1

During a pentest and I experienced a weird problem with connecting to the target machine which is behind a NAT network the scenario is basically,

they have a public ip : 1.1.1.1

and there are multiple machines within the network with IPs 172.16.2.0/24

those machines can connect to each other but cannot reach the internet basically, and through the webshell you cannot ping anything because it takes the ip of the private machine which is unreachable from the internet

So is there any way I can either use bind or reverse shell?

SilverlightFox
  • 33,408
  • 6
  • 67
  • 178
Security Geek
  • 11
  • 2
  • 1
    This might help: https://www.blackhat.com/presentations/bh-usa-08/Miller/BH_US_08_Ty_Miller_Reverse_DNS_Tunneling_Shellcode.pdf – paj28 Sep 14 '16 at 11:32
  • @Security Geek You mean the private IP's can't reach to Internet? You mean they are on air gapped gnetwork? – Sravan Sep 14 '16 at 11:50
  • Yup they can't , also they use linux os not windows – Security Geek Sep 14 '16 at 11:51
  • @Security Geek You need atleast one machine in that network to be able to reach Internet. Then you can use `netcat pivoting`. You can google that. – Sravan Sep 14 '16 at 12:03
  • there is no way to get a reverse w/o doing so ? there are a couple of machines in the network but it's kinda of difficult to interact with it within only a webshell – Security Geek Sep 14 '16 at 12:12
  • @SecurityGeek Yeah... there is no way except pivoting. – Sravan Sep 15 '16 at 10:22
  • In theory there are some more possibilities, but all of them require more privileges than pivoting, so in reality I agree to the above: your way to go is ncat or netcat pivoting/chaining. – Draugr Sep 15 '16 at 11:16

0 Answers0