Learn how to use the Secure Shell service to pivot through a compromised host to a target in this video.
- [Instructor] We can set up a pivot…to gain access to an internal network using Metasploit.…I'll use the Metasploit console to take…meterpreter connection from my Windows system.…Okay, we've started the reverse TTCP handler.…I'll run the meterpreter implant…that I previously created and sent…to simulate a malicious attachment to the Windows system.…
Okay, we've got our meterpreter session one.…We can use the shell to check the network configuration.…And we can see the two network interfaces.…Let's go back up to meterpreter…and background the session.…We can now use Metasploit's autoroute module…to pivot through this compromised host.…
And we can see that we've set up the routing…on the IE9 Winds7 host.…So, 10.1.1.0 24.…Let's now use this pivot to target 10.1.1.5.…And we can see we've pivoted to our Tiny Linux target…which is running open SSH version 5.8.…
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS
Skill Level Advanced
Ethical Hacking: Penetration Testingwith Lisa Bock1h 29m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
1. Preparing the Lab
Next steps1m 38s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.