RaspberryPi/Reverse SSH Stunnel: Difference between revisions
From charlesreid1
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
We covered setting up a forward SSH tunnel over SSL using stunnel in the [[RaspberryPi/SSH Stunnel]] article, where the Raspberry Pi was the client and the command and control server was a laptop running Kali Linux. | We covered setting up a forward SSH tunnel over SSL using stunnel in the [[RaspberryPi/SSH Stunnel]] article, where the Raspberry Pi was the client and the command and control server was a laptop running Kali Linux. | ||
| Line 4: | Line 5: | ||
Basically, we'll be extending the Reverse SSH procedure to work over stunnel. This will give us a Raspberry Pi that will create a backdoor connection via SSH over SSL, on port 443, so it looks like standard SSL traffic and thus gets past firewalls and intrusion detection systems. | Basically, we'll be extending the Reverse SSH procedure to work over stunnel. This will give us a Raspberry Pi that will create a backdoor connection via SSH over SSL, on port 443, so it looks like standard SSL traffic and thus gets past firewalls and intrusion detection systems. | ||
=What We Will Do= | |||
Thanks to the [[RaspberryPi/SSh Stunnel]] article, we have an SSH command to connect to a local port, and we have an stunnel service to encrypt and forward all that traffic along through port 443 to the remote command and control server's port 443. | |||
So we need two things: | |||
* stunnel service to start on startup | |||
* reverse ssh command to be modified | |||
Revision as of 20:57, 4 August 2015
We covered setting up a forward SSH tunnel over SSL using stunnel in the RaspberryPi/SSH Stunnel article, where the Raspberry Pi was the client and the command and control server was a laptop running Kali Linux.
Now we'll cover the extension of that scenario to our reverse SSH scenario: RaspberryPi/Reverse SSH
Basically, we'll be extending the Reverse SSH procedure to work over stunnel. This will give us a Raspberry Pi that will create a backdoor connection via SSH over SSL, on port 443, so it looks like standard SSL traffic and thus gets past firewalls and intrusion detection systems.
What We Will Do
Thanks to the RaspberryPi/SSh Stunnel article, we have an SSH command to connect to a local port, and we have an stunnel service to encrypt and forward all that traffic along through port 443 to the remote command and control server's port 443.
So we need two things:
- stunnel service to start on startup
- reverse ssh command to be modified