WARNING!!

Shadow Security Scanner has a feature to allow scanning a remote machine through a SOCKS proxy.

It will *start* to do the scan through the socks, but then about 1/3 of the way in, almost EVERY TIME, just silently stop using the socks and starts sending the packets directly!

If you are trusting that the thing is using socks, you will get yourself in big trouble!

Heads up for anyone using SSS! (and if you weren't, except for this GIANT fvckup on their part, you should because SSS is otherwise a kick ass scanner)

Just curious, how do you find that out? Did you setup a honeypot on your box and scan yourself?

sniffing

maybe the proxie timed out..or switched off?.... maybe instead of crashing & returning no results it defaults to your ip ?.. only guessing.... i use sss all the time... 10/10

I sniffed the connection. All was cool, going through my socks, then the socks froze up (sigh, and its a high quality socks, oh well) and then SSS, without a blink or warning, just started sending the packets directly. I cannot stress enough how *DEEPLY FVCKED* this action is -- that can get someone sent to prison. In my case, my first few hops are untracable to me so I was ok, but this can totally screw someone else, which is why I send the warning out.

What was really apalling is that the developers couldn't care less, and were censoring any mention of this on their boards (I saw one post on there where this pissed off guy was ranting about how they sensored this issue)...

anyway just know that you can't always trust the app you are using to do what it says. It might as well have picked up the phone and dialed 911 and screamed I'm a hacker terrorist come arrest my ass immediately, then recited my full real name, social security, phone number, address, and dick size. For crying out loud this SSS is *dangerously* broken right now. Do not use!!

you could use netcap(i think is the name) or hopster. and but in there the sock server.. then you are for sure it doesn't send directly

Port scanning can't get you sent to prison, unless your scanning the FBI or something.

fwiw, the security assessment sss does is more than portscanning, and it does try to guess valid usernames and passwords, etc things that are clearly illegal and there is a lot of case precedent in the US anyway that this will get you a charge (US Code 1029 Unauthorize Access Device Fraud, where they consider passwords access devices).

Also I am very aware of the socksifying software, I use sockschain, freecap, and have in the past used permeo and sockscap etc... they ALL suck. Nothing will wrap an entire scan for you. Most of the software I use can't be wrapped.

This, by the way, is why I was asking for help with pptp earlier ;) for those who know...

yeah i have this same problem with numerous programs... i find they best was it to remote scan... sfind/hscan/xcan/ etc

Well, if you're deliberately attacking systems, you should be willing to take that risk, or not do it at all .



-Shaun.