This is an update to an older post that can be found here. Since createProxy's initial release, we've received some great feedback and, as a result, we made some improvements. There were several shortcomings with the previous version, all of which rested on the use of ProxyChains. ProxyChains is old, outdated, and failed to support protocols such as UDP or ICMP or Java apps (i.e. Burp). So it was re-written, code can be found: https://github.com/Shellntel/scripts/blob/master/proxyCannon.py
The original version used SSH's ability to create SOCKS proxies; however, as it turns out SSH also supports the ability to create both layer 2 and layer 3 tunnels. These are different than SOCKS connection, in that a fully-fledged network tunnel is established between the two endpoints. Find more details on how to set this up here.
The new proxyCannon script takes advantage of this feature by building VPN tunnels to each EC2 instance and round robining locally generated traffic between each one. Since we're using the local systems routing table all session information will be retained (i.e. TCP streams are not split between systems). Furthermore, now we can push any network based traffic across it: TCP, UDP, ICMP and more.
Below are some pictures of proxyCannon in use:
Next, in a new tab we verify that our connections are up
With everything stood up, we run a simple test. In one tab we run a simple ping with a count of 3.
That it! Browsers, pentesting tools, whatever, should all work seamlessly. To close down the proxy, just go back to your first tab and hit enter.
Any questions, comment or bugs, please feel free to submit them to github. Thanks!