The ip of the attacking machine is 111.111.111.111. Here is how you create a remote port forwarding: ssh -R ::īy the way, plink is a ssh-client for windows that can be run from the terminal. So what we can do is just forward that port to our attacking machine. And you can't access it because you have a really crappy shell. So imagine that you have compromised a machine, and that machine has like MYSQL running but it is only accessible for localhost. Remote port forwarding is crazy, yet very simple concept. Now this port will be available on your localhost. You can also forward ports like this: ssh -L localport:target-ip:target-port Now facebook will be available on address localhost:8080. You are on a public network and want to encrypt all your http traffic.You want to encrypt traffic that uses unencrypted protocols.So the bind-address is where the proxy receieves the connection, and the connectaddress is the machine it forwards the connection to. This is the essential part of the configuration file, this is where we create the port-forwarding # bindadress bindport connectaddress connectport # uncomment the following line if you want web-server style logfile format # logcommon This is the default config file /etc/nf: # this is the configuration file for rinetd, the internet redirection server # you may specify global allow and deny rules here # only ip addresses are matched, hostnames cannot be specified here # the wildcards you may use are * and ? # allow 192.168.2.* # deny 192.168.2.1? # forwarding rules come here # you may specify allow and deny rules after a specific forwarding rule # to apply to only that forwarding rule # bindadress bindport connectaddress connectport # logging information Machine3 - IP: 333.333.333.333 - Hosts the ftp-server that machine1 wants to connect to. Machine2 - IP: 222.222.222.222 - Forwards incomming connections to Machine3 Machine1 - IP: 111.111.111.111 - Behind firewall, and wants to connect to Machine3. To make it clear, we have the following machines: So we can set up this port forwarding machine with the help of rinetd. Okay, so how do we go about actually implementing this? Rinetd - Port forward/redirect We will have home-computer/port-80 -> port-80/proxy-machine/port-21 -> ftp-serverĪnd the other way around of course, to receive the traffic. So instead of having this kind of traffic home-computer/port-21 -> ftp-server/port-21 What we can do is add a machine that redirect/forward all traffic that it receives on port 80 to port 21 on a different machine. So how are we going to be able to connect to our ftp-server? But someone has put some crazy firewall rules (egress filters) that prohibits outgoing traffics on all ports except for port 80. So imagine that you are on a network and you want to connect to a ftp server (or any other port) to upload or download some files. Port forwarding and tunneling Port forwarding These machines are connected to other networks, so we can use them to pivot. We are looking for machines that have at least THREE network interfaces (loopback, eth0, and eth1 (or something)). The pivot is just used as a way to channel/tunnel our attack. The technique of using one compromised machine to access another is called pivoting. You will use the first machine as a staging point/plant/foothold to break into machine 2. Let's say that you have compromised one machine on a network and you want to keep going to another machine. Common ports\/services and how to use themīroken Authentication or Session Managementĭefault Layout of Apache on Different Versions
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |