Websense filter and SVN UPDATE problems on vmWare Natting

[marcopb]

Hi all. This is my first post.

I've searched on the forum and read the following thread
"If you are using vmware or any other virtualization software please read this:" (I'm still not allowed to post URLs to other sites after I have made 15 posts or more)

and I hope he's referencing to wireless interfaces.

I've installed bt4 on vmware using NAT and dhcp client.
I'd like to exec a SVN UPDATE from msfconsole, but even if I have an internal proxy to bypass my company's WEBSENSE filter while using Mozilla, when I execute the "SVN UPDATE" command it blocks my request.

Inside bt4 I need to configure a default gw different from my company default's one, but I'm using NAT and dhcp so it should not be possible (I've read also the man pages of "interfaces").
How can I solve my "SVN UPDATE" problem ?

I was thinking:
1) Set a static IP, but perhaps it could be not possible (for company policy)
2) Execute a "SVN UPDATE" manually, but I don't know how ? And if tomorrow I need to update another tool "websense filtered", I need to manually update again it !?!?
3) Using NAT, dhcp and configure also a default gw. Is it possible on vmware ?

Thanks for your time,
M

I've updated the same installation at home (but using Parallel Desktop).
It could be possible to "simply" copy all updated datas under /pentest/exploits/frameworks from my home installation to my company one !??!

M

[lupin]

Hi all. This is my first post.

I've searched on the forum and read the following thread
"If you are using vmware or any other virtualization software please read this:" (I'm still not allowed to post URLs to other sites after I have made 15 posts or more)

and I hope he's referencing to wireless interfaces.

I've installed bt4 on vmware using NAT and dhcp client.
I'd like to exec a SVN UPDATE from msfconsole, but even if I have an internal proxy to bypass my company's WEBSENSE filter while using Mozilla, when I execute the "SVN UPDATE" command it blocks my request.

Inside bt4 I need to configure a default gw different from my company default's one, but I'm using NAT and dhcp so it should not be possible (I've read also the man pages of "interfaces").
How can I solve my "SVN UPDATE" problem ?

I was thinking:
1) Set a static IP, but perhaps it could be not possible (for company policy)
2) Execute a "SVN UPDATE" manually, but I don't know how ? And if tomorrow I need to update another tool "websense filtered", I need to manually update again it !?!?
3) Using NAT, dhcp and configure also a default gw. Is it possible on vmware ?

Thanks for your time,
M

If properly configured, NAT should enable your BT VM to communicate on your corporate network with all of the same access that your VM host system has (for outgoing TCP based connections at least). I know this because I have done it at work myself. The problem you are probably running into is that there is a firewall blocking the subversion (svn) traffic from getting out to the Internet. You need to therefore configure subversion to use a proxy.

First of all confirm that you can browse the Internet in Firefox via the Websense proxy from BT (this will confirm that basic networking plus NAT is configured correctly and that you can access the proxy), then use this or this as a guide to configure subversion to use your proxy. Its possible that the websense proxy wont allow subversion traffic to be proxied (because of enabled http filtering policies), but its worth a try.

[marcopb]

I'm able to set the proxy on Mozilla and surf on metasploit.com, differently websense blocked. The proxy I can use (as IT staff) is another machine different than websense probe.
I can confirm websense is blocking svn traffic!

According to your suggested links and to /root/.subversion/README.txt file
I set up /etc/subversion/servers and also /root/.subversion/servers adding
the following lines:
http-proxy-host = ip_if_my_proxy
http-proxy-port = 3128

I can also successfully execute: telnet ip_if_my_proxy 3128 from BT.

But currently if I run again SVN UPDATE.. it's still "blocked".
What am I missing ?

[lupin]

I'm able to set the proxy on Mozilla and surf on metasploit.com, differently websense blocked. The proxy I can use (as IT staff) is another machine different than websense probe.
I can confirm websense is blocking svn traffic!

According to your suggested links and to /root/.subversion/README.txt file
I set up /etc/subversion/servers and also /root/.subversion/servers adding
the following lines:
http-proxy-host = ip_if_my_proxy
http-proxy-port = 3128

I can also successfully execute: telnet ip_if_my_proxy 3128 from BT.

But currently if I run again SVN UPDATE.. it's still "blocked".
What am I missing ?

Have you confirmed that the svn traffic is actually going to the proxy you specified? Have you run a packet trace and sen the packets going to the proxy? Have you seen any proxy error messages being returned in your trace? What about the proxy access or error logs? Do they indicate that the svn traffic is reaching the proxy, and whether the proxy is then blocking that traffic?

[marcopb]

Yes I've tcpdumped my requests, but they don't go throught the proxy I've set up. I've already added the following line: extension_methods REPORT MERGE MKACTIVITY CHECKOUT to my proxy, but I confirm I'm still not able to point to and use it.

As workaround (even if I'd like to solve my problem at work), is it possible to "simply" copy an already updated /pentest/exploits/framework3/ directory from my virtual installation I have at home to this one I have at work ?


Thanks,
M

[lupin]

As workaround (even if I'd like to solve my problem at work), is it possible to "simply" copy an already updated /pentest/exploits/framework3/ directory from my virtual installation I have at home to this one I have at work ?

Yes that should work.