Pivoting through networks

What is Pivoting ?

Being able to access networks that we do not have access to by using a compromised server. You can there for access the new networks by tunnelling all the traffic via the compromised server (Pivot Point).

Pivoting Example

Bellow is an example network topology, there is a server with two NICs which can access both the and the (DMZ) Network. That server in this topology is the only server that can access both the DMZ and network.


The first step would be to compromise the server with access to both networks. This is shown bellow with the label of “RD”.


By then setting up a pivot on RD you can then access the DMZ Network. All traffic is then tunnelled via the pivot and acts as an outbound/inbound interface for you to use.


How to setup a pivot ?

I’ve made a few guides for the most common ways to pivot.

Guide Links

Local port forwarding - Understanding ssh port forwarding

sshuttle - creates a vpn like pivot via ssh (Highly recommended)

Proxychains - Uses ssh port port forwarding (Pros and cons but still useful)

Meterpreter - requires a meterpreter sessions on a compromised server

comments powered by Disqus