search
DiscordHackTheBoxTryHackMeGitHub

arrow-progressPivoting

hashtag
PREPARATION

hashtag
Checking Network Interfaces

ifconfig

hashtag
Netstat Check Port

netstat -antp | grep 1234

hashtag
Proxychains

tail -4 /etc/proxychains.conf 
# CHECK IF THERE IS ALREADY PROXYCHAINS FILE, IT COULD BE CALLED LIKE PROXYCHAINS
proxychains {command}

hashtag
SSH PORT-FORWARDING

hashtag
Local Port-Forwarding

ssh -L 9000:localhost:80 user@remote-server 
# Maps port 9000 on your local machine to port 80 on the remote server.

hashtag
Remote Port-Forwarding

hashtag
Multiple Ports Port-Forwarding

hashtag
Dynamic Port-Forwarding

hashtag
SOCAT

Socat is a bidirectional relay utility that establishes communication between two separate network channels without relying on SSH tunneling. It functions as a redirector, capable of listening on a specific host and port and forwarding the data to a different IP address and port.

hashtag
Starting Listener

hashtag
SSHUTTLE

SSHuttle is a Python-based tool that eliminates the need for configuring proxychains. However, it is limited to pivoting over SSH and does not support pivoting through TOR or HTTPS proxy servers. Sshuttle is particularly valuable for automating the setup of iptables and adding pivot rules for the remote host.

hashtag
LIGOLO-NG

Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun (short form from tunnel) interface (without the need of SOCKS).

hashtag
Making a tun interface

hashtag
Deleting tun interface

hashtag
Turning on ligolo

hashtag
Setting up ligolo agent and proxy

Connecting session

PreviousCred HuntingNextTheory

Last updated