i0.alias Posted May 17, 2015 Share Posted May 17, 2015 I'm looking to set up a reverse_tcp tunnel between two separate home environments. Currently I'm thinking NAT may be an issue. I'm currently thinking I just need to set up port-forwarding to my pentesting laptop. Am I missing anything else? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted May 17, 2015 Share Posted May 17, 2015 You could just setup a VPN between them. VPN may be easier depending on the firmware of your devices. Quote Link to comment Share on other sites More sharing options...
i0.alias Posted May 17, 2015 Author Share Posted May 17, 2015 I'm aiming for a solution that can be 100% scripted. Would I be able to create a VPN through Powershell? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted May 17, 2015 Share Posted May 17, 2015 You can do a point-to-point VPN with your two routers. That way the PCs dont need to be configured at all and it would be connected as long as both routers are online. Quote Link to comment Share on other sites More sharing options...
i0.alias Posted May 17, 2015 Author Share Posted May 17, 2015 Is there not a solution that doesn't requireme to configure something like that? This exercise is supposed to simulate an actual attack not a staged play. lol Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted May 17, 2015 Share Posted May 17, 2015 Ah, I didn't understand it was for pentesting purposes. I thought you just wanted to connect the networks. Port forwarding the ports the tunnel uses should work in theory. It all depends if you have a direct IP to the internet or if you get internet that is behind another NAT that is sub leased in a way. I have seen people that live in apartments behind a NAT they do not control that plugs in as the internet source for their NAT Router. In that situation, forwarding the ports on your router would not work since there is another NAT layer preventing incoming connections. A simple way to check is to pick your favorite show your IP website and see if that matches the external IP address your router is detecting. Quote Link to comment Share on other sites More sharing options...
i0.alias Posted May 17, 2015 Author Share Posted May 17, 2015 Looks like they match. When I set up the meterpreter to listen on port 443, my port-forwarding needs to direct all incoming traffic on port 443 to my laptop. Am I missing anything? Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted May 17, 2015 Share Posted May 17, 2015 I wouldn't think so. It's been a few years since I've played with metasploit. Check out this resource: http://www.offensive-security.com/metasploit-unleashed/Main_Page Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.