top | item 46527049

(no title)

bmenrigh | 1 month ago

Your pentest scenario where you have an internal host without outbound access is an entirely different situation than what this SOCKS masquerading as SMTP code addresses. The posted code can't speak SMTP to an internal server and have the traffic relayed outside. The SMTP server the code provides is nothing more than a SOCKS proxy that pretends to speak SMTP for a few packets before the TLS connection starts and then everything inside the TLS session stops being SMTP.

A SOCKS-over-SMTP relay tool for your pentest scenario would be much more interesting (though with the way email works, probably not entirely realistic, much less stealthy). But there should be more work put into relaying tools to establish bidirectional traffic with the outside on highly restricted internal network. DNS is great but comes with a lot of limitations. Surly there are other common services available in companies that could be used.

discuss

mr_mitm|1 month ago

Oh, sorry, I guess I should have read more carefully. I don't really see the point of this either, then.