reDuh - TCP Redirection over HTTP
Have you ever wondered why free web host don’t give you ASP/JSP/PHP access? Here is one really good reason. SensePost reDuh is a dynamic web page that can be used to bypass a firewall when you upload the reDuh dynamic web page on to a web server. It allows you to connect to the web page, then build a TCP circuit to reach the nodes inside the network.
Think web site defacement’s are bad for your companies image? Imagine someone using something like this to have full access into your companies network. I’m going to test this when I have the time but I thought if some of you hadn’t read about this presentation at BlackHat I would share it with you.
Make sure your web servers are hardened and that your firewall is properly patched and configured to monitor both ingress and egress between the world, your web server, and your company intranet. Remember defense-in-depth is a process not a bullet proof plan. Also make sure your other intranet systems are patched and monitored.
I’ll post more when I have more time with reDuh. If you have already tested this tool I would like to know what you think in the comments.
