SOCKS Proxy - Pentest Geek Definition

SOCKS Proxy

SOCKS Proxy

SOCKS Proxy: Definition

A Socket Secure Proxy (SOCKS Proxy) is a Layer 5 tunnel usually implemented via SSH which allows a user to forward TCP traffic through an encrypted tunnel to a destination server. This causes the packet’s source IP Address to appear as if it was originating from the proxy server or Jump Box rather than the user’s machine.

In above example, the proxy server is acting as the Man In The Middle. A SOCKS Proxy can be especially useful during a penetration test when you need to obey the Rules Of Engagement and ensure that all testing traffic originates from a designated source IP or range of IPs.

Additionally, a SOCKS Proxy can be leveraged to establish Persistent Access into an otherwise unreachable subnet if implemented on a compromised host during a penetration test.

Lastly, a SOCKS Proxy is commonly used to provide an additional layer of anonymity while browsing the Internet. A user configures their web browser to connect to the SOCKS Proxy and route all HTTP requests through the Jump Box. Visit the following link for additional information. https://en.wikipedia.org/wiki/SOCKS

SOCKS Proxy: Setup

To setup a SOCKS Proxy simply create an SSH connection to your proxy server by issuing the following command.

$ ssh username@proxyserver -D 54321

This will open up port 54321 on your local machine and create a SOCKS Proxy which can be used by many different applications to tunnel traffic. In Mac OSX you can create a system wide SOCKS Proxy. Use the settings from the graphic above.

You can configure your web browser to use the SOCKS Proxy as well simply by modifying the proxy configuration settings. Here is an example of what that looks like in Mozilla Firefox.
SOCKS Proxy Mozilla Firefox

SOCKS Proxy: Related Content

The related content below contains a detailed demonstration of this technique being used during a Web Penetration Test.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share This

Recent Posts

Subscribe To Our Mailing List

Become a Web App Penetration Tester

Penetration Testing

Categories

Metasploit

Web Application Hacking


Copyright 2018

css.php

Are You Using the Top 5 Pentest Tools?

Enter your email address to download your copy of our FREE e-book and find out now!

Thank you, now go check your email!!