Saturday, 12 April 2014

Netcat Relay for Penetration Testing

Hello Guys. In this post, I would explain to you about Netcat relay which has very little video presentation on how it is done especially for penetration testing purpose. So I have done a simple video illustrating how in a penetration testing process, you may use Netcat relay to achieve something which is useful.

Netcat Relay

In this video, the scenario would be like below;

1) There will be three machines in this tutorial. 
  1. Windows Machine (Hacker's Machine)
  2. Kali Linux Machine (A machine assuming in the DMZ environment of the target network)
  3. Ubuntu Machine (A machine which is in the same network as DMZ but not accessible by the Hacker's machine)
2) Assuming that, the hacker manage to exploit a vulnerability in Kali Linux box and saw that the Kali Linux has an SSH connection inbound and outbound with the Ubuntu box.

3) Unfortunately, the hacker could not access the Ubuntu machine with SSH connection because it will drop IPs from unknown source.

4) Since Ubuntu SSH connection would give a terminal access for the hacker, he wants to access the Ubuntu machine. How? He would set up a Netcat listener in the Kali Linux box that would pipe any command that comes to the listener to another Netcat session which would forward it to the Ubuntu machine.

Confusing? I was at the first place, but when I get m head around it, it is very easy and powerful. So watch the video and let me know if it is good or somewhat not. Hope it will be helpful for you guys. Thanks.



             

2 comments:

  1. Thanks for sharing. Learn a lot from your Blog.I have read your blog about Penetration Testing It is very help full.I really enjoyed reading it, you may be a great author.I must say you've done a wonderful job by sharing your article with us. External penetration testing

    ReplyDelete
    Replies
    1. Hi Wilson

      Thanks for your generous comment. Really appreciate it. Hope to keep in touch with you more often! Have a nice day buddy!

      Delete