Skip to main content

proxy

SOCKS5 proxy configuration. When a proxy is configured, all R4t protocol connections (LDAP, Kerberos, SMB, RPC, etc.) are routed through it. This enables operating against internal networks via pivot points like Ligolo-ng, Chisel, or SSH tunnels.

Usage

r4t proxy <subcommand> [flags]

Subcommands

proxy set

Configure the SOCKS5 proxy. Accepts one or more settings per invocation and persists them to the Badger KV store (cfg:proxy). 
# Set the proxy host and port
r4t proxy set --host 127.0.0.1 --port 1080

# Set with authentication
r4t proxy set --host 127.0.0.1 --port 1080 --username user --password pass

# Enable DNS forwarding through proxy (remote DNS resolution)
r4t proxy set --dns-remote true

# Disable proxy without removing config
r4t proxy set --enabled false

# Re-enable proxy
r4t proxy set --enabled true
FlagDescription
--hostProxy host or IP address
--portProxy port
--usernameProxy username (optional, for authenticated proxies)
--passwordProxy password (optional)
--dns-remoteResolve DNS through the proxy (true) or locally (false)
--enabledEnable or disable proxy routing (true/false)

proxy show

Display the current proxy configuration. 
r4t proxy show
Shows: host, port, authentication status, DNS mode, and whether the proxy is enabled.

proxy clear

Remove all proxy settings. 
r4t proxy clear
Deletes the proxy configuration from the Badger KV store. After this, all connections are made directly.

How Proxy Routing Works

When a proxy is configured and enabled, R4t injects the SOCKS5 dialer into all protocol stacks that support it:
  • LDAP connections
  • Kerberos AS-REQ / TGS-REQ
  • PKINIT
  • SMB connections
  • RPC connections
  • DNS queries (if --dns-remote true)
This means you do not need to wrap R4t with proxychains — proxy support is built in.

Common Pivot Setups

Ligolo-ng

# Ligolo-ng creates a TUN interface (e.g., ligolo)
# Configure a SOCKS proxy if using the SOCKS listener:
r4t proxy set --host 127.0.0.1 --port 11080

Chisel

# Start chisel server on attacker: chisel server --reverse
# Start chisel client on pivot: chisel client <attacker>:8080 R:1080:socks
r4t proxy set --host 127.0.0.1 --port 1080

SSH Dynamic Port Forward

# ssh -D 1080 user@pivot-host
r4t proxy set --host 127.0.0.1 --port 1080