0000546: Tunna (a tool designed to bypass firewall restrictions on remote webservers) - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update

0000546	Kali Linux	New Tool Requests	public	2013-08-26 11:10	2020-02-10 14:48

Reporter	matthews	Assigned To
Priority	normal	Severity	feature	Reproducibility	have not tried
Status	closed	Resolution	won't fix

Summary	0000546: Tunna (a tool designed to bypass firewall restrictions on remote webservers)
Description	website : http://www.secforce.com/research/tunna.html for download : http://www.secforce.com/research/tunna_download.html Tunna is a tool designed to bypass firewall restrictions on remote webservers. It consists of a local application (supporting Ruby and Python) and a web application (supporting ASP.NET, Java and PHP). Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on the remote web server or any other server in the DMZ. The local application communicates with the webshell over the HTTP protocol. It also exposes a local port for the client application to connect to. Since all external communication is done over HTTP it is possible to bypass the filtering rules and connect to any service behind the firewall using the webserver on the other end. Tunna framework comes witht he following functionality: Ruby client - proxy bind: Ruby client proxy to perform the tunnel to the remote web application and tunnel TCP traffic. Python client - proxy bind: Python client proxy to perform the tunnel to the remote web application and tunnel TCP traffic. Metasploit integration module, which allows transparent execution of metasploit payloads on the server penetration testing ASP.NET remote script penetration testing Java remote script penetration testing PHP remote script
Additional Information	Video Demo : Tunna running as proxy to bind a local port on the remote server http://www.youtube.com/watch?v=d9LL4zgoS_M&feature=player_embedded Tunna running as proxy to bind a port of a remote host in the DMZ http://www.youtube.com/watch?v=Kqb1PGrkzVw&feature=player_embedded Tunna integration with Metasploit http://www.youtube.com/watch?v=-Svxx7OVfQY&feature=player_embedded

g0tmi1k 2018-01-29 15:16 administrator ~0008494	To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us): [Name] - The name of the tool [Version] - What version of the tool should be added? --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag) [Homepage] - Where can the tool be found online? Where to go to get more information? [Download] - Where to go to get the tool? [Author] - Who made the tool? [Licence] - How is the software distributed? What conditions does it come with? [Description] - What is the tool about? What does it do? [Dependencies] - What is needed for the tool to work? [Similar tools] - What other tools are out there? [How to install] - How do you compile it? [How to use] - What are some basic commands/functions to demonstrate it?

g0tmi1k 2020-02-10 14:48 administrator ~0012091	Project now 404's

Date Modified	Username	Field	Change
2013-08-26 11:10	matthews	New Issue
2018-01-29 15:16	g0tmi1k	Note Added: 0008494
2020-02-10 14:48	g0tmi1k	Note Added: 0012091
2020-02-10 14:48	g0tmi1k	Status	new => closed
2020-02-10 14:48	g0tmi1k	Resolution	open => won't fix