From: Michael Thumann (mthumann@ernw.de)
Date: Fri Dec 20 2002 - 12:01:39 EST
Sounds very complicated for me ;-), what about this idea:
Use fpipe from www.foundstone.com to redirect traffic on the server to
another port (port 3389) on the same machine:
fpipe -l 80 -s 10xx -i IP_Adress_of_SERVER1 -r 3380 IP_Adress_of_SERVER1
HTTP Server normally don'nt bind to the specific IP Address of the
interface, they are listening on all interfaces (you can verify it with
netstat -an ==> you should see something like 0.0.0.0:80), so you can run
a program that is listening on the specific IP Address and this program
will handle all packets to this port. The Web server isn't reachable on
this IP Address anymore, but your reverse command shell should still work.
Now you only have to tell your Terminal Client to connect to port 80 on the
Server and it sould be done now ;-))
Hope that helps.
cheers
Michael
At 18:07 19.12.02 -0800, you wrote:
>As to the subject, I don't know how else to describe what I need in simple
>words :)
>
>I am hoping one of you might have an idea on how to implement the following,
>keeping in mind that everything MUST be done using a command-line only. I
>have a machine ("SERVER1") behind a firewall that lets in only port 80, on
>which there is an HTTP server, but lets out all traffic. I need to connect
>my machine ("CLIENT") to that server's Remote Desktop, which runs on port
>3389. I have command line access to the remote machine by sending a reverse
>command prompt. So, the question is, what tools are out there that would
>let me create a tunnel as follows:
>
>SERVER1 ----> CLIENT1(port whatever) <---- CLIENT1(Listener port 3389)
>CLIENT1(RDP client program) -----> CLIENT1(port 3389) <- Existing Pipe ->
>SERVER1(port 3389)
>
>To explain, I need a program on SERVER1 that creates a connection to
>CLIENT1. the connection that is created to CLIENT1 then needs to listen on
>port 3389. When CLIENT1 recieves a connection, it needs to pass it through
>the existing pipe, and SERVER1 needs to connect to itself on port 3389.
>
>Sort of confusing, I know, and any other suggestions would be welcome, with
>the stipulation that, again, SERVER1 can only accept outside connections
>from port 80, but can make connection to any computer.
>
>Thanks,
>Nick Jacobsen
>Ethics Design
>nick@ethicsdesign.com
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
>Service. For more information on SecurityFocus' SIA service which
>automatically alerts you to the latest security vulnerabilities please see:
>https://alerts.securityfocus.com/
ERNW Enno Rey Netzwerke GmbH - Zaehringerstr. 46 - 69115 Heidelberg
Tel. +49 6221 480390 - Fax +49 6221 419008 - Mobil +49 173 6745903
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT