Aidan Mitchell

Lateral-Movement

Reverse Port Forwarding for Lateral Movement - Jul, 2023

Oftentimes on engagements, I find myself with credentialled access to a Windows host. Whether it be the product of harvesting credentials, stealing them from docs or scripts, or being provided with them as part of a collaborative exercise, the first thing I like to achieve is the ability to route network traffic via the host and to avoid having to do anything else with the host for the rest of the engagement.