Port Forwarding with Windows Netsh
Notes from completing this module on Hack The Box Academy (Tier II)
When to use?
When our pivot machine is a Windows system.
Scenario
In this scenario the pivot machine is a Windows system and the netsh
utility is used to forward the traffic from our local machine to the target Windows server (172.16.5.25).
The first step was to use the tool xfreerdp
to start a RDP session to the pivot host. Then, we configured a portproxy
using the netsh.exe
utility. The command below will forward all traffic coming to the pivot (10.129.236.31) on port 8080 to the target Windows server (172.16.5.25) on port 3389.
We can verify that the port forwarding was properly configured using the following command:
Once the port fowarding has been configured. We were able to start a RDP session for the Windows target server from our attacker host machine.
The following command uses xfreerdp
to connect to the pivot host on port 8080, but because we configured a tunnel, all traffic is forwarded to the Windows system with the IP 172.16.5.25 on port 3389.
Last updated