Feature #326
Add autoproxy detection to payloads
| Status: | Rejected | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | HD Moore | % Done: | 0% |
|
| Category: | general | |||
| Target version: | Open Backlog | |||
| Resolution: | How To Use: | |||
| Release Note: |
Description
Add to payloads the ability to autodetect proxy settings. Many Windows Internet capable clients do this today automatically by reading what IE has set for proxy settings and using Integrated Windows Authentication (IWA) to pass along the logged in user credential automatically to the proxy server. Also allow the pentester to specify a specific proxy setting and credential (pass-the-hash too) in case autodetection is not successful. Would be a nice option for reverse_tcp to tunnel back out using a proxy setting where firewall do not allow direct outbound access from the clients. Can be an option for Unix/Linux systems as well that have the http_proxy, proxy_user and proxy_pass env vars set.
History
#1 Updated by HD Moore over 2 years ago
This is difficult to do while maintaining a useful payload size, bumping to 3.4 to see if there is a cleaner way to do it (VBS stagers, like passivex maybe).
#2 Updated by James Lee about 2 years ago
- Target version changed from Metasploit 3.4.0 to Metasploit 3.4.1
#3 Updated by James Lee almost 2 years ago
- Target version changed from Metasploit 3.4.1 to Open Backlog
On Windows we now have the reverse_https stager which uses the proxy configured for IE, if I'm not mistaken. In Linux/BSD, this is less likely to be possible since there are so many different ways to specify a proxy. An Apache server is unlikely to have a http_proxy environment variable, for example.
Either way this requires a ton of work. Pushing out indefinitely.
#4 Updated by HD Moore over 1 year ago
- Status changed from New to Rejected
Closing this because it is unrealistic and not worth tracking. The reverse_https does this today, but non-Windows will not have a straightforward method of detecting a proxy anyways.
#5 Updated by Alla Bezroutchko 3 months ago
Is it possible to add proxy detection to reverse_http on Windows? Currently it works for reverse_https, but not for reverse_http.