Havoc

Documentation

Socks5 Proxy

You can start a socks5 proxy by running: socks add 1080 (or any other port)

As of right now, is the teamserver and not the client that one who will listen on the port specified.
So if you are running the teamserver on machine A and the client on machine B, make sure you send your packets to machine A.

The only authentication method supported is NOAUTH. You can proxy DNS requests, IPv4 and IPv6.

To have a usable proxy, it is recommended to enter interactive mode, by running: sleep 0.
Note that this will disable any sleep obfuscation.

To remove the socks proxy, run: socks kill 1080.

It is recommended that this feature is used together with proxychains-ng, given that it is actively maintained and it has a better implementation of proxy_dns.
This means that you won't need to resolve computer account domain names (like dc01.contoso.local) from your Linux machine.

On this page

  • Socks5 Proxy