SSHuttle

SSHuttle creates a tunneled proxy that acts like a new interface, simulating a VPN, allowing us to route our traffic through the proxy without the use of proxychains, all using ssh so the connection is encrypted.

sshuttle only works on Linux machines, python needs to be installed (uploading a python binary is possible) AND you need SSH access to the machine

Open a tunnel using sshuttle

sshuttle -r username@address subnet  
sshuttle -r [email protected] 172.16.0.0/24

Use -N to get sshuttle to automatically determine the subnets the machine is on using the servers routing table (doesn't always work).

sshuttle -r [email protected] -N

Connect back using a key file

sshuttle -r [email protected] --ssh-cmd "ssh -i private_key" 172.16.0.0/24

If the following error ever occurs we can get around it by excluding the compromised server out out the subnet we wish to forward to

client: Connected.
client_loop: send disconnect: Broken pipe
client: fatal: server died with error code 255

sshuttle -r [email protected] 172.16.0.0/24 -x 172.16.0.5

PreviousChisel NextDouble Pivot