Introduction
Port forwarding (Port Forwarding) is an application of network address translation (NAT 5351 port). Through port forwarding, data received on one network port can be forwarded to another network port. The forwarded port can be the port of the local machine , or it can be a port on another host.
In a real environment, various firewalls and intrusion detection devices deployed on the intranet will check the connection status on sensitive ports. If an abnormality is found in the connection, the communication will be immediately blocked. Through the port Forwarding, set the data of this detected sensitive port to be forwarded to the port allowed by the firewall, establishing a communication tunnel, which can bypass the detection of the firewall and communicate with the specified port. Port mapping (Port Mapping) is also network address
translation (NAT) is an application used to translate public network addresses into private addresses. Port mapping can map requests received by external network hosts to internal network hosts, so that internal network hosts without public network IP addresses can communicate with the outside world. Provide corresponding services.
Common forwarding tools
Currently, there are many popular port forwarding and intranet proxy tools, but the principles are roughly the same. The following will demonstrate how to perform port forwarding in different network environments through different scenarios.
60
LCX is a very classic intranet port forwarding tool. It is based on Socket and has the functions of port forwarding and port mapping. However, many anti-virus software have already added LCX to the signature library, and you need to perform anti-virus processing on your own during actual use.
1. The target machine has a public network IP
lab environment
![[The external link image transfer failed. The source site may have an anti-leeching mechanism. It is recommended to save the image and upload it directly (img-EGQQKUii-1675817749001)(https://secure2.wostatic.cn/static/imrNhU9jRgcv8iwtPBHujH/%E5%9B% BE%E7%89%87.png?auth_key=1673873400-iW6tBUt4E1h8sTDKFv4UZh-0-32b2dc75d5a11d5dd53a85d4c78933fc#id=siGBT&originHeight=306&originWidth=689&originalType=binary&ratio=1 &rotation=0&showTitle=false&status=done&style=stroke&title=)]](https://img-blog.csdnimg.cn/3a403ff4d1834f3ab9abb51265fcf2e5.png)
**Attack machine: **kali
ip: 192.168.204.128
**Target machine: **windows server 2012
ip: 192.168.204.
Assuming that you have obtained control of Windows Server 2012 at this time, you need to log in to its remote desktop to check the situation. However, the firewall has restricted port 3389 and does not allow external network machines to connect to port 3389. Then, through port forwarding, port 3389 can be forwarded to other ports allowed by the firewall, such as port 4444.
2. Port mapping
![[The external link image transfer failed. The source site may have an anti-leeching mechanism. It is recommended to save the image and upload it directly (img-h6vG78vG-1675817749002)(https://secure2.wostatic.cn/static/ipmsrkJCzVfK9Un4diXKTf/%E5%9B% BE%E7%89%87.png?auth_key=1673873400-juJJSiZnWsNzRQr4eoPDeb-0-b526f72c7798b3ff02bd9a89ff82fca6#id=wJ0ti&originHeight=344&originWidth=917&originalType=binary&ratio=1&rotation= 0&showTitle=false&status=done&style=stroke&title=)]](https://img-blog.csdnimg.cn/22b893c145784d4cac989ec494ae8247.png)
3. The target machine does not have a public IP
![[The external link image transfer failed. The source site may have an anti-leeching mechanism. It is recommended to save the image and upload it directly (img-eVNoNcmx-1675817749003)(https://secure2.wostatic.cn/static/fPYKRxZg3LxNZfweTWREZR/%E5%9B% BE%E7%89%87.png?auth_key=1673873400-v3N3V8hN1vgVYEgFesz6zM-0-47bd38d88afafcfa4cce1b652859871c#id=bgjkK&originHeight=400&originWidth=772&originalType=binary&ratio=1 &rotation=0&showTitle=false&status=done&style=stroke&title=)]](https://img-blog.csdnimg.cn/f7db7086b58345a3b570875664a2733e.png)