Skip to content

Port forward


ssh local port forwarding

setup

  • all request to localhost will be forwarded to target_2 through target_1

+---------------+     +---------------+     +---------------+
|               |     |               |     |               |
|    0.0.0.0    +---->|  10.11.0.128  +---->| 192.168.1.110 |
|     kali      +---->|   target_1    +---->|   target_2    |
|               |     |    student    |     |               |
+---------------+     +---------------+     +---------------+
on kali
ssh -N -L [bind_address:]port:host:hostport [user@address]

ssh -N -L 0.0.0.0:445:192.168.1.110:445 student@10.11.0.128


ssh remote port forwarding

setup

  • port 3306 on target machine is bind to 2221 port on kali
+----------------+     +----------------+ 
|                |     |                |
| 127.0.0.1:3306 +---->| 10.11.0.4:2221 +
|    target      +---->|      kali      +
|                |     |                |
+----------------+     +----------------+
  • all request to port 2221 on kali will be forwarded to 3306

+---------------+     +----------------+     +--------------------+
|               |     |                |     |                    |
|    0.0.0.0    +---->| 127.0.0.1:2221 +---->| 192.168.1.110:3306 |
|     kali      +---->|     kali       +---->|       target       |
|               |     |                |     |                    |
+---------------+     +----------------+     +--------------------+
on target
ssh -N -R [bind_address:]port:host:hostport [user@address]

ssh -N -R 10.11.0.4:2221:127.0.0.1:3306 kali@10.11.0.4


proxy

  • on kali, update proxychains.con socks4 127.0.0.1 8080

+---------------+     +----------------+     +----------------+     +--------------------+
|               |     |                |     |                |     |                    |
|    0.0.0.0    +---->| 127.0.0.1:8080 +---->|   10.11.0.128  +---->|   192.168.1.110    |
|     kali      +---->|     PROXY      +---->|     student    +---->|       target       |
|               |     |                |     |                |     |                    |
+---------------+     +----------------+     +----------------+     +--------------------+
on kali
ssh -N -D bind_address:port user@ssh_server_address

ssh -N -D 127.0.0.1:8080 student@10.11.0.128


socat port forwarding

template

socat TCP-LISTEN:<lport>,fork TCP:<redirect_ip>:<rport> &
source
git clone https://github.com/andrew-d/static-binaries
cd static-binaries/binaries/linux/x86_64
python3 -m http.server
run
./socat TCP-LISTEN:8081,fork TCP:0.0.0.0:8080 &


other

FPipe.exe -l [local port] -r [remote port] -s [local port] [local IP]
FPipe.exe -l 80 -r 80 -s 80 192.168.1.7
ssh -[L/R] [local port]:[remote ip]:[remote port] [local user]@[local ip]
ssh -L 8080:127.0.0.1:80 root@192.168.1.7 # Local Port
ssh -R 8080:127.0.0.1:80 root@192.168.1.7 # Remote Port
mknod backpipe p ; nc -l -p [remote port] < backpipe | nc [local IP] [local port] >backpipe
mknod backpipe p ; nc -l -p 8080 < backpipe | nc 10.1.1.251 80 >backpipe # Port Relay
mknod backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc localhost 80 | tee -a outflow 1>backpipe # Proxy (Port 80 to 8080)
backpipe p ; nc -l -p 8080 0 & < backpipe | tee -a inflow | nc
localhost 80 | tee -a outflow & 1>backpipe # Proxy monitor (Port 80 to 8080)