Tuesday, June 14, 2016

METASPLOIT - Port Forwarding


- Layout for this exercise:

- In this attack Kali wants to access a web server on the Linux victim machine, using XP system as a pivot..

- First of all, a meterpreter session is achieved by exploiting the XP machine:

- We learn that XP has got two interfaces. The second interface is connected to the inner network

- The active meterpreter session is number 1:

- Using session 1 to add a route to

- Printing the route:

- Scanning from the active meterpreter session 1:

- Once discovered a TCP port scanning is performed, from port 1 to 500:

- Now, portforwarding is enabled to access the victim (IP on port 80) from local port 9999. In this way the attacker would receive on localhost:9999 the web service from

- Actually, a local listening port has been created on 9999. The forwarding connection will forward web services from to localhost:9999, although attacker and victim are not directly connected because they are in different networks. The meterpreter session performs the connection in the background:

- The attack is successful when connecting the attacker's browser to localhost:9999:

1 comment:

  1. If you need your ex-girlfriend or ex-boyfriend to come crawling back to you on their knees (no matter why you broke up) you got to watch this video
    right away...

    (VIDEO) Why your ex will NEVER come back...