Jump to content


Photo
- - - - -

How to not get caught - Hacking through socks proxies


  • Please log in to reply
13 replies to this topic

#1 Mr.Orange

Mr.Orange

    Will I break 10 posts?

  • Members
  • 8 posts

Posted 26 April 2008 - 11:20 PM

I'm wondering what everyone uses to avoid being tracked down.
Obviously I doubt anyone here hacks from their own internet connection, but apart from using another internet connection, what else do you do?

Do you have a compromised box you connect to and hack from?
Do you hack through proxies?
Any other ways?

For people with a compromised box on another network somewhere, how did you do it? A simple trojan/vnc/TS/etc on someones computer, or did you modify a linksys/pda/etc and plant it somewhere?

For people who hack through proxies, any details?
I've been playing with using "SocksChain" to link socks proxies together, and the using "FreeCap" to force apps to route their traffic through SockChain. It *works*, but I'm not sold on it. I tried using IE through it just as a test, and it worked like gold. I then tried Firefox and without warning it just bypassed the proxies and went out my own connection. Not good. There has to be a better way.

Lastly, has anyone played around with using something like a FreeCap type program to force an entire VMware computer through proxies so that you don't have to worry about making sure each app goes through the proxy right, you just boot your VM and you're good? If it's possible, it would make life a lot easier.



Thanks

#2 deadwax

deadwax

    HACK THE PLANET!

  • Members
  • 58 posts

Posted 26 April 2008 - 11:44 PM

I'm kind of paranoid about using open proxies. For example, how do I know that whoever is running the proxy server isn't keeping logs? How do I know it's not actually some kind of honeypot runned by the feds? Those are things you can never be too certain of. Instead, I use Tor. I "sockisfy" my programs to connect via Tor by using FreeCap.

#3 radar

radar

    I broke 10 posts and all I got was this lousy title!

  • Members
  • 19 posts

Posted 26 April 2008 - 11:58 PM

I'm kind of paranoid about using open proxies. For example, how do I know that whoever is running the proxy server isn't keeping logs? How do I know it's not actually some kind of honeypot runned by the feds? Those are things you can never be too certain of. Instead, I use Tor. I "sockisfy" my programs to connect via Tor by using FreeCap.

dude what is there to be so paranoid about?

#4 Mr.Orange

Mr.Orange

    Will I break 10 posts?

  • Members
  • 8 posts

Posted 27 April 2008 - 12:17 AM

I'm kind of paranoid about using open proxies. For example, how do I know that whoever is running the proxy server isn't keeping logs? How do I know it's not actually some kind of honeypot runned by the feds? Those are things you can never be too certain of. Instead, I use Tor. I "sockisfy" my programs to connect via Tor by using FreeCap.



Thanks. That's a good point.
So you've found FreeCap to be reliable enough?
Any hints on getting a command prompt(cmd.exe) to work through it?

#5 deadwax

deadwax

    HACK THE PLANET!

  • Members
  • 58 posts

Posted 27 April 2008 - 12:30 AM

I'm kind of paranoid about using open proxies. For example, how do I know that whoever is running the proxy server isn't keeping logs? How do I know it's not actually some kind of honeypot runned by the feds? Those are things you can never be too certain of. Instead, I use Tor. I "sockisfy" my programs to connect via Tor by using FreeCap.



Thanks. That's a good point.
So you've found FreeCap to be reliable enough?
Any hints on getting a command prompt(cmd.exe) to work through it?

Yes, I find FreeCap reliable. I have no problems at all getting cmd.exe to work through it. Simply add cmd.exe to your list of applications. Should work without any problems.

#6 duper

duper

    Dangerous free thinker

  • Members
  • 816 posts
  • Location:NYC

Posted 27 April 2008 - 12:50 AM

I'm kind of paranoid about using open proxies. For example, how do I know that whoever is running the proxy server isn't keeping logs? How do I know it's not actually some kind of honeypot runned by the feds? Those are things you can never be too certain of. Instead, I use Tor. I "sockisfy" my programs to connect via Tor by using FreeCap.


How do you know that your tor exit node isn't being operated by the fedz?

#7 deadwax

deadwax

    HACK THE PLANET!

  • Members
  • 58 posts

Posted 27 April 2008 - 01:08 AM

How do you know that your tor exit node isn't being operated by the fedz?

That's true, I don't. But I still feel somewhat safer using Tor than I do connecting directly through a proxy. At least the person operating the exit node can't determine where the data is being sent from/to.

Edited by deadwax, 27 April 2008 - 01:16 AM.


#8 Mr.Orange

Mr.Orange

    Will I break 10 posts?

  • Members
  • 8 posts

Posted 27 April 2008 - 01:16 PM

Yes, I find FreeCap reliable. I have no problems at all getting cmd.exe to work through it. Simply add cmd.exe to your list of applications. Should work without any problems.


Thanks again. I'll look at it more. Right now it launches off the cmd shell, but closes right away.
I'll figure it out.

Have you ever played around with getting an entire VM to work through freecap/tor?
Say add all the VM services, and startup exes to freecap and then everything you do inside the VM should automatically be protected. Seems like if it worked it would make things infinitively easier.

#9 hbp

hbp

    rekcah-rebÜ

  • Members
  • 709 posts

Posted 27 April 2008 - 01:32 PM

TORIFY

#10 Mr.Orange

Mr.Orange

    Will I break 10 posts?

  • Members
  • 8 posts

Posted 27 April 2008 - 01:47 PM

TORIFY


lol. What?

#11 operat0r

operat0r

    Dangerous free thinker

  • Members
  • 793 posts
  • Location:ops

Posted 28 April 2008 - 04:47 PM

just own an AP nearby ... done .. you get ownage and you can download madonna songs all at the same time with blazing speed !

#12 chown

chown

    SUPR3M3 31337 Mack Daddy P1MP

  • Moderating Team
  • 493 posts
  • Country:
  • Gender:Male
  • Location:Floating on a sea of hydrogen

Posted 29 April 2008 - 11:45 AM

Yay! Madonna songs!!
Tho actually I like totally like think Britney Spears is like sooo much awesomer!

*choke*

Anyway, not to quote bash or anything, but universities do tend to have vast amounts of free (untraceable) bandwidth floating in and around them. As well as many vulnerable boxen, i.e. those that have been deployed and forgotten about.

Edited by chown, 29 April 2008 - 11:47 AM.


#13 systems_glitch

systems_glitch

    Dangerous free thinker

  • Moderating Team
  • 1,657 posts
  • Gender:Male

Posted 29 April 2008 - 02:13 PM

Anyway, not to quote bash or anything, but universities do tend to have vast amounts of free (untraceable) bandwidth floating in and around them. As well as many vulnerable boxen, i.e. those that have been deployed and forgotten about.

Yeah, this is very true...I've seen people use library computers for torrenting big things, since a majority of the machines around our university are completely open -- they all run DeepFreeze, but that only kicks in when the machine is restarted. There's no logins, etc, required to use them, either -- just don't check your e-mail while you're doing something you're not supposed to. The wireless here does require a university-registered login, but there are some rogue access points, especially around the dorms, that don't require even WEP.

I've thought about building a small, cheap, deployable "pre-0wned" system -- something embedded, like a Pico-ITX machine or the little Nagasaki MS-2100 or the Soekris Net4501 router I have, that could be plugged into power and Ethernet in a classroom ceiling or a wiring closet and left to itself. Around here, I doubt something like that would get noticed unless a repair in its location was required...and even then, only if it looked really out of place (i.e. power running from a light socket or something). Perhaps include either a small Ethernet hub, or dual Ethernet ports, so that you could route existing traffic through the machine, adding another layer of confusion, or perhaps even using it for MITM if you'd spliced it into the Ethernet before a major switch or wireless AP. The machines I mentioned are small enough they could easily fit inside a drop ceiling or an air duct, if Ethernet was being ran through a plenum. I've just never really had a reason to build one, other than Proof-of-Concept, since I don't do much "bad" stuff to systems I don't already own.

#14 NodeRazor

NodeRazor

    H4x0r

  • Members
  • 31 posts
  • Location:/

Posted 02 May 2008 - 11:39 PM

5.8 GHz 25dB Wireless Lan Dish Antenna + <public/private access point, as far as possible from where you at> + spoofed mac address of your pc + some sort of proxy (any at this point), since you are using remote access point.




BinRev is hosted by the great people at Lunarpages!