This is bi-weekly dispatch is brought to you by the team at Black Harbor. Every other week we share three things. One offensive technique, one defensive technique and some random snippet of something that piqued our interest. It may be a motivational quote, some piece of news or a slice of a product review.

Offense – Chisel – TCP tunnel over HTTP, secured by SSH

Short and sweet, tunneling can be a pain. Especially when trying to secure it. Chisel can bypass firewalls and also securely access endpoints into networks all while providing an encrypted tunnel. A demo from the github repo:

A demo app on Heroku is running this chisel server:

$ chisel server --port $PORT --proxy http://example.com
# listens on $PORT, proxy web requests to http://example.com
This demo app is also running a simple file server on :3000, which is normally inaccessible due to Heroku's firewall. However, if we tunnel in with:

$ chisel client https://chisel-demo.herokuapp.com 3000
# connects to chisel server at https://chisel-demo.herokuapp.com,
# tunnels your localhost:3000 to the server's localhost:3000
and then visit localhost:3000, we should see a directory listing. Also, if we visit the demo app in the browser we should hit the server's default proxy and see a copy of example.com.

Defense – SkyArk – Mitigate Cloud Shadow Admins

Cloud can get complicated pretty quickly. Many times permission creep are the reasons for modern breaches. Low level accounts who needed to complete a task for one thing maintain that permission past the point of execution. SkyArk helps discover privileged cloud entities to reduce the risk of shadow admin accounts (Cloud account who have sensitive privileges but are not in Active Directory privileged groups). SkyArk works on both AWS and Azure.

Snippet

And finally a story about two server admins, an impossible client and a pretty hilarious solution. Life finds a way.

If you find value in this newsletter please consider sharing it to your friends and colleagues. Signup at https://newsletter.blackharbor.io/

View our past dispatches at https://blackharbor.io/category/dispatch/