Post-infiltration traffic forwarding experiment

Enterprise 2023-05-05 06:26:40 views: null

Table of contents

1. Experimental project name

2. The purpose of the experiment

3. Experimental content

4. Experimental environment 

5. Experimental steps 

6. Experimental results 

7. Experimental summary

1. Experimental project name

Post-infiltration traffic forwarding experiment

2. The purpose of the experiment

1. Master the method of ssh for traffic forwarding

2. Master the use of proxychains proxy software

3. Master the global proxy method of Burpsuite tool

3. Experimental content

Forward the traffic of port 1080 of the local machine to port 8022 of the target server through the ssh tunnel, and connect to port 1080 of the local machine for proxying, so that nmap of the attacking machine kali can proxy into the target intranet for scanning and proxy Burpsuite into the intranet

4. Experimental environment 

1. Experimental platform: CSIITR platform

2. Experiment target: 172.18.206.15 X

3. Tools:kali、proxychains、Burpsuite

5. Experimental steps 

1. Set up the springboard machine

2. Scan the intranet 192.168.223.1 host through the proxy of the springboard machine with nmap 

3. The scan found that the target host opened port 80 , so BurpSuite was used to set up a dual proxy and combined with Firefox, the web page of the intranet host could be accessed in the local Kali

6. Experimental results 

1. The proxy port of this machine is: 8080

2. The command for proxy nmap to scan the target intranet is: proxychains nmap 192.168.223.1

3. The global proxy of Burpsuite is set to: (ip:port) 127.0.0.1:8080

7. Experimental summary

1. Why does post-infiltration require traffic forwarding?

The purpose of building a proxy on the intranet host is to use it as a springboard to indirectly access the intranet, so that operations such as scanning and accessing services on the intranet can be performed; port forwarding is usually used to bypass the access set by network devices or host policies at the transport layer rules, or implement traffic transfer to enhance the concealment of attack links.

2. Besides using ssh tunnel to forward traffic, what other tools can be used?

 reDuh、reGeorg+Proxifier、rinetd

3. In this experiment, the proxy type configured in the proxychains configuration file is socks5. At this time, can proxychains be used to proxy the ping command and send ICMP traffic to the intranet? Please explain why?

Ping is transmitted based on icmp packets, and proxychains cannot proxy icmp packets. so use

Can proxychains proxy ping commands and send ICMP traffic to the intranet.

Guess you like

Origin blog.csdn.net/xiongIT/article/details/128174516
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com