mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
73 lines
1.4 KiB
Markdown
73 lines
1.4 KiB
Markdown
# 1080 - Pentesting Socks
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
## Basic Information
|
|
|
|
**SOCKS** is a protocol used for transferring data between a client and server through a proxy. The fifth version, **SOCKS5**, adds an optional authentication feature, allowing only authorized users to access the server. It primarily handles the proxying of TCP connections and the forwarding of UDP packets, operating at the session layer (Layer 5) of the OSI model.
|
|
|
|
**Default Port:** 1080
|
|
|
|
## Enumeration
|
|
|
|
### Authentication Check
|
|
|
|
```bash
|
|
nmap -p 1080 <ip> --script socks-auth-info
|
|
```
|
|
|
|
### Brute Force
|
|
|
|
#### Basic usage
|
|
|
|
```bash
|
|
nmap --script socks-brute -p 1080 <ip>
|
|
```
|
|
|
|
#### Advanced usage
|
|
|
|
```bash
|
|
nmap --script socks-brute --script-args userdb=users.txt,passdb=rockyou.txt,unpwdb.timelimit=30m -p 1080 <ip>
|
|
```
|
|
|
|
#### Output
|
|
|
|
```
|
|
PORT STATE SERVICE
|
|
1080/tcp open socks
|
|
| socks-brute:
|
|
| Accounts
|
|
| patrik:12345 - Valid credentials
|
|
| Statistics
|
|
|_ Performed 1921 guesses in 6 seconds, average tps: 320
|
|
```
|
|
|
|
## Tunneling and Port Forwarding
|
|
|
|
### Basic proxychains usage
|
|
|
|
Setup proxy chains to use socks proxy
|
|
|
|
```
|
|
nano /etc/proxychains4.conf
|
|
```
|
|
|
|
Edit the bottom and add your proxy
|
|
|
|
```
|
|
socks5 10.10.10.10 1080
|
|
```
|
|
|
|
With auth
|
|
|
|
```
|
|
socks5 10.10.10.10 1080 username password
|
|
```
|
|
|
|
#### More info: [Tunneling and Port Forwarding](../generic-hacking/tunneling-and-port-forwarding.md)
|
|
|
|
{{#include ../banners/hacktricks-training.md}}
|
|
|
|
|
|
|