Pivoting

The trick here is to look for more IP addresses that are hidden. Look for ones that we didn't get from the initial ping sweep.

Look for more interfaces

ifconfig 
arp
route

Look at ALL the output.

ipconfig /all 
ipconfig /displaydns
netstat -ano

use post/multi/gather/ping_sweep
set the RHOSTS 101010/24

Meterpreter

run arp_scanner -r 10.10.10.0/24

meterpreter > run autoroute -s 172.30.111.0/24
use autoroute module

Run tcp portscan change threads to 10, and change ports to smaller.

search socks server
use
set port
edit /etc/proxychains4.conf
edit the last line to
socks4 127.0.0.1 1080
or socks5

Start by saying proxychain and then the command

we can also use proxychains to start our web browser.

Lets say we want to access a web server on port 80 on the victim machine.

portfwd add -l 8080 -p 80 <ip of victim that has the web server>

Last updated 2 years ago