Configure SOCKS5 in proxychains4.conf file
If proxychains4 is not configured for the socks5 proxy, we can make an entry in its configuration file using any text editor. The configuration file is located in the /etc as proxychains4.conf.
To edit the configuration file, we need to comment socks4 proxy if that is configured by default and add socks5 on the loopback interface with the port number. We can use any port, but in this example, we use port 1080.
Banner grabbing of the remote host with proxychains
Let’s grab the banner of ports 21, 23, and 5900. Port 21 belongs to the File transfer protocol, 23 to the telnet, and 5900 to the VNC server. FTP transfers files from different sources to different destinations, and the telnet is used for the remote connection in the command line interface. On the other hand, VNC can be used to establish a GUI-based remote connection. To grab the banners or access the remote host, we have to use proxychains before using any command so the request will be made from the tunnel that we created. From the output, it is confirmed that all three ports are open. In our command, we have used -zvn options that stand for:
-n Do not do DNS or service lookups on specified addresses, hostnames, or ports.
-v Have nc give more verbose output.
-z Specifies that nc should only scan for listening daemons without sending any data to them.
-n Do not do DNS or service lookups on specified addresses, hostnames, or ports.
-v Have nc give more verbose output.
-z Specifies that nc should only scan for listening daemons without sending any data to them.
Kod:
proxychains nc -zvn 192.168.146.128 21 23 5900
Telnet Connection using proxychains
Telnet is a remoting protocol that does not encrypt the data while transmitting. It transmits data in a plain text format. Let’s establish a telnet connection with valid credentials msfadmin/msfadmin. As expected, we successfully established a remote connection with the remote host using telnet protocol.
Kod:
proxychains telnet 192.168.146.128
FTP connection using proxychains
FTP (File Transfer Protocol) is a network protocol for transmitting files between computers over Transmission Control Protocol/Internet Protocol (TCP/IP) connections. Within the TCP/IP suite, FTP is considered an application layer protocol. Let’s connect with the same credentials we used in telnet. We connected to ftp successfully, and with ls command, we can list the available file in the directory.
Kod:
proxychains ftp 192.168.146.128
VNC Viewer connection using proxychains
In the last example, we will connect with the VNC viewer. VNC Viewer is used for local computers and mobile devices you want to control from. A device such as a computer, tablet, or smartphone with installed VNC Viewer software can access and control a computer in another location. This service runs in its default port, 5900. To establish a connection with VNC, we can use proxychains using the vncviewer utility and the remote IP address, and we will receive a GUI-based interface.
Kod:
proxychains vncviewer 192.168.146.128
Conclusion
We have explored chisel briefly, which will make our Internal assessment much easier, especially when we come across port forwarding. We have explored multiple techniques to establish a remote session using a chisel with and without socks5 proxy. Also, we have explored proxychains role in a tunneled connection. I hope you have learned something new today. Happy hacking!