lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: cdowns at drippingdead.com (cdowns)
Subject: RE: By passing surf control

I do the ssh bypass everyday at work ;) works absolutely perfect hehehe.

ssh -C -L 8080:anon.proxyserver.com:3128 user@...t.com
export -p http_proxy=http://127.0.0.1:8080 ; lynx www.google.com

Connect your browser to 127.0.0.1 3128 and fwd over ssh tunnel and out 
anon proxy addy out on the net . . .. you get the idea.

hope this helps.

~!>D

Otero, Hernan (EDS) wrote:

>That is very easy if you can have a machine in the net with ssh server...
>
>With a standard proxy that support CONNECT METHOD (Typically HTTPS
>connections) using putty and a ssh server listening in port 443 you can
>forward any port via tunneling.
>
>Look at your logs looking for an endless HTTPS connection..., with tons of
>traffic.
>
>Regards,
>
>Hern?n
>
>-----Original Message-----
>From: Kudakwashe Chafa-Govha [mailto:KChafa-Govha@...kunitedfla.com] 
>Sent: Mi?rcoles, 25 de Febrero de 2004 17:04
>To: 'pen-test@...urityfocus.com'
>Subject: By passing surf control
>
>Hello Group,
>
>
>Does anyone have any information on how to by pass a web content filter? We
>use Surf Control to monitor and filter web content. However, I have one of
>my users who was able to by pass this. We tried using a proxy to by pass
>just for testing purposes but it did not work. I am still trying to figure
>out what other method he used to do so. If anyone has any information , it
>will be greatly appreciated.
>
>Thanks
>
>Kuda
>
>****************************************************************************
>**********************
>The contents of this email and any attachments are confidential.
>It is intended for the named recipient(s) only.
>If you have received this email in error please notify the system manager or
>the 
>sender immediately. Unless you are the intended recipient or his/her
>representative 
>you are not authorized to, and must not, read, copy, distribute, use or
>retain this 
>message or any part of it. 
>****************************************************************************
>**********************
>
>
>---------------------------------------------------------------------------
>----------------------------------------------------------------------------
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>  
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ