Lateral Movement

Pivot from a compromised Windows host to its reachable networks.

Meterpreter Single Channel

Get a reverse meterpreter shell through an existing meterpreter session, thus, building a single peer-to-peer channel between meterpreter sessions.

• Set the ReverseListenerComm option to the session you want to pivot from
• Set the LHOST option to the IP address of the session you want to pivot from

Reference: https://www.youtube.com/watch?v=IsrWJL0gIlg

Local Port Forwarding

Create a local port forwarding rule to pivot through the host for specific ports.

Using NetSh

Create rule:

netsh interface portproxy add v4tov4 listenport=<PORT> listenaddress=<IP> connectport=<DPORT> connectaddress=<DEST_IP>

Show rules:

netsh interface portproxy show all

Delete rule:

netsh interface portproxy delete v4tov4 listenport=<PORT> listenaddress=<IP>

SOCKS Proxy

Create a SOCKS proxy on the host to pivot all network traffic.

Using PowerShell (Invoke-SocksProxy)

• https://github.com/p3nt4/Invoke-SocksProxy