METASPLOIT - PORT FORWARDING
- Layout for this exercise:
- In this attack Kali wants to access a web server on the Linux victim machine, using XP system as a pivot..
- First of all, a meterpreter session is achieved by exploiting the XP machine:
- We learn that XP has got two interfaces. The second interface is connected to the inner network 10.0.0.0/24:
- The active meterpreter session is number 1:
- Using session 1 to add a route to 10.0.0.0/24:
- Printing the route:
- Scanning 10.0.0.0/24 from the active meterpreter session 1:
- Once discovered 10.0.0.2 a TCP port scanning is performed, from port 1 to 500:
- Now, portforwarding is enabled to access the victim (IP 10.0.0.2 on port 80) from local port 9999. In this way the attacker would receive on localhost:9999 the web service from 10.0.0.2:80:
- Actually, a local listening port has been created on 9999. The forwarding connection will forward web services from 10.0.0.2:80 to localhost:9999, although attacker and victim are not directly connected because they are in different networks. The meterpreter session performs the connection in the background:
- The attack is successful when connecting the attacker's browser to localhost:9999:
