Sign in

security researcher and penetration tester. twitter: @kali_null



  1. AWS instance for pivoting
  2. Target box on the network we are ̶h̶a̶c̶k̶i̶n̶g̶ testing.
  1. Open port 8080 in the security rules
  2. Create new user: adduser revconnect (or whatever user name) and give the user sudo privileges: usermod -aG sudo…


searchsploit output
cp /usr/share/exploitdb/exploits/cgi/webapps/42344.rb /root/.msf4/modules/exploits/cgi/webapps/


  1. Spin up a Squid proxy server on the remote instance:


  • Install tor service(not the TorBrowser bundle). On Mac you can do it with “brew install tor”. If you don’t have brew installed run this command:
/usr/bin/ruby -e “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)
  • Run tor service with the following command: brew service start tor. If you do brew service list you should see tor running:
  • Set manual proxy configuration to 127.0.0.1 port 8080
  • Make sure SOCKS is set to v5. V4 is not supported.



  1. Get Ubuntu or other Debian instance. Red Hat (ie Amazon instance is missing some dependancies).
  2. Follow https://github.com/beefproject/beef/wiki/installation. Make sure to install Ruby. You can just do sudo apt-get install ruby-full
  3. Move to beef directory and ./install
  4. Add your instance public IP to config.yaml for “Host Name / Domain Name”


kali null

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store