Using GVM via SSH/Socks Tunnel?

NetworkDude · April 13, 2022, 9:42am

Hi,

for an upcoming security assesment in a rather constrained network environment I’ll be provided with a ssh access to a internal linux mashine from which I can pentest the network. Unfortinatly we could not agree with the client on using a “proper” VPN for me.

Most of the stuff I can tunnel using an ssh tunnel + proxychain (although it constrains to TCP only) - but I also like to run a GVM scan in the background just to be sure not to miss anything.

Now in my previous assigments I’ll just plug my VM running GVM into the established VPN connection and can access the client network with GVM. But how would the logic look like using a socks proxy to access the client net? Is there a Socks proxy option in GVM which I can’t find?

And since this is a fixed contract with my client, I can’t “hack” me another backdoor ssh tunneling is the only way to go

kind regards
networkdude

Lukas · April 14, 2022, 11:49am

Do you have a control over the over side ?
You can run OpenVPN via SSH with full L2 network tunneling.

NetworkDude · April 15, 2022, 8:19pm

Hi,
thanks for the idea! - I’ll discuss with my client if I may install a openvpn on that thing - though there is probably some reason why they want it this way, so the chances may be slim (otherwise if would be possible to do a OpenVPN Tunnel direct…)

I’ll just need to talk to them to get a proper VPN, any more tunneling will be a performance nightmare