Reverse SSH over Tor on the Pwnie Express
The Pwnie Express (PwnPlug) is a great little tool for hackers, pentesters and social engineers alike. While I don’t advocate the use of a Pwnie for illicit purposes, I was intrigued about using it as an untraceable tap into a network. Out of the box the Pwnie allows you to configure reverse SSH connections, exfiltrated over a number of different protocols including HTTP, SSL, ICMP and DNS.
While these are great for getting out of controlled networks, they all require the Pwnie to be configured with the IP address of your SSH server, which could potentially be traced back to you. It also requires your SSH server to be able to directly receive connections at the IP/hostname configured on the Pwnie. While one could run an SSH server on a proxy box somewhere, I felt that was too primitive, so I installed Tor on my Pwnie and configured a Tor Hidden Service on my SSH server.
Note: For the purposes of this tutorial, the SSH server will be running on BackTrack 5. I’m assuming you’ve already performed the initial Pwnie Express setup steps on the server! Check out my PwnieScripts to help speed up and automate the Pwnie setup.
These instructions do not yet work on Pwn Plug software >= 1.1 as they’ve changed the layout of things! Will update this post when I get the time.
Egyptian Government Fighting Protesters, Shuts Down Internet
The biggest news story of this week will most probably be the recent protests currently taking place in Egypt, where the people are fighting to oust existing President Mubarak, and have the right to vote. The current Egyptian government has essentially had dictatorial powers since 1981. Since then Egypt has had a few uprisings, each quashed with the use of force by the government. The latest protests have been sparked by the Tunisian uprising that resulted in the successful ousting of President Ben Ali.
Since the start of the current protests on 25 January 2011, the government has brought in riot police, armored trucks, tear gas, and even called in the counter-terrorism unit. The government announced that all protesters would be immediately arrested, and several protesters and one police office have already been killed. The Associated Press have footage of a protester being shot down by a police sniper.
As the Internet has been the primary form of communication for protesters, Egypt has seen most popular social networking sites including Facebook and Twitter, blocked. As of this post, the Egyptian government has apparently been able to largely shut down Internet access for the entire country (apart from one network). A large number of messages are still reaching Twitter, presumably by proxy, as well as videos being posted on YouTube. Some Egyptians who manage to get online have been using Tor to get around the ISP censorship, and people are currently being urged to run Tor Exit Nodes to help out.
On Friday 28th of January, there is expected to be an even larger protest after noon prayers, and there are rumors that the government will be shutting down all landlines, mobiles and the Internet in an attempt to quell organization, as well as calling in further reinforcements. The question is being asked whether this could be the final Revolution.
[Update 11/02/2011] Mubarak removed as president by the military. Congratulations to all Egyptians for persevering in you fight for freedom. You deserve it.
[Updated] Live Al Jazeera coverage of the Egypt protests, and a full timeline of events. Definitely check out the great video below:
<br />
Loading ...
