HTTP tunneling with Tunna - webshell connection to local RDP

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on the remote web server or any other server in the DMZ. The local application communicates with the webshell over the HTTP protocol. It also exposes a local port for the client application to connect to.

In this video the webshell has already been uploaded at the remote webserver (10.0.0.33 running at port 81) at /tun/conn.aspx

Setting up local server:
$ ruby proxy.rb -u http://10.0.0.33:81/tun/conn.aspx -r 3389 -l 4444 -v
This will instruct the webshell to connect to the webservers 3389 port
The local server will be listening at port 4444

Connecting the RDP client to the local port 4444:
$ rdesktop localhost:4444

For more information, please visit http://www.secforce.com/