Added Reverse Port Forward Functionality #201
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added Grunt with functionality of port forwarding.
Added the Grunt with the Port Forward functionality.
This stager is exactly the same as the one from GruntHTTP.
|
this is so awesome, it is a feature i have been wanting to see added. I also would love a socks server added. Thanks for doing this. |
Fixed missing libs
Minor bugs and optimized connection speed of forwarded routes.
|
Wow, amazingly the meterp/metasploit version of this is actually simpler in terms of code volume. Kudos. Being able to present services remotely is key - DHCP and DNS alone can be priceless, and stateful stuff inside the trusted intranet zone is always fun. |
|
Any update on this ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hello everyone!!
I just added fully working reverse port forward functionality to covenant. It doesn't bind to any port in the machine with the Grunt. The Grunt only connects to the destination and the C2.
The user can connect to the VPS and the selected port. The C2 is responsible to bind to a port and forward the traffic to the Grunt and then, to the destination. The whole procedure is pretty much similar to portfwd from meterpreter.
I tried to add the functionality directly to a task without touching other things... but that was not possible. I had to add a PortForward dummy task only to have the Task option in the Grunts. The handlers are actually in the new GruntHTTPPortForward and, in the CovenantService (responsible for bind to the port and forwarding the traffic).
I also modified the DbInitializer only to add the new Grunt.
In case you guys need more details feel free to ask.
Thank you!!