Tunneling/Port Forwarding

ssh <gateway> -L <local port>:<remote host>:<remote port>

ssh <gateway> -R <remote port>:<local host>:<local port>

ssh -D <local port> -p <remote port> <target>

HTTP tunneling – technique to encapsulate a protocol within HTTP

HTTPTunnel or stunnel

Netsh is installed on Windows by default, but requires the IP Helper service and IPv6 must be installed (both enabled by default).

netsh interface portproxy add v4tov4 listenport=$port listenaddress=$ip connectport=$port connectaddress=$ip

A firewall rule may be required to open the desired port.

netsh advfirewall firewall add rule name="forward_port_rule" protocol=TCP dir=in localip=$ip localport=$port action=allow

plink.exe -ssh -l kali -pw ilak -R 10.11.0.4:1234:127.0.0.1:3306 10.11.0.4

plink.exe -l root -pw mysecretpassword 192.168.0.101 -R 8080:127.0.0.1:8080

portfwd add -l <attacker port> -p <victim port> -r <victim ip>
portfwd add -l 3306 -p 3306 -r 192.168.1.10

Last updated 3 years ago