SOCKS Over RDP/Citrix – Pentesting Over Jump Boxes
In 2023, some penetration testers are still struggling with what should be basic tasks, such as testing over jump boxes; which is quite a common request from clients. Although there have been many attempts to try to solve this issue in different ways, there was nothing that could be used effectively from the perspective of time and effort. A new tool was assembled a few years ago that creates a virtual channel over an RDP connection (also support Citrix now) and spins up a SOCKS5 proxy on a remote host, just like SSH’s –D switch. This solution could easily and effectively solve the recurring problems that penetration testers experience when trying to test via such restrictions.
About the Speaker
Balazs Bucsay is the founder & CEO of Mantra Information Security that offers a variety of consultancy services in the field of IT Security. With decades of offensive security experience he is focusing his time mainly on research in various fields including Red Teaming, Reverse Engineering, embedded devices, firmware emulation, CI/CD and cloud. He gave multiple talks around the globe (Singapore, London, Melbourne, Honolulu) on different advanced topics and released several tools and papers about the latest techniques. He has multiple certifications (OSCE, OSCP, OSWP) related to penetration testing, exploit writing and other low-level topics and degrees in Mathematics and Computer Science. Balazs thinks that sharing knowledge is one of the most important things, so he always shares it with his peers. Because of his passion for technology he starts the second shift right after work to do some research to find new vulnerabilities.