AlexeyG
Mar 1 2004, 09:06 PM
Hello, I am looking for a small non gui utility, that would redirect ports from the PC it runs on to another ip and another port. And may be also run on startup in steathmode.  Anyone knows if there is something like this? I looked a bit (I am not such a good searcher), but didn't find anything. I anyone has a prog like this or information, please share it Best Regards, Alex.
linux_dude
Mar 1 2004, 10:20 PM
Are you using Unix or Windows?
wicked
Mar 1 2004, 10:27 PM
yep just Click Here and I Believe that this is what youre Looking for.. Wkd.. Duckular has the goodies... 
daguilar01
Mar 2 2004, 03:05 AM
what hes looking for is a redirecter type thing and your link wicked is a socks proxy, as far as i know it doesnt redirect traffic
linux_dude
Mar 2 2004, 03:23 AM
You'll answer my OS question eventually, until you do, here's two links to suite whatever your answer is: Windows: Fpipe.exe http://www.foundstone.com/resources/termso...le=fpipe2_1.zip*nix: Datapipe.c http://www.packetstormsecurity.nl/unix-exp...oits/datapipe.c- Yes, this is SOURCE so don't ask why it doesnt execute :-p Neither supports the stealthmode startup you want though, they'll show up as running processes, but rootkits can handle that.
wicked
Mar 2 2004, 04:32 AM
Interesting Have decided to put a little more info up for future Refference:
| CODE | ------------------------------------------------------------------------------
FPipe v2.1 - Port redirector.
Copyright 2000 (c) by Foundstone, Inc.
http://www.foundstone.com
------------------------------------------------------------------------------
FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream
with a source port of your choice. This is useful for getting past firewalls
that allow traffic with source ports of say 23, to connect with internal
servers.
Usually a client has a random, high numbered source port, which the firewall
picks off in its filter. However, the firewall might let Telnet traffic
through. FPipe can force the stream to always use a specific source port, in
this case the Telnet source port. By doing this, the firewall 'sees' the
stream as an allowed service and let's the stream through.
FPipe basically works by indirection. Start FPipe with a listening server
port, a remote destination port (the port you are trying to reach inside
the firewall) and the (optional) local source port number you want. When
FPipe starts it will wait for a client to connect on its listening port.
When a listening connection is made a new connection to the destination
machine and port with the specified local source port will be made - creating
the needed stream. When the full connection has been established, FPipe
forwards all the data received on its inbound connection to the remote
destination port beyond the firewall.
FPipe can run on the local host of the application that you are trying to use
to get inside the firewall, or it can listen on a 3rd server somewhere else.
Say you want to telnet to an internal HTTP server that you just compromised
with MDAC. A netcat shell is waiting on that HTTP server, but you can't
telnet because the firewall blocks it off. Start FPipe with the destination
of the netcat listener, a listening port and a source port that the firewall
will let through. Telnet to FPipe and you will be forwarded to the NetCat
shell. Telnet and FPipe can exist on the same server, or on different servers.
------------------------------------------------------------------------------
*** IMPORTANT ***
Users should be aware of the fact that if they use the -s option to specify
an outbound connection source port number and the outbound connection becomes
closed, they MAY not be able to re-establish a connection to the remote
machine (FPipe will claim that the address is already in use) until the
TCP TIME_WAIT and CLOSE_WAIT periods have elapsed. This time period can range
anywhere from 30 seconds to 4 minutes or more depending on which OS and
version you are using. This timeout is a feature of the TCP protocol and is
not a limitation of FPipe itself.
The reason this occurs is because FPipe tries to establish a new connection
to the remote machine using the same local IP/port and remote IP/port
combination as in the previous session and the new connection cannot be made
until the TCP stack has decided that the previous connection has completely
finished up.
------------------------------------------------------------------------------
Connection illustration
-----------------------
The connection terminology used in the program and in the following
documentation can be shown in the form of the following diagram.
Local Machine <----------> FPipe server <---------> Remote machine
Inbound Outbound
connection connection
------------------------------------------------------------------------------
This is the usage line as reported by typing "FPipe", "FPipe -h" or
"FPipe -?".
FPipe v2.1 - TCP/UDP port redirector.
Copyright 2000 (c) by Foundstone, Inc.
http://www.foundstone.com
FPipe [-hvu?] [-lrs <port>] [-i IP] IP
-?/-h - shows this help text
-c - maximum allowed simultaneous TCP connections. Default is 32
-i - listening interface IP address
-l - listening port number
-r - remote port number
-s - outbound source port number
-u - UDP mode
-v - verbose mode
Detailed option descriptions
----------------------------
-h or -?
Shows the usage of the program as in the above text.
-c
Specifies the maximum number of simultaneous TCP connections that the program
can handle. The default number is 32. If you are planning on using FPipe
for forwarding HTTP requests it might be advisable to raise this number.
-i
Specifies the IP interface that the program will listen on. If this option is
not used FPipe will listen on whatever interface the operating system
determines is most suitable.
-l
Specifies the FPipe listening server port number. This is the port number
that listens for connections on the FPipe machine.
-r
Specifies the remote port number. This is the port number on the remote
machine that will be connected to.
-s
Specifies the outbound connection local source port number. This is the
port number that data sent from the FPipe server machine will come from
when sent to the remote machine.
-u
Sets the program to run in UDP mode. FPipe will forward all UDP data sent
to and received from either side of the FPipe server (the machine on which
FPipe is running). Since UDP is a connectionless protocol the -c option is
meaningless with this option.
-v
Verbose mode. Additional information will be shown if you set the program
to verbose mode.
IP
Specifies the remote host IP address.
------------------------------------------------------------------------------
To best illustrate the use of FPipe here is an example.
Example #1:
fpipe -l 53 -s 53 -r 80 192.168.1.101
This would set the program to listen for connections on port 53 and
when a local connection is detected a further connection will be
made to port 80 of the remote machine at 192.168.1.101 with the
source port for that outbound connection being set to 53 also.
Data sent to and from the connected machines will be passed through. |
Wkd..
Looks Good...
Link Above in Linux-Dudes post
MadMaddy
Mar 2 2004, 04:49 AM
holy crap, I was just looking for this exact tool. I guess it pays to search. thanks for the info linux_dude and wicked!
AlexeyG
Mar 2 2004, 05:42 AM
Thank you for your help  I will check all out when i will be back home
stonebreaker
Mar 2 2004, 12:13 PM
try this software PortMap1.6 it is a gui software
run on windows
you can use google to search it and download
LittleHacker
Apr 18 2004, 03:29 PM
why don't you try Piping
migo
Apr 18 2004, 03:49 PM
hey take a look at this Linkchoose w will suit ur needs best regards migo
LKM
Apr 18 2004, 04:36 PM
The rootkit hackerdefender also have a redirection port tool which is built in  It works well, I tested it.
illusion6
Apr 19 2004, 05:41 AM
kool just wat i was after comins in helpful at retched unis and schools trying to disable it
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
|
