So you’re broke and you don’t own msfpro, cobalt strike or any of the other expensive tools that allow vpn pivoting. (FYI: Paying for tools like cobalt strike helps Raphael Mudge continue to keep developing free tools like Armitage)
So now that that’s out of the way lets explain the scenario.
You’ve managed to get a meterpreter session on a box via a webshell (possibly a network firewall… Continue reading
So I got bored this evening and decided to write a quick and simple python SSH bruteforcer (I wanted to learn how to use paramiko).
It takes the dictionary in a user:pass format.
It’s not the most efficient as it uses a sleep (300ms) function, if i get the time to play i’ll use some form of thread queuing to ensure that you can throttle the requests. Might also be… Continue reading
This will allow your VNC session to run over the ssh session, just vnc to yourself
1ssh username@123.123.123.123 -L 5900:127.0.0.1:5900This will set up a SSH SOCKS5 proxy on port 8080 (don’t forget to set your borwser proxy to socks5 8080)
1ssh username@123.123.123.123 -ND 8080This allows mounting of a remote file system over ssh. Ensure that theĀ sshfs package is installed.
1sshfs phillips321@torrenter.co.uk:/var/www /media/ssh -o allow_other