The proxy command is associated with the built-in command and control feature known as PacuProxy. The proxy command accepts a few different sub-commands:

• start <ip> [port]
• stop
• kill <agent_id>
• list/ls
• use none|<agent_id>
• shell <agent_id> <command>
• fetch_ec2_keys <agent_id>
• stager sh|ps

We aren't going to dive deep into what each of these commands do, but we will look at PacuProxy in the An introduction to PacuProxy section at the end of this chapter at a higher level. This is because PacuProxy is still in development and the current release version is not necessarily final, but the overarching theme and goal of it is staying the same. If you are interested in reading about the more advanced offerings of Pacu and PacuProxy, you can visit the Advanced Capabilities section of the Pacu Wiki on GitHub here: https://github.com/RhinoSecurityLabs/pacu/wiki/Advanced-Capabilities.

These proxy commands will be used when trying to deal with compromised EC2 hosts within a target AWS account, but we'll explore that later.