search

Pivoting, Tunneling and Portforwarding

hashtag
Port-Forward

Port forwarding can be performed as soon as the specific forwarding port is known.

Port forwarding via SSH:

ssh -L 1234:localhost:3306 [email protected]
circle-info

1234 is the local port

Checking Port Forwarding

netstat -antp | grep 1234

hashtag
Dynamic Port Forwarding

Dynamic Port Forwarding can be used when the exact forwarding port is unknown. This can be implemented using a SOCKS listener or proxy. SOCKS is a protocol that allows the use of a proxy in a protocol-independent and transparent manner. Additionally, SOCKS provides certain features to bypass firewall restrictions.

Dynamic Port Forwarding via SSH:

ssh -D 9050 [email protected]
circle-info

To implement Dynamic Port Forwarding, additional tools are required. These tools route all TCP packets independently of the application through a port to the proxy. Proxychains is often used for this purpose. Configuration can be done in /etc/proxychains.conf.

Configuration of Proxychains with the Corresponding Proxy

root@localhost$ tail -4 /etc/proxychains.conf

# meanwile
# defaults set to "tor"
socks4 	127.0.0.1 9050
circle-info

With Proxychains or SOCKS, only TCP scans are possible. SOCKS no longer supports partial UDP packets.

PreviousFundamentalsNextDNS

Last updated