For those admins that are trying to keep a lock down on who gets out to the internet, here's a warning, there's a new way to get out to HTTP sites, if you have access to an SMTP server.
From: https://www.infosecisland.com/blogview/3447-Http-over-SMTP-Proxy.html
In some cases you find your self in need of a way to navigate the website and you have no internet connection.
Hosproxy is a tool designed to let you access the web in a LAN without internet connection but with access to an E-mail system only.
This tool consists of two parts:
• HosTunnel: You need an external server (outside LAN) which must be running HoSTunnel (with root privileges to listen on port 25) and which receives and sends emails with encoded and packaged http requests/responses.
• HoSProxy: An internal proxy connected to the web browser, that sends HTTP request trough emails via the company SMTP server, and polls for responses in the company POP/IMAP server.
For configuration you only need to configure HoSProxy, not HosTunnel. HoSProxy contains the following config file (hosproxy.cfg)
[CFG]
# Your smtp server for outgoing mails, for example:
#smtp.myserver.com
local_smtp_server=
# Y or N
smtp-auth=N
smtp-user=cdelojo@edge-security.com
smtp-pass=
# Specify your Mail access server protocol (pop, imap,
#imapssl, popssl)
mail_retrieve_protocol=pop
# Your mail access server server for incoming mails, for
#example: pop3.myserver.com
mail_access_server=
#Your username to connect to your mail access server
mas_user=cdelojo@edge-security.com
#YOUR PASSWORD WILL BE PROMPTED IF YOU WANT but you can
#configure it
mas_passwd=
#Your email, account used for recive http responses
email=cdelojo@edge-security.com
#This is the e-mail address to send the HTTP-requests, the
#user name can be random eg. asdf@external-server.com
ext_email=asdf@ligual.net
Run hosproxy.exe and you can browse any site.
Wednesday, March 31, 2010
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment