: Application/User Sends Request -------------- >> SOCKS Client Step2: SOCKS Client Sends Request ---------------- >> Corporate Proxy / Firewall (as HTTP request) Step3: Corporate Proxy / Firewall Sends Request ---- >> SOCKS Proxy (Main SOCKS Server) Step4: SOCKS Server Processes the Request Step5: SOCKS Server sends back data -------------- >> Corporate Proxy / Firewall Step6: Corporate Proxy / Firewall sends back data --- >> SOCKS Client Step7: SOCKS Client sends back data --------------- >> Application /User Note: Similarly one can bypass the corporate firewall / proxy and run any application (MSN/Yahoo/IRC) or visit any sites (pornography sites) using this method. Warning: Dear all, this is purely an educational site, so tricks / methods provided here are to be used by security professionals or system administrators to secure their networks from such security breaches. At any cost you should not use this information for malicious purpose. I won't be held responsible for any malicious use of my articles. So use at your own risk. Can_Tho_City (collect)

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

conmale — GMT

Tôi có ý kiến: nếu đây là bài sưu tầm thì không nên đưa vào những câu như: "Can_Tho_City shall discuss" vì đây không phải là bài chính bạn viết. Nên thay thế "Can_Tho_City" bằng tên của chính tác giả. Thân mến.

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

Can_Tho_City — GMT

conmale wrote:

Tôi có ý kiến: nếu đây là bài sưu tầm thì không nên đưa vào những câu như: "Can_Tho_City shall discuss" vì đây không phải là bài chính bạn viết. Nên thay thế "Can_Tho_City" bằng tên của chính tác giả. Thân mến.

Dạ thưa, em tập họp từ rất nhiều tài liệu, rồi edit lại thành một bài!

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

conmale — GMT

Can_Tho_City wrote:

conmale wrote:

Tôi có ý kiến: nếu đây là bài sưu tầm thì không nên đưa vào những câu như: "Can_Tho_City shall discuss" vì đây không phải là bài chính bạn viết. Nên thay thế "Can_Tho_City" bằng tên của chính tác giả. Thân mến.
Dạ thưa, em tập họp từ rất nhiều tài liệu, rồi edit lại thành một bài!

Nếu tập họp từ nhiều tài liệu thì nên để rõ nguồn của các tài liệu và tác giả của các tài liệu. Nếu bồ không phải là người viết ra các tài liệu này mà chỉ tổng hợp chúng thì không nên dùng tư cách như một người viết ra để tránh ngộ nhận.

TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

subnetwork — GMT

Bài viết này được lấy từ http://www.hackingspirits.com/eth-hac/prf-of-conc/bypass-fw/PoF01/bypass-fw-sock.html Sau này nên ghi tên tác giả bài viết dù bài viết đó tham khảo hay dịch để tránh bị kiện tụng về sau, warez còn bị kiện tụng huống hồ mấy cái này :) Thân

Latest posts for the topic "TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies"

TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

Re: TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies

TUTORIAL - Bypassing Firewall or Proxy using SOCK Proxies