Pivoting

PREPARATION

Checking Network Interfaces

ifconfig

Netstat Check Port

netstat -antp | grep 1234

Proxychains

tail -4 /etc/proxychains.conf 
# CHECK IF THERE IS ALREADY PROXYCHAINS FILE, IT COULD BE CALLED LIKE PROXYCHAINS
proxychains {command}

SSH PORT-FORWARDING

Local Port-Forwarding

ssh -L 9000:localhost:80 user@remote-server 
# Maps port 9000 on your local machine to port 80 on the remote server.

Remote Port-Forwarding

Multiple Ports Port-Forwarding

Dynamic Port-Forwarding

SOCAT

Socat is a bidirectional relay utility that establishes communication between two separate network channels without relying on SSH tunneling. It functions as a redirector, capable of listening on a specific host and port and forwarding the data to a different IP address and port.

Starting Listener

SSHUTTLE

SSHuttle is a Python-based tool that eliminates the need for configuring proxychains. However, it is limited to pivoting over SSH and does not support pivoting through TOR or HTTPS proxy servers. Sshuttle is particularly valuable for automating the setup of iptables and adding pivot rules for the remote host.

LIGOLO-NG

Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun (short form from tunnel) interface (without the need of SOCKS).

Making a tun interface

Deleting tun interface

Turning on ligolo

Setting up ligolo agent and proxy

Connecting session

PreviousCred HuntingNextPrivilege Escalation