1

This might be an incredible dumb question but I need to know if this concept is even possible.

I have obtained a low privileged shell on a target machine. After doing some enumeration I know the host to be vulnerable to EternalBlue but port 445 is blocked by firewall restrictions.

Is it possible to forward port 445 to my machine as a low privileged user? As can be seen in the screenshot below, I have this using MSF's socks4a module in combination with proxychains but my probes are being denied.

screenshot

I have also tried using MSF's portfwd module which for some reason kept killing my meterpreter sessions as soon as I connected to the local port.

Could somebody please clear this up for me?

user2081044
  • 111
  • 2
  • Sorry, we don't give tech support for individual exploitation. Such questions are explicitly marked as off-topic here. –  Sep 11 '19 at 08:05
  • Individual exploitation? I'm asking whether or not it's possible as a concept, not about a specific host. – user2081044 Sep 11 '19 at 08:08
  • "I have obtained a low privileged shell on a target machine." - That does not sound like a general, theoretical question. –  Sep 11 '19 at 08:10
  • That is literally the most general way to describe a very general situation. If I had written "Help me with this Windows 7 host for xxx.xxx.xxx.xxx that only has .NET framework 2.0 installed etc." I would have agreed with you. I'm asking about the concept, and these details are relevant to that specific concept. Port-forwarding is easy once you have elevated privileges, that's the whole point of the question. – user2081044 Sep 11 '19 at 08:18
  • If the majority of the community considers this question on-topic, then that's fine. I gave my opinion and my reasoning for it. If this upsets you, I'm sorry. –  Sep 11 '19 at 08:24
  • No problem, I see where you're coming from the way I asked the question. It's just that your opinion does not upset me but rather your flawed reasoning. I hope you understand. – user2081044 Sep 11 '19 at 08:26
  • It's a bit of a grey area, and it can be reasoned either way. Feel free to edit the question though to make it more general. For instance, when you used MSF's portfwd module, you had problems. If they are only on this specific host, then you're out of luck. If they happen on every host, then include it in the question. –  Sep 11 '19 at 08:31

0 Answers0