Stunnel/Mac

From charlesreid1

Revision as of 01:29, 3 February 2016 by Admin (talk | contribs) (→‎Port Forward)

Building

Building stunnel on a mac:

Getting

Get stunnel download from here:

https://www.stunnel.org/downloads.html

Compiling

Verify downloaded thing with 

openssl dgst -sha256 stunnel-5.30.tar.gz
./configure && make && sudo make install

Certifying

Now make certificate: 

$ sudo make cert

Finding

If you want to know where everything went, it is all in /usr/local.

Config file: /usr/local/etc/stunnel/stunnel.conf

Pem certificate file: /usr/local/etc/stunnel/stunnel.pem

Binary: /usr/local/bin/stunnel

Prepare to Stunnel

At this point, you will want to prepare to run SSH traffic through Stunnel to the command-and-control server.

Copy Private Key from Command and Control

Get the private key from the command and control server to the client machine, either using scp (over a potentially untrusted/observed/man-in-the-middle'd connection, so be wary) or using a higher verification level (more here: [1]).

This will go in your stunnel etc folder, /usr/local/etc/stunnel/stunnel.pem.

Port Forward

Now that you have the command and control server's certificate, you have to open your client firewall to outgoing SSL connections.

Open System Preferences > Security > Firewall. You can open the firewall completely or on specific ports.

Retrieved from "https://charlesreid1.com/w/index.php?title=Stunnel/Mac&oldid=9238"