Time
5 hours 38 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Description

This lesson covers port forwarding. In port forwarding, the victim's machine is used as a pivot point to connect to other systems when the attacking machine cannot accomplish this directly.

Video Transcription

00:04
okay. Another useful technique is to
00:07
use port forward. So this way you can use
00:11
the victim machine as a pivot point to connect other systems
00:15
when we can demonstrate this way to think about this would be if the victim's machine
00:21
is able to get to other machines on the network. But the attacking machine cannot get there directly
00:26
so you can forward ports
00:29
through the victim's machine in order to make other connections. I can simulate this
00:36
by setting up a a port on my attacker machine
00:41
to connect to which will forward automatically to the victim machine. It's the same thing. I'm just doing it,
00:46
uh, in a slightly different context.
00:50
So pour forward.
00:54
Run the dash h for help.
00:56
We can see we can specify our local host. Listen on. We can add and delete ports, flush the listening ports, local ports, remote ports and remote hosts that we want to specify. It's pretty easy syntax to use,
01:11
and what I'm gonna do is send a report
01:15
fording so that I can connect to a Net cat on court 445
01:21
I demonstrated that in a previous section, so we should be well aware of how that works,
01:26
So I'll run port Former
01:29
had
01:30
local port will be 445 I could choose any port locally that I wish,
01:36
as long as it's not in use.
01:38
And my room my port for the remote system
01:42
on the remote host will also be 445
01:47
and then I need to run.
01:57
Dash are
01:59
sorry about the delay there
02:00
for the remote system, and that should be 100 to 1 68 26 1
02:06
1 31
02:10
All right, so you can see it create a local relate. So locally. If I connect 4 45 I get redirected to the victim's system on that same port
02:24
port. Forward command. I do have some other options.
02:30
Oh, let's look at that real quick.
02:36
Oh, it's not. Show me what I want, but I know that I can do other things. For instance,
02:39
I can run the er Bertus,
02:44
the list command
02:46
and what's command shows me that I've got one port forward set up.
02:52
I can also, uh, flush this port forwarding when I'm when I'm finished so that it doesn't remain
03:00
if I killed him. A trip recession. The 14 will also
03:04
be removed,
03:05
but you may wanna add and remove foreign ports because you're you're changing circumstances as you're doing. You're fantastic.
03:12
So I can prove that this works
03:15
If I go to another command shell, I can run next, Dad Dash and that I could just grab for 445 We see that it's listening.
03:23
Listening on my local host i p address.
03:28
Uh, this port was not listening earlier. I probably should have shown that, Buddy,
03:31
Hopefully you get the idea. So now if I tell that
03:36
to local host 4445 I actually get redirected
03:42
to the victim's system, which is the 26 1 31
03:46
Very useful activity helps you also, if you think about that, the victim's system
03:53
having a trust relationship with other systems on that network, it might seem less suspicious just to have certain connections going on, and that helps to cover your tracks a little bit more, more thoroughly.
04:03
And what I want to do now is flush that port forward out because I don't need any longer.
04:12
So it stopped affording.
04:14
Ah, the connection's still there. It's still worked, are still live, but it it won't uh
04:19
I try to do a forwarding again.
04:23
That won't work because it's looking for a port locally
04:28
to be listening to 445 as we see it's no longer listening. It's and it's in time out right now,
04:35
so it's pretty useful.
04:38
All right, I'll see in the next action. Thank you.

Up Next

Metasploit

This Metasploit tutorial will teach you to utilize the deep capabilities of Metasploit for penetration testing and help you to prepare to run vulnerability assessments for organizations of any size.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor