Pivot into the internal network by deploying HTTP agents. Pivotnacci allows you to create a socks server which communicates with HTTP agents
. The architecture looks like the following:
This tool was inspired by the great reGeorg. However, it includes some improvements:
Supported Socks Protocols
Also Read – Carina : Webshell, Virtual Private Server (VPS) & cPanel Database
Installation
pip3 install pivotnacci
git clone https://github.com/blackarrowsec/pivotnacci.git
cd pivotnacci/
pip3 install -r requirements.txt # to avoid installing on the OS
python3 setup.py install # to install on the OS
Usage
$ pivotnacci -h
Usage: pivotnacci [-h] [-s addr] [-p port] [–verbose] [–ack-message message]
[–password password] [–user-agent user_agent]
[–header header] [–proxy [protocol://]host[:port]]
[–type type] [–polling-interval milliseconds]
[–request-tries number] [–retry-interval milliseconds]
url
Socks server for HTTP agents
Positional Arguments:
url The url of the agent
Optional Arguments:
-h, –help show this help message and exit
-s addr, –source addr
The default listening address (default: 127.0.0.1)
-p port, –port port The default listening port (default: 1080)
–verbose, -v
–ack-message message, -a message
Message returned by the agent web page (default:
Server Error 500 (Internal Error))
–password password Password to communicate with the agent (default: )
–user-agent user_agent, -A user_agent
The User-Agent header sent to the agent (default:
pivotnacci/0.0.1)
–header header, -H header
Send custom header. Specify in the form ‘Name: Value’
(default: None)
–proxy [protocol://]host[:port], -x [protocol://]host[:port]
Set the HTTP proxy to use.(Environment variables
HTTP_PROXY and HTTPS_PROXY are also supported)
(default: None)
–type type, -t type To specify agent type in case is not automatically
detected. Options are [‘php’, ‘jsp’, ‘aspx’] (default:
None)
–polling-interval milliseconds
Interval to poll the agents (for recv operations)
(default: 100)
–request-tries number
The number of retries for each request to an agent. To
use in case of balanced servers (default: 50)
–retry-interval milliseconds
Interval to retry a failure request (due a balanced
server) (default: 100)
Examples
pivotnacci https://domain.com/agent.php –password “s3cr3t”
pivotnacci https://domain.com/agent.jsp -H ‘Host: vhost.domain.com’ -A ‘CustomAgent’
pivotnacci https://domain.com/agent.aspx –ack-message “418 I’m a teapot”
pivotnacci https://domain.com/agent.php –polling-interval 2000
Credit: Eloy Pérez
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…