Practical Local Port forward
This post is supplemental to the previously posted SSH tunneling cheat sheet to provide a practical example for the local port forward section.
Example:
Gobuster:
Let’s say we want to run gobuster on our target: 172.0.0.1:80. We can not access the target directly from our host machine, but we can pivot through a foothold machine (10.10.10.10).
We set a local port forward to forward traffic from our host machine port 80 to the target (172.0.0.1) port 80 via the jump box (10.10.10.10).
For more details on the following commands, visit the Pivoting with SSH post.
Assuming we have a config setting for the Jump box as Jmp:
ssh -L 80:172.0.0.1:80 Jmp
Without ssh config:
ssh -L 80:172.0.0.1:80 -i key.priv user@10.10.10.10
We can now run gobuster on our localhost port 80, and these requests will be forwarded to our target:
