SOCKS Proxy: Definition
A Socket Secure Proxy (SOCKS Proxy) is a Layer 5 tunnel usually implemented via SSH which allows a user to forward TCP traffic through an encrypted tunnel to a destination server. This causes the packet’s source IP Address to appear as if it was originating from the proxy server or Jump Box rather than the user’s machine.
In above example, the proxy server is acting as the Man In The Middle. A SOCKS Proxy can be especially useful during a penetration test when you need to obey the Rules Of Engagement and ensure that all testing traffic originates from a designated source IP or range of IPs.
Additionally, a SOCKS Proxy can be leveraged to establish Persistent Access into an otherwise unreachable subnet if implemented on a compromised host during a penetration test.
Lastly, a SOCKS Proxy is commonly used to provide an additional layer of anonymity while browsing the Internet. A user configures their web browser to connect to the SOCKS Proxy and route all HTTP requests through the Jump Box. Visit the following link for additional information. https://en.wikipedia.org/wiki/SOCKS
SOCKS Proxy: Setup
To setup a SOCKS Proxy simply create an SSH connection to your proxy server by issuing the following command.
$ ssh username@proxyserver -D 54321
This will open up port 54321 on your local machine and create a SOCKS Proxy which can be used by many different applications to tunnel traffic. In Mac OSX you can create a system wide SOCKS Proxy. Use the settings from the graphic above.
You can configure your web browser to use the SOCKS Proxy as well simply by modifying the proxy configuration settings. Here is an example of what that looks like in Mozilla Firefox.
SOCKS Proxy: Related Content
The related content below contains a detailed demonstration of this technique being used during a Web Penetration Test.
- https://www.pentestgeek.com/web-applications/burp-suite-tutorial-1 – An introduction to web application penetration testing with Burp Suite. Discusses initial configuration and a basic overview of web testing methodology.
Subscribe to Pentest Geek
Follow Pentest Geek
- Recovering Passwords From Hibernated Windows Machines
- How To Install Metasploit Framework Ubuntu 14.04
- How to Install Nmap From Source
- Another Lap Around Microsoft LAPS
- Credential Harvesting via MiTM – Burp Suite Tutorial
- Forensics and Incident Response
- Information Gathering
- Penetration Testing Tutorials
- Web Applications