search

SECFORCE / sparta

Network Infrastructure Penetration Testing Tool
GNU General Public License v3.0
1.62k stars 445 forks source link

ENHANCEMENT REQUEST: Add support for socks proxies #124

Closed ghost-ng closed 4 years ago

ghost-ng commented 4 years ago

Hello again,

Currently I am doing a pentest exercise and I'd like to be able to "take this tool with me." What I mean is, integrate some proxy support. I'd like to be able to run this through my reverse socks proxy tunnel. I've tried simply invoking proxychains but it doesnt seem to work (as in all responses come back filtered). When I run the proxychains and nmap commands manually (copy/pasted from the debug log) it works.

[DEBUG] Running: nmap -Pn -F -T5 -vvvv 10.1.1.27 -oA "/tmp/sparta-75r25q0h-running/nmap/20200613090946-nmapfasttcp-10.1.1.27"
[DEBUG] Adding process to DB: nmap
[+] Parsing nmap xml file: /home/kali/Documents/Labs/pwk-lab-tool-output/nmap/20200613090946-nmapfasttcp-10.1.1.27.xml
        [+] The process is done!
        [+] Finished in 0.9970197677612305 seconds.
kali@kali:~/Documents/Labs/pwk-lab-tool-output$ cat /home/kali/Documents/Labs/pwk-lab-tool-output/nmap/20200613090946-nmapfasttcp-10.1.1.27.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.80 scan initiated Sat Jun 13 09:09:46 2020 as: /usr/bin/nmap -Pn -F -T5 -vvvv -oA /tmp/sparta-75r25q0h-running/nmap/20200613090946-nmapfasttcp-10.1.1.27 10.1.1.27 -->
<nmaprun scanner="nmap" args="/usr/bin/nmap -Pn -F -T5 -vvvv -oA /tmp/sparta-75r25q0h-running/nmap/20200613090946-nmapfasttcp-10.1.1.27 10.1.1.27" start="1592053786" startstr="Sat Jun 13 09:09:46 2020" version="7.80" xmloutputversion="1.04">
<scaninfo type="connect" protocol="tcp" numservices="100" services="7,9,13,21-23,25-26,37,53,79-81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157"/>
<verbose level="4"/>
<debugging level="0"/>
<taskbegin task="Parallel DNS resolution of 1 host." time="1592053786"/>
<taskend task="Parallel DNS resolution of 1 host." time="1592053786"/>
<taskbegin task="Connect Scan" time="1592053786"/>
<taskend task="Connect Scan" time="1592053792" extrainfo="100 total ports"/>
<host starttime="1592053786" endtime="1592053792"><status state="up" reason="user-set" reason_ttl="0"/>
<address addr="10.1.1.27" addrtype="ipv4"/>
<hostnames>
</hostnames>
<ports><port protocol="tcp" portid="7"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="echo" method="table" conf="3"/></port>
<port protocol="tcp" portid="9"><state state="filtered" reason="no-response" reason_ttl="0"/>
...CUT...
**<port protocol="tcp" portid="80"><state state="filtered" reason="no-response" reason_ttl="0"/>**<service name="http" method="table" conf="3"/></port>
<port protocol="tcp" portid="81"><state state="filtered" reason="no-response" reason_ttl="0"/><service name="hosts2-ns" method="table" conf="3"/></port>
kali@kali:~/Documents/Labs$ proxychains nmap -Pn -T5 -vvvv 10.1.1.27 -p 80 -oA "/tmp/sparta-75r25q0h-running/nmap/20200613090946-nmapfasttcp-10.1.1.27"
[proxychains] config file found: /home/kali/Documents/Labs/proxychains.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
Starting Nmap 7.80 ( https://nmap.org ) at 2020-06-13 09:13 EDT
Initiating Parallel DNS resolution of 1 host. at 09:13
Completed Parallel DNS resolution of 1 host. at 09:13, 0.01s elapsed
DNS resolution of 1 IPs took 0.01s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating Connect Scan at 09:13
Scanning 10.1.1.27 [1 port]
[proxychains] Strict chain  ...  127.0.0.1:1080  ...  10.1.1.27:80  ...  OK
Discovered open port 80/tcp on 10.1.1.27
Completed Connect Scan at 09:13, 0.06s elapsed (1 total ports)
Nmap scan report for 10.1.1.27
Host is up, received user-set (0.057s latency).
Scanned at 2020-06-13 09:13:32 EDT for 0s

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
ghost-ng commented 4 years ago

Closing, works as proxychains4 sparta