August 25, 2022 at 9:01 pm #12319
Address = 192.168.100.2/24
DNS = 192.168.100.1, 192.168.101.1
Endpoint = domain:51820
AllowedIPs = 0.0.0.0/0, ::0/0
AllowedApps = chrome.exe, cmd.exe, powershell.exe
As you can see above, I’m trying to tunnel only Chrome, Command Prompt, and Powershell using
AllowedAppsto my Wireguard server using WireSock. But while Chrome gets tunneled just fine, neither CMD nor Powershell gets tunneled. I’ve even tried adding
AllowedApps(since those are parent processes to cmd and powershell) but that didn’t make a difference.
The only time I’ve been able to successfully tunnel CMD and Powershell traffic is by straight-up removing
AllowedAppsand tunneling every application. But tunneling specific applications is the whole reason I’ve been trying to use WireSock.
Can you please tell me what I’m doing wrong?August 26, 2022 at 12:04 pm #12320
I just did a quick powershell test with the command line below, and it was correctly intercepted and redirected through the tunnel:
Invoke-WebRequest "http://www.wiresock.net/downloads/wiresock-vpn-gateway-x64-220.127.116.11.msi" -OutFile "wiresock-gateway-x64.msi"
I suspect you are expecting child processes launched from cmd or powershell to be tunneled. Note, however, that these child processes have different names and are therefore skipped by the filter. Of course, it is possible to extend the filter for child processes, but initially, I had no such intention.August 26, 2022 at 1:18 pm #12321
Ah ok. Here’s the only reason why I want to tunnel cmd or powershell: Since I installed WireSock as a Service, I want to have a constant ping going to some remote server so I can see at a glance whenever WireSock is tunneling my traffic.
Is there some way for me to tunnel just ping commands? I tried doing this but it didn’t help:
AllowedApps = chrome.exe, cmd.exe, powershell.exe, ping.exeAugust 26, 2022 at 1:33 pm #12322
The Windows API only allows you to get the process context for the TCP and UDP protocols. So, ping.exe sending ICMP packets cannot be resolved and therefore not tunneled.
The simplest alternative would probably be a simple UDP based pinger, which can be easily implemented in Golang.August 26, 2022 at 1:49 pm #12323
Would this work?
Test-NetConnection google.com -Port 80August 26, 2022 at 2:32 pm #12324
Yes, if you add “powershell” to AllowedApps then this request will be tunneled.August 26, 2022 at 5:28 pm #12325
Great, thank you so much for your help
- You must be logged in to reply to this topic.