Squidbobble Posted August 6, 2014 Share Posted August 6, 2014 Hey, this is my first post here, sorry for the question but I was just wondering if I could get a nudge in the right direction. My target would of course be aware of what I was doing and I would have their full permission but I was wondering how I would go about connecting to a remote host and not a local one as I have only ever experimented with local machines. Thanks in advance! Quote Link to comment Share on other sites More sharing options...
dustbyter Posted August 6, 2014 Share Posted August 6, 2014 The process would not be very much different... The main difference would be the network plugging. Quote Link to comment Share on other sites More sharing options...
Squidbobble Posted August 6, 2014 Author Share Posted August 6, 2014 The process would not be very much different... The main difference would be the network plugging. Can you elaborate please? I'm fairly new to this all ^^ Quote Link to comment Share on other sites More sharing options...
Computer_Security Posted August 6, 2014 Share Posted August 6, 2014 I know that you would have to set up port forwarding on your router which is very simple Quote Link to comment Share on other sites More sharing options...
Squidbobble Posted August 6, 2014 Author Share Posted August 6, 2014 I know that you would have to set up port forwarding on your router which is very simple For the port that I used to set up the payload I presume? And yeah, port forwarding is very simple, done it before many times Quote Link to comment Share on other sites More sharing options...
Guest spazi Posted August 6, 2014 Share Posted August 6, 2014 I'm guessing some kind of payload with a reverse https. That way you know it will go through the firewall. Quote Link to comment Share on other sites More sharing options...
cooper Posted August 6, 2014 Share Posted August 6, 2014 Start up wireshark and look at the traffic going between you and your local target as you do your thing. Don't look so much at _what_ gets sent (probably encrypted anyways) but what ports and protocols are used, and who initiates the connection. From that, you can make a list of things that your router should now provide you if you want to do that exact same thing with a remote machine. So you get something like: Make a TCP connection from me to target on port 1234. Make sure router allows outbound traffic to port 1234 Acquire shell on target using this connection. Make target download payload from local machine on port 443. Router must direct incoming traffic for 443 to my local machine. Profit! Quote Link to comment Share on other sites More sharing options...
GuardMoony Posted August 6, 2014 Share Posted August 6, 2014 Why not watch the show metaspoid minute. If made for these kind of things. http://hak5.org/category/episodes/metasploit-minute Quote Link to comment Share on other sites More sharing options...
Squidbobble Posted August 6, 2014 Author Share Posted August 6, 2014 Awesome, thanks for all the replies guys, I appreciate it all! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.