infosecn1nja
/
Red-Team-Infrastructure-Wiki
mirror of https://github.com/infosecn1nja/Red-Team-Infrastructure-Wiki.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update README.md

master
Vincent Yiu 2018-03-28 18:07:18 +01:00 committed by GitHub
parent c037d1fd57
commit b85fc7e5a5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
README.md
View File

@ -328,6 +328,29 @@ iptables -P FORWARD ACCEPT
sysctl net.ipv4.ip_forward=1
```
### SSH for HTTP
We have previously covered using SSH for DNS tunnels. SSH works as a solid, and robust means to break through NAT and obtain a way for the implant to connect to a redirector annd into your server environment. First you must set up GatewayPorts forwarding or it won't work, using the following syntax on the redirector:
```nano /etc/ssh/sshd_config``` add ```GatewayPorts yes```
To forward the redirector's local port 80 to your internal teamsrver, use the following syntax on the internal server:
```
tmux new -S redir80
ssh <redirector> -R *:80:localhost:80
Ctrl+B, D
```
You can also forward more than one port, for example if you want 443 and 80 to be open all at once:
```
tmux new -S redir80443
ssh <redirector> -R *:80:localhost:80 -R *:443:localhost:443
Ctrl+B, D
```
### Payloads and Web Redirection
When serving payload and web resources, we want to minimize the ability for incident responders to review files and increase the chances of successfully executing the payload, whether to establish C2 or gather intelligence.