Bypass permission pop up on /proxy

[CampBlanc]

I just keep playing with the commands to learn how to use them and what they do, that's the benefit of having my laptop which I made a 'slave' and can test things on.

So I issued the /proxy command to see what it does (still don't know why you want to open a proxy on a slave though) and a window popped up on the slave. Here's an image, it asked for permission.

It says Windows Firewall has terminated certain parts of 'The RAT' on all private and public networks. You would then have to grant permission.

[mvrozanti]

Unfortunately, for now, there's not other way to achieve this. Any attempts to route traffic (as in use it as a proxy) will result in this message/warning. /proxy could, perhaps, include mouse-automation to allow the forwarding but I'm skeptic of this method's sustainability.

Would love to hear anyone's opinions on possible solutions though. Will leave it open.

[Dviros]

I believe that adding a registry value as proxy may help:

1. python write file "proxy.reg"
2. os command "reg IMPORT %directory%\proxy.reg"
3. the reg file will look this way:
   Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy"=dword:00000001
"ProxyEnable"=dword:00000001
"ProxyHttp1.1"=dword:00000000
"ProxyServer"="address:port"
"ProxyOverride"="local"

[mvrozanti]

Very nice. Works on my Windows 7 x64. Will add soon.

Is there a need to have a file written? We could use __winreg module

[Dviros]

I think it's a better practice use a file (when using "reg IMPORT"). You can also write and delete it after the import.