HAVOC
  • Home

SOCKS Over RDP – Pentesting Over Jump Boxes

8:00pm-8:35pm (GST)
Balazs Bucsay / Managing Security Consultant at NCC Group  

In 2020, some penetration testers are still struggling with what should be basic tasks, such as testing over jump boxes; which is quite a common request from clients. Although there have been many attempts to try to solve this issue in different ways, there is nothing that could be used effectively from the perspective of time and effort. At the moment Balaz is assembling a tool that creates a virtual channel over an RDP connection and spins up a SOCKS5 proxy on a remote host, just like SSH’s –D switch. This solution could easily and effectively resolve the recurring pain points that penetration testers experience when trying to test via such restrictions.