⏪ Reverse SSH Listenner (?) #18816
Unanswered
CosasDePuma
asked this question in
Q&A
Replies: 1 comment
-
we have the infrastructure for it since i got rev ssh shells to work but it requires some plumbing: we have an ssh server module which accept null-auth sessions for rev shells and the SSH client stack for bind shells so if we can initiate channelization from the client (server-side requests aren't honored by clients) then we an leverage the SSH-native port-forwarding so long as the server side allows it. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I would like to know if it is possible to do reverse port forwarding (
ssh -R 4444:0.0.0.0.0:4444
) using thessh_login
module.After getting a session, I have not been able to find any way to do port forwarding without escalating to meterpreter.
Likewise, doing
sessions -u 1
after having set the corresponding LHOST and LPORT, returns nothing (which is another thing I don't understand):I can ping from the victim machine to the attacker machine, so there is connectivity. I am not aware of any fw on the network either.
Beta Was this translation helpful? Give feedback.
All reactions