[framework] Pivoting vs port forwarding

[Jerome Athias]

First, from:
http://www.metasploit.com/projects/Framework/documentation.html

<quote>
[ Sockets ]

UdpSourceIp - Force all UDP requests to use this source IP address (spoof)

ForceSSL - Force all TCP connections to use SSL

ConnectTimeout - Standard socket connect timeout

RecvTimeout - Timeout for Recv(-1) calls

RecvTimeoutLoop - Timeout for the Recv(-1) loop after inital data

Proxies - This variable can be set to enable various proxy modes for TCP
sockets. The syntax of the proxy string should be
TYPE:HOST:PORT:, with each proxy seperated by a
comma. The proxies will be used in the order specified.
</quote>

Then,
http://www.metasploit.com/projects/Framework/docs/meterpreter.pdf
search for "portfwd":

<quote>
A.3.3 portfwd
Usage: portfwd [ -arv ] [ -L laddr ] [ -l lport ]
[ -h rhost ] [ -p rport ] [ -P ]
Arguments
35
-a Indicates that the port forward is to be added. This
instruction is mutually exclusive with -r and -v.
-r Indicates that a port forward is to be removed. This
instruction is mutually exclusive with -a and -v.
-v Indicates that a port forward list should be provided.
This instruction is mutually exclusive with -a and -r.
-L Specifies the local address that will be listened on by the
client machine. This parameter is optional.
-l Specifies the local port that will be listened on by the
client machine.
-h Specifies the host or IP address of the computer that is
on the network that the server is a part of.
-p Specifies the port of the host that is to be connected to.
-P Indicates that a local proxy listener should be created
that will allow for building dynamic port forwards.
This command is an advanced means by which TCP connections
can be tunneled through the connection between the client and the
server to hosts on the server’s network. This allows the client to
access hosts on the server’s network which may not otherwise be
directly accessible. It is also useful for chaining exploits as it can
forward a port locally to a vulnerable service port on a machine
inside the server’s network. This concept was robustly implemented
by Core ST[2] using system call proxying.
To create a port forward the -a parameter is specified. The -L
parameter used in conjunction with the -l parameter provide information
about the host and port to listen on locally. The -h and -p
parameters provide the same information but are instead describing
the server inside the network of the remote server.
To create a port forward the -r parameter is specified. The arguments
should mirror that of which was specified when the port
forward was created, excluding the -a parameter.
Finally, to view a list of port forwards for book keeping purposes
the -v parameter can be specified.

Page 35/36
</quote>

My 2 dongs ;-)
Hope it helps



lo127001 a écrit :
> I've read from one or two websites that Meterpreter supports pivoting 
> in 3.0. Is this that correct? Is it implemented with Port forwarding? 
> Can someone point me in the right direction?
>
> Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3253 bytes
Desc: S/MIME Cryptographic Signature
Url : http://spool.metasploit.com/pipermail/framework/attachments/20070801/9669a3d6/attachment.bin