# 1080 - Pentesting Socks
{% hint style="success" %}
Learn & practice AWS Hacking:
[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: 
[**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** π¬ [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** π¦ [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
## Basic Information
**SOCKS**λ ν΄λΌμ΄μΈνΈμ μλ² κ°μ νλ‘μλ₯Ό ν΅ν΄ λ°μ΄ν°λ₯Ό μ μ‘νλ λ° μ¬μ©λλ νλ‘ν μ½μ
λλ€. λ€μ― λ²μ§Έ λ²μ μΈ **SOCKS5**λ μ νμ μΈμ¦ κΈ°λ₯μ μΆκ°νμ¬ κΆνμ΄ μλ μ¬μ©μλ§ μλ²μ μ κ·Όν μ μλλ‘ ν©λλ€. μ£Όλ‘ TCP μ°κ²°μ νλ‘μ μ²λ¦¬μ UDP ν¨ν·μ ν¬μλ©μ μ²λ¦¬νλ©°, OSI λͺ¨λΈμ μΈμ
κ³μΈ΅(κ³μΈ΅ 5)μμ μλν©λλ€.
**κΈ°λ³Έ ν¬νΈ:** 1080
## Enumeration
### Authentication Check
```bash
nmap -p 1080 --script socks-auth-info
```
### Brute Force
#### κΈ°λ³Έ μ¬μ©λ²
```bash
nmap --script socks-brute -p 1080
```
#### κ³ κΈ μ¬μ©λ²
```bash
nmap --script socks-brute --script-args userdb=users.txt,passdb=rockyou.txt,unpwdb.timelimit=30m -p 1080
```
#### μΆλ ₯
```
PORT STATE SERVICE
1080/tcp open socks
| socks-brute:
| Accounts
| patrik:12345 - Valid credentials
| Statistics
|_ Performed 1921 guesses in 6 seconds, average tps: 320
```
## ν°λλ§ λ° ν¬νΈ ν¬μλ©
### κΈ°λ³Έ proxychains μ¬μ©λ²
socks νλ‘μλ₯Ό μ¬μ©νλλ‘ proxy chains μ€μ
```
nano /etc/proxychains4.conf
```
Edit the bottom and add your proxy
```markdown
# SOCKS νλ‘μ
SOCKS νλ‘μλ ν΄λΌμ΄μΈνΈμ μλ² κ°μ νΈλν½μ μ€κ³νλ νλ‘ν μ½μ
λλ€. μ΄ νλ‘ν μ½μ λ€μν λ€νΈμν¬ μλΉμ€μ λν μ‘μΈμ€λ₯Ό μ 곡νλ©°, 보μ λ° μ΅λͺ
μ±μ λμ΄λ λ° μ μ©ν©λλ€.
## SOCKS μ€μ
SOCKS νλ‘μλ₯Ό μ€μ νλ €λ©΄ λ€μ λ¨κ³λ₯Ό λ°λ₯΄μμμ€:
1. νλ‘μ μλ²μ IP μ£Όμμ ν¬νΈλ₯Ό νμΈν©λλ€.
2. ν΄λΌμ΄μΈνΈ μννΈμ¨μ΄μμ νλ‘μ μ€μ μ μ½λλ€.
3. SOCKS νλ‘μ μ΅μ
μ μ ννκ³ , IP μ£Όμμ ν¬νΈλ₯Ό μ
λ ₯ν©λλ€.
4. μ€μ μ μ μ₯νκ³ ν΄λΌμ΄μΈνΈλ₯Ό μ¬μμν©λλ€.
## ν
μ€νΈ
νλ‘μκ° μ λλ‘ μλνλμ§ νμΈνλ €λ©΄ λ€μ λͺ
λ Ήμ΄λ₯Ό μ¬μ©νμ¬ μ°κ²°μ ν
μ€νΈν©λλ€:
```bash
curl --socks5 <νλ‘μ_IP>:<ν¬νΈ> http://example.com
```
μ΄ λͺ
λ Ήμ΄λ SOCKS νλ‘μλ₯Ό ν΅ν΄ example.comμ μ°κ²°μ μλν©λλ€. μ±κ³΅μ μΌλ‘ μ°κ²°λλ©΄ νλ‘μκ° μ¬λ°λ₯΄κ² μ€μ λ κ²μ
λλ€.
```
```
socks5 10.10.10.10 1080
```
μΈμ¦μ΄ μλ κ²½μ°
```
socks5 10.10.10.10 1080 username password
```
#### More info: [Tunneling and Port Forwarding](../generic-methodologies-and-resources/tunneling-and-port-forwarding.md)
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** π¬ [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** π¦ [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **ν΄νΉ νΈλ¦μ 곡μ νλ €λ©΄** [**HackTricks**](https://github.com/carlospolop/hacktricks) **μ** [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) **κΉνλΈ λ¦¬ν¬μ§ν 리μ PRμ μ μΆνμΈμ.**
{% endhint %}