I've found it's a very stealthy way to get through webfilters, IPS boxes, and application-aware firewalls since it appears as SSL/HTTPS traffic instead of SSH. d.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Robin Wood Sent: Monday, April 11, 2011 4:40 AM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] use cases for stunnel On 11 April 2011 00:58, Mike Patterson <[email protected]> wrote: > On 11-04-10 6:50 PM, Robin Wood wrote: >> I was having a look at stunnel today and I've been wondering about >> pen-testing use cases for it. I asked on twitter and got a few >> comments about using it for encrypted data exfiltration but I don't >> see the point, if you are on a box with stunnel then it probably also >> has ssh/scp so just use that. > > Probably, but you never know. Mine was one of the comments, btw. :) And > you didn't stipulate that it was already present. :P > >> Are there any other good use cases? Places where there isn't already >> an easily available an encrypted tool that will do the same job. > > It sounds like you've got a tool and you're looking for a place to use > it. Why waste your time? I'm trying to work out if it is a waste of time to learn it in depth or if there are some good situations where it is worth understanding it. What I'm wondering is is there a killer use for it that I really should know about and know how to use and setup or is it just a tool that is worth knowing it exists and has a man page and leave it at that. I'm going to look at using it for man-in-the-middle as I like that idea. Robin > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com NOTICE: The information contained in this e-mail and any attachments is intended solely for the recipient(s) named above, and may be confidential and legally privileged. If you received this e-mail in error, please notify the sender immediately by return e-mail and delete the original message and any copy of it from your computer system. If you are not the intended recipient, you are hereby notified that any review, disclosure, retransmission, dissemination, distribution, copying, or other use of this e-mail, or any of its contents, is strictly prohibited. Although this e-mail and any attachments are believed to be free of any virus or other defects, it is the responsibility of the recipient to ensure that it is virus-free and no responsibility is accepted by the sender for any loss or damage arising if such a virus or defect exists. _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
