Basic Pivoting Techniques

In this post I am going to cover off a few basic pivoting techniques. I was recently asked by someone in my team to give a talk about pivoting at our recent internal security conference. This post is a result of that talk.

For the talk I decided to demonstrate a few basic pivoting techniques however not wanting to relying on the demo gods to be on myside I screen recorded all the techniques. On the day I talked through the video clips. This had the added benefit of the guys being able to watch and learn in their own time. So here they are:

SSH Local Port Forwarding:

SSH Reverse Port Forwarding:

SSH Dynamic Port Forwarding + Metasploit over SSH:

SSH Tunnelling (not port forwarding):

Metasploit: Local Port Forwarding (through existing meterpreter session)

Metasploit: Reverse Port Forwarding (through existing meterpreter session)

A little demo of putting it all together (using reverse port forwarding, meterpreter and covenant: