Let’s suppose we don’t know the what other hosts are present in the same network of our compromised machine. We can now add the route to the network by running the command route add as follows: The following screenshot shows the meterpreter session on the exploited machine (192.168.75.5):Īs we can see from the ipconfig the target network is 192.16.78.0/24. Run Nessus service within the proxy ( tools like proxychains and tsocks work fine ).Start a proxy on the exploited machine ( this will be used by Nessus ). ![]() Add a route to the target network ( within meterpreter ).The steps to get pivoting to work are the following: Since the machines are on different networks, the attacker cannot directly communicate with the target. This host is not accessible from Internet, 192.168.78.25: is the target machine, the one the attacker wants to scan.192.168.78.5: is the compromised machine that the attacker will use for pivoting.Let’s first define the scenario and then we will go through the configuration steps. We will show you how to configure Nessus and Metasploit and then discuss these issues. You can find his article here: ĭuring our tests we have found limitations and issues to this technique. In this post we will use Nessus as a vulnerability scanner.ĭigiNinja has discussed this topic in depth before. ![]() ![]() ![]() What we want to discuss today, is not exploiting machines through pivoting (that we cover in depth in our course), but how pivoting can be used, during the Post-exploitation process, to scan internal networks, not directly accessible to us. Pivoting can be done in Metasploit, it works very well and it’s quite simple to do. Most of the time the attacker uses this technique to infiltrate multiple computers and subnets in order to reach his ultimate goal (dumping a database, accessing isolated information…). With this technique, an attacker can use a compromised machine as a “pivot” to attack other machines in the same or in other networks that the compromised host can reach. One of the best features that Metasploit offers is the ability of “pivoting”. Tools: Nessus, Metasploit, Nmap, proxychains.Īttention: In our tests proxychains works only on 32 bit Backtrack 5 Home Blog postsNessus and Metasploit: Scan networks in pivoting Nessus and Metasploit: Scan networks in pivoting
0 Comments
Leave a Reply. |