this part is about port forwarding/mapping


port forwarding is extremely useful when you need to access targets lying deep inside victim's network

as this simple diagram suggests, you can use port-fwd to redirect an RDP server that cannot be reached from outside

linux targets are usually either IoT devices or servers, when you look at a corp network, you probably want to use it as a foothold, and expose some services that are within its reach

port forwarding demo

emp3r0r implements a basic port-fwd module, which uses h2conn to communicate with CC. and as you can see in the demo, the port-fwd module supports multiple mappings running at the same time

a socks5 proxy via port-fwd module

why not?

launch a socks5 proxy on agent side, and expose it port to CC, that's how we get our socks5 proxy,

it works just fine, h2conn takes care of TLS, the connection is secure and looks legit


comments powered by Disqus