Breaching the Perimeter with OpenConnect and ocproxy

As Red Teamers, we often encounter engagements with targets that may allow remote workers, but require all connections to pass through a central VPN for access to the Corporate assets. These VPNs typically authenticate with two factor authentication or other mechanisms. We will use OpenConnect and ocproxy to automatically log in to a VPN once credentials are acquired from a phishing page.

[Read More]