Important
Status: Pre-Alpha
Brought to you by:
y0ug
Menu
▾
▴
#1 Important
I think that UDP and SSL supports should be at the top of your list for new features. An attacker is going to want a secure connection to their newly compromised network and they also want to hide their activities. UDP support opens the door for other types of attacks. What if you have a sweet remote code execution buffer overflow, but its UDP only? Ouch.
This project is pretty leet,
--Mike
http://www.exploit-db.com/author/?a=628
I developed a SSL support with openSSL on the first release (see ssocks-0.0.8-dev-ssl.tar.gz and the readme I explain how it work) I start to implement it in the current version but is not complete. I can take look this week to finish it.
For UDP support this should take me one day of work but I don't have so much time actually, so maybe latter.
Thanks for you support.
Also, this would be such a hot Metasploit Post-Exploitation module.
For metasploit post module, this could be cool :D ( you can do the same thing on windows with meterpreter, autoroute module and socks4 )
I did not look how write a metasploit post module, but I think it can be little tricky, you need to compile the soft in static for all arch you want to support.
I try to take a look this weekend.
So for the ssl is almost done, is on the git repository the archive should be release as soon as I update the doc.
Is not a proper version for now I need to do more test and it can have some blocking because I don't want to thread the ssl negociation when a new client connect on the server. I need to look how I can do the negociation in non-blocking mode.
Feel free to try this version and report bug to help.