Our Scenarios

SSH tunnelling #1


Network tunnelling is a technique that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network through a process called encapsulation.

This is very important for Penetration Testers because very often you will be attacking systems that are accessible from the Internet (example of a public network). However, if you manage to compromise one of these systems, you will then have access to one or more private networks; these private networks would only be reachable from your compromised target, so you have to use tunnelling techniques to access them from your own machine.

A very common way to create tunnels is to use the SSH protocol. In this scenario, we will explore ways to setup local port forwards as tunnels to interact with otherwise inaccessible services.

What you will learn

This scenario introduces the concept of tunneling using SSH and local port forwards. After completing it you should learn: - how to setup a SSH local port forward. - use this to interact with a target that would otherwise be inaccessible.

Scenario pre-requisites

It is recommended, but not necessary to be familiar with the following concepts: - Exploiting arbitrary file upload vulnerabilities - basic linux usage

However, it is still possible to follow the mission and complete the assessment by learning as you go.

Technical Details

This scenario contains one virtual machine.