This experiment realizes local 22-port forwarding and remote 3389-port forwarding through iptables, and the same from the hacker's point of view, you can only see the traffic from the jump server to the hacker IP, but you can see the two-way traffic on the jump board, whether it is local forwarding or remote forwarding, it is operated on the jump board, which is the same as the port forwarding tool rinetd, it can be seen that the control of the jump server is the control of the intranet~
AILX10
Excellent answerer in cybersecurity
Master's in Cybersecurity
Go to consult
Experiment 1: Forward the local port to the local port
iptables -t nat -A PREROUTING -p tcp --dport 8022 -j REDIRECT --to-port 22
ssh 192.168.199.247 -p 8022
If you observe traffic from the hacker's perspective, you can only capture the traffic from the private IP address to the hacker's IP address
From the perspective of the intranet, you can see the bidirectional traffic
Lab 2: Forward the local port to the remote port
iptables -t nat -A PREROUTING -p tcp --dport 13389 -j DNAT --to-destination 192.168.199.185:3389
# PREROUTING链:在进行路由选择前处理数据包(做目标地址转换)
# 去往跳板机机 13389 端口的流量 转发 到内网的3389端口
iptables -t nat -A POSTROUTING -p tcp -d 192.168.199.185 --dport 3389 -j SNAT --to-source 192.168.199.247
# POSTROUTING链:在进行路由选择后处理数据包(对数据链进行源地址修改转换)
# 去往内网 3389 端口的流量 修改源IP是跳板机
By accessing port 13389 of the jump server, hackers can access port 3389 of the intranet host and achieve remote login.
From the hacker's perspective, only port 13389 traffic from the jump server to the hacker's IP address can be seen
From the perspective of the jump server, you can clearly see the direction of the request: the hacker IP requests port 13389 of the jump server, and then the jump server accesses port 3389 of the intranet, and immediately sees the direction of the response: port 3389 of the internal network responds to the jump machine, and port 13389 of the jump server responds to the hacker IP
Cyber security has a long way to go, wash and sleep~
Posted on 2022-07-11 22:02 Zhihu