Nice video :) Just for a reference, the xfree rdp client supports socks proxy. You can either use proxy chains or specify the proxy host as a parameter.
Hi nice video iam new in pentesting and your video helped me to understand the theory behind pivoting :) got a question for you terminal. looks like you are using somethibg else than the Standart in kali. What are you using?
Hey bro, nice one. Could you please help me out for pivoting in a scenario where: Kali machine RDP to-> Windows server (192.168.1.x)-> Same network Windows jump server (192.168.1.x) -> SqLi Limited shell windows server(192.168.2.x) -> lateral movement windows server (192.168.2.x) Also gateway to 192.168.3.x Need to route traffic to 192.168.3.x
This one's tricky because of so many hops. If you can, I'd probably use a reverse tunnel at some point so you don't have to go through so many hops. But if you have to, then I'd use something like Proxychains or meterpreter routes if you can. People have brought up Chisel before, but it works very similar to SSH so you'd have the same issues with that alone. Hope this helps.
Yes, correct. This is a common scenario you'll see in red teaming. You load a dropper on the network and that's your access point. Once you have that in the environment, this video covers how to tunnel through it.
Good question! Unfortunately no. Responder responds to multicast traffic, which does not make it through the SOCKS4 proxy. Think of it as only point-to-point traffic can go through the proxy. That's why Nmap needed the -sT flag for a full connection scan. Otherwise, it doesn't work properly either.
I believe this is EXACTLY what i needed for Dante on HTB
Tell your friends!
@NetsecExplained turns out it wasn't but still a great video! 👌🏾
Nice video :)
Just for a reference, the xfree rdp client supports socks proxy. You can either use proxy chains or specify the proxy host as a parameter.
You're right, I just wanted an excuse to show off how you can pivot using local port forwarding.
Hi nice video iam new in pentesting and your video helped me to understand the theory behind pivoting :) got a question for you terminal. looks like you are using somethibg else than the Standart in kali. What are you using?
I'm using ZSH with OhMyZSH extension. I like it, it's pretty.
Hey bro, nice one. Could you please help me out for pivoting in a scenario where:
Kali machine RDP to-> Windows server (192.168.1.x)-> Same network Windows jump server (192.168.1.x) -> SqLi Limited shell windows server(192.168.2.x) -> lateral movement windows server (192.168.2.x) Also gateway to 192.168.3.x
Need to route traffic to 192.168.3.x
This one's tricky because of so many hops. If you can, I'd probably use a reverse tunnel at some point so you don't have to go through so many hops. But if you have to, then I'd use something like Proxychains or meterpreter routes if you can. People have brought up Chisel before, but it works very similar to SSH so you'd have the same issues with that alone. Hope this helps.
So did you create the Ubuntu jump post at an earlier time? Thank you for creating this video! Cheers
Yes, correct. This is a common scenario you'll see in red teaming. You load a dropper on the network and that's your access point. Once you have that in the environment, this video covers how to tunnel through it.
Hi. Is it possible to run responder with proxy chains? Without being sudo on the target machine? Thanks for the content
Good question!
Unfortunately no. Responder responds to multicast traffic, which does not make it through the SOCKS4 proxy. Think of it as only point-to-point traffic can go through the proxy. That's why Nmap needed the -sT flag for a full connection scan. Otherwise, it doesn't work properly either.
Could you have RDP to the windows system with xfreerdp as well??Great vid!!
Yes, you can!
Nice demo and helpful 🫂