1080 - Pentesting Socks

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

Basic Information

SOCKS ni protokali inayotumika kwa ajili ya kuhamasisha data kati ya mteja na seva kupitia proxy. Toleo la tano, SOCKS5, linaongeza kipengele cha uthibitishaji ambacho ni hiari, kinachoruhusu watumiaji walioidhinishwa pekee kufikia seva. Kimsingi inashughulikia proxying ya muunganisho wa TCP na kupeleka pakiti za UDP, ikifanya kazi katika safu ya kikao (Layer 5) ya mfano wa OSI.

Default Port: 1080

Enumeration

Authentication Check

nmap -p 1080 <ip> --script socks-auth-info

Brute Force

Matumizi ya Msingi

nmap --script socks-brute -p 1080 <ip>

Matumizi ya juu

nmap  --script socks-brute --script-args userdb=users.txt,passdb=rockyou.txt,unpwdb.timelimit=30m -p 1080 <ip>

Matokeo

PORT     STATE SERVICE
1080/tcp open  socks
| socks-brute:
|   Accounts
|     patrik:12345 - Valid credentials
|   Statistics
|_    Performed 1921 guesses in 6 seconds, average tps: 320

Tunneling and Port Forwarding

Msingi wa matumizi ya proxychains

Weka proxy chains kutumia socks proxy

nano /etc/proxychains4.conf

Edit chini na ongeza proxy yako

socks5 10.10.10.10 1080

Na uthibitisho

socks5 10.10.10.10 1080 username password

More info: Tunneling and Port Forwarding

{% hint style="success" %} Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)