# Pivoting

## Overview

### Scenario

You compromise a machine and see that it has another interface on it that's connected to a different network.&#x20;

We can use the compromised machine as a **pivot point** into the newly discovered network

<figure><img src="/files/xV23D7BrtH9hf3On0WOy" alt=""><figcaption><p>Dual-Homed Example</p></figcaption></figure>

Two methods (stated from  THM Wreath)

* **Tunnelling/Proxying**: Creating a proxy type connection through a compromised machine in order to route all desired traffic into the targeted network. This could potentially also be *tunneled* inside another protocol (e.g. SSH tunneling), which can be useful for evading a basic Intrusion Detection System **(IDS)** or firewall<br>
* **Port Forwarding**: Creating a connection between a local port and a single port on a target, via a compromised host

A Linux webserver is ideal for pivoting&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://oscp.adot8.com/post-exploitation/pivoting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.