Merge pull request #27 from leesoh/ssh-updates

Add additional SSH config requirements
master
Jeff Dimmock 2018-06-18 18:30:00 -05:00 committed by GitHub
commit 832845c065
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 3 deletions

View File

@ -333,9 +333,15 @@ sysctl net.ipv4.ip_forward=1
### SSH for HTTP
We have previously covered using SSH for DNS tunnels. SSH works as a solid, and robust means to break through NAT and obtain a way for the implant to connect to a redirector and into your server environment. First you must set up GatewayPorts forwarding or it won't work, using the following syntax on the redirector:
We have previously covered using SSH for DNS tunnels. SSH works as a solid, and robust means to break through NAT and obtain a way for the implant to connect to a redirector and into your server environment. Before setting up an SSH redirector, you must add the following lines to `/etc/ssh/sshd_config`:
```nano /etc/ssh/sshd_config``` add ```GatewayPorts yes```
```text
# Allow the SSH client to specify which hosts may connect
GatewayPorts yes
# Allow both local and remote port forwards
AllowTcpForwarding yes
```
To forward the redirector's local port 80 to your internal teamsrver, use the following syntax on the internal server:
@ -353,7 +359,6 @@ ssh <redirector> -R *:80:localhost:80 -R *:443:localhost:443
Ctrl+B, D
```
### Payloads and Web Redirection
When serving payload and web resources, we want to minimize the ability for incident responders to review files and increase the chances of successfully executing the payload, whether to establish C2 or gather intelligence.