Description: This is Part 13 of the Security Metasploit Framework Expert (SMFE) course material. You can begin by watching Part 1 here: http://www.securitytube.net/video/2556 . Enjoy! Certifications page: http://www.securitytube.net/cert-list
In this video, we will look at how to use a compromised host to port forward the attacker traffic to internal hosts in the victim's network. This trick comes in extremely handy when the attacker needs to access internal applications and services on the victim's network which are not accessible via the public IP addresses. We will see how in this case, the attacker is able to access an internal web based file sharing service used by the employees of a company.
Please do leave your comments behind!
Tags: smfe , metasploit , hacking , port forwarding ,
another cool video
Do u want to send lab exercises here,or u want to keep them for SMFE certification students?bcz to really use metasploit we need more update and Practical ways,and i think u show the in labs...
Awesome explanation.
At this point a question : how to perform this over internet where systems are working behind NAT Servers.
How to bypass system firewall.
Thanks in Advance.
Nice vivek, will they be any challenges like in the WiFi series?
I am very sorry guys to interrupting you here, but i am not abel to finish (Wireless Lan Security Megaprimer Part 13 : Ssl Man-In-The-Middle Attacks)the man in middle attack an have a problems with burp suite. DNSspoofing is obviously working as i can see every request from my victim(laptop), but the burp suite is not intercepting nothing. I even set up manualy proxy configuration in firefox in my backtrack. After that i am able to intercept my own trafic, but still not from my victim
backtrack5R1 virtual box on windows 7
burp suite v1.4.01
java -version 1.6.0_20
victim(W vista)
@loop-back
try the following commands before starting the entire process
/etc/init.d/wicd restart
killall dhclient
killall dhclient3
and then start the video commands (again, do a reboot, execute this commands and start the process from the beginning...)
Thanks for this series .
please after completing metasploit megaprimer and book , , create a web application vulnerability certification and book .
im now at part 5 of metasploit megaprimer, will follow as it gets. can you please add some videos using karma as part of metasploit series? karma is vonderfull and might be pitty not to show the world vulnerability of wireless clients. man you good! thanks for all yout work
Thanks Guys! I'll try and incorporate your suggestions in the coming videos.
The next video in the series is now available: http://www.securitytube.net/video/2697
@loop-back
and if that does not work try to port forward your backtrack machine
echo 1 > /proc/sys/net/ipv4/port_forwarding
sorry *ip_forward
I like your way of explaining things Vivek. Good tutorial.