Using apt-get with a proxy

How to install software on machines without internet access

It is not uncommon that you gain access to a machine inside an internal network that does not have internet access. Because of that, it is not that easy to install software on it and static binaries are not always doing the trick.

If you got access (sudo or root) to the target it is possible to let apt use your attacking machine as a proxy to download and install software.


Install Squid proxy

Firstly it is necessary to install squid on your local machine: sudo apt install squid

Next, the config file has to be modified (needs sudo permissions): sudo vim /etc/squid/squid.conf

There are several options you can adjust depending on your preferences:

Finally use sudo systemctl start squid to start the proxy server.

A more in-depth guide on how to configure and set up squid can be found here.


Change the apt config

If not existent create the file /etc/apt/apt.conf.d/proxy.conf and add the following two lines:

0Acquire::http::Proxy "http://<IP>:<PORT>";
1Acquire::https::Proxy "https://<IP>:<PORT>";

The next time you run apt on the victim machine it will use your local machine as a proxy and successfully download whatever you are trying to install.