Sign in

security researcher and penetration tester. twitter: @kali_null

  1. AWS instance for pivoting
  2. Target box on the network we are ̶h̶a̶c̶k̶i̶n̶g̶ testing.
  1. Open port 8080 in the security rules
  2. Create new user: adduser revconnect (or whatever user name) and give the user sudo privileges: usermod -aG sudo…

searchsploit output
cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb /root/.msf4/modules/exploits/cgi/webapps/

  1. Spin up a Squid proxy server on the remote instance:

  • Install tor service(not the TorBrowser bundle). On Mac you can do it with “brew install tor”. If you don’t have brew installed run this command:
/usr/bin/ruby -e “$(curl -fsSL
  • Run tor service with the following command: brew service start tor. If you do brew service list you should see tor running:
  • Set manual proxy configuration to port 8080
  • Make sure SOCKS is set to v5. V4 is not supported.

  1. Get Ubuntu or other Debian instance. Red Hat (ie Amazon instance is missing some dependancies).
  2. Follow Make sure to install Ruby. You can just do sudo apt-get install ruby-full
  3. Move to beef directory and ./install
  4. Add your instance public IP to config.yaml for “Host Name / Domain Name”

kali null

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store