Collaborate Disseminate
I am wondering if there is a practical way to establish a secure, encrypted network connection through an MITM proxy given the ability to communicate secrets out-of-band with a second, external proxy. Let’s say the MITM is part of a corpo… Continue reading securely tunneling through a MITM proxy
In an IPsec Secure gateway setup, why is tunnel-mode used when an external laptop wants to access an internal service protected by a firewall? Is tunnel-mode necessary or could transport-mode be used instead? Why can’t a gateway perform ac… Continue reading Why does IPsec use tunnel-mode for an external laptop? Could transport-mode be used? Why can’t a gateway control access in transport-mode?
I have a server running multiple docker containers, accessible through tunneling.
I want to create a new tunnel that is separate from the one I already have. Will the new tunnel service interfere or expose the other containers running unde… Continue reading 2 network tunnels from 2 providers to 1 machine running docker, will this expose all containers on both tunnels?
In a CTF, I want to attack a Bluekeep vulnerable machine over the internet using metasploit, but the problem is my Kali machine (attacker) is not exposed to the internet, so the vulnerable machine cannot send me back a reverse shell.
So I … Continue reading Pivoting over internet [closed]
I won’t lie, I am not a security expert and I am likely one of them guys in them companies whom working life proficiency is to slowly become little annoying. I work for a company complying with PCI DSS standard and the company slowly start… Continue reading PCI DSS 4.0 – Are SSH tunnels and gateways doomed?
If a PCI compliant service decides to SSL-Tunnel credit card information via an independent residential/mobile proxy service to a destination payment service, would this protocol still be PCI compliant?
Since the credit card information is… Continue reading PCI-DSS Compliance: SSL Tunneling Credit Card Information Through A HTTPS Mobile/Residential Proxy Service to A Destination Service
I have a networking routing problem which I am unable to find a solution for:
I have a first machine, 192.168.51.103 (Windows), which is linked to subnet 172.16.51.0/24. To access this subnet, I first compromised 192.168.51.103 and then us… Continue reading How to double hop pivot?
How can an attacker with initial access to a server behind a firewall, which only has SSH, HTTPS, and HTTP ports open, maintain remote access to the server even after the SSH port is closed by the user on the firewall?
I have searched these questions and answers but none of them directly answering the question:
I knew its by implementing any kind of reverse shell, creating a tunnel that sending outbound connection to attacker server:
Why a tunnel – reverse shell not detected by Firewall or such Antivirus on the OS? until this point, I worked on many computers and tested if a tunnel works or not, none of them blocked me even with enterprise firewall and client security software.
Continue reading How outgoing tunnels are not stopped by AV or firewalls?
I need some help understanding the security implications of using a service like ngrok to setup an ssh connection.
I’ve got two computers without public IP addresses (both using mobile internet connections) so I can’t ssh directly from com… Continue reading Security of SSH with Service like ngrok
I wrapped my Socks5 traffic in TLS using Stunnel and the Stunnel server is listening on the port 443:tcp.
I can connect successfully to Stunnel server and exchange Socks5 traffic.
From the perspective of DPI (Deep packet inspection), is th… Continue reading Does the traffic tunnelled using Stunnel on port 443:TCP appear the same as normal HTTPS to DPI?