The basics of network pivoting with Bash
In the field of pentesting, it’s quite usual to utilize a breached system as a stepping-stone for exploring and accessing additional networks linked to that system. This section will explore the methodology that’s used to pivot through a compromised Linux Bash environment.
SSH port forwarding is a simple yet effective method for pivoting. It allows you to tunnel traffic through an SSH connection, enabling access to otherwise unreachable systems. In this section, we’ll cover two types of SSH port forwarding: local and remote.
Local port forwarding lets you forward a port from your local machine to a remote server through an SSH connection. The following command is an example of local port forwarding:
$ ssh -L 8080:internal_server:80 user@pivot_host
This command establishes an SSH connection to pivot_host and forwards local port 8080 to port 80 on internal_server through the pivot_host. After executing this command...
