Pivot from a compromised Linux host to its reachable networks.
Local Port Forwarding
Create a local port forwarding rule to pivot through the host for specific ports.
As netcat provides two-way communication, we can use it together with a named pipe to create a temporary local port forwarding rule.
mknod /tmp/mybackpipe p nc -l -p <allowed_inbound_port> 0</tmp/mybackpipe | nc <destination_host> <destination_port> 1>/tmp/mybackpipe &
Create a SOCKS proxy on the host to pivot all network traffic.
If you already have SSH access on the host, use it to create a listening SOCKS proxy on your machine that will tunnel traffic through the SSH session.
ssh -N -D 127.0.0.1:1080 <username>@<ip address>