You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to understand what happen to sessions if one of them dies in a pivoting scenario.
Let's consider the following example:
We have 3 hosts: A, B, C.
Host A can see only Host B.
Host B can see Host A and Host C.
Host C can see only Host B.
The idea is to attack Host A, use pivoting to attack Host B, and then again attack Host C through A+B. (A -> B -> C)
We do pivoting with autoroute module (post/multi/manage/autoroute), and all sessions are meterpreters.
This is the scenario after all the attacks have been done:
Host A: session "1"
Host B: session "2" via session "1"
Host C: session "3" via session "2"
If session "1" dies, I can't reach the others.
And if I try to re-estabilish a new session on Host A, let's say session "4" now, I'm still not able to reach sessions "2" and "3" through the new session "4".
From the msfconsole command "sessions" I can clearly see the new indication
Host A: session "4"
Host B: session "2" via session "1"
Host C: session "3" via session "2"
so opening a new session on Host A won't automatically update the pivoting correlation. What can I do to solve this scenario?
Is there a way to replace the pivoting indication into an updated
Host A: session "4"
Host B: session "2" via session "4"
Host C: session "3" via session "2"
manteining the sessions "2" and "3", or am I forced to let die sessions "2" and "3" and re-estabilish them once again via session "4"?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
I'm trying to understand what happen to sessions if one of them dies in a pivoting scenario.
Let's consider the following example:
We have 3 hosts: A, B, C.
Host A can see only Host B.
Host B can see Host A and Host C.
Host C can see only Host B.
The idea is to attack Host A, use pivoting to attack Host B, and then again attack Host C through A+B. (A -> B -> C)
We do pivoting with autoroute module (
post/multi/manage/autoroute
), and all sessions are meterpreters.This is the scenario after all the attacks have been done:
If session "1" dies, I can't reach the others.
And if I try to re-estabilish a new session on Host A, let's say session "4" now, I'm still not able to reach sessions "2" and "3" through the new session "4".
From the msfconsole command "sessions" I can clearly see the new indication
so opening a new session on Host A won't automatically update the pivoting correlation. What can I do to solve this scenario?
Is there a way to replace the pivoting indication into an updated
manteining the sessions "2" and "3", or am I forced to let die sessions "2" and "3" and re-estabilish them once again via session "4"?
I hope I made it clear.
Beta Was this translation helpful? Give feedback.
All reactions