Re: OpenSSH_4.7p1, reverse shell
This is a discussion on Re: OpenSSH_4.7p1, reverse shell within the OpenSSH Development forums, part of the Networking and Network Related category; Bob, I appreciate your speedy response and your suggestions. The netstat showing all the information was very helpful. I noticed ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-02-2008
|
|||
|
|||
Re: OpenSSH_4.7p1, reverse shell
Bob,
I appreciate your speedy response and your suggestions. The netstat showing all the information was very helpful. I noticed something and I'm just curious if you have any information. Machine C is running OpenSSH v3.7 and A & B are running v4.7. If I switch the scenario and use A as the destination, I have to use a -P instead of -p. However with the first method, using v4.7 as starting point, I have to use a -p instead of -P. Was their a change in case between the versions?? Many thanks once again. On Tue, Apr 1, 2008 at 5:20 PM, Bob Proulx <bob@proulx.com> wrote: > Hayder Mouhammed wrote: > > What I am trying: > > > > On C: ssh -N -R 10000:localhost:22 root@machineB > > On B: running sshd > > On A: ssh root@machineB -p 10000 > > A useful tool to double check where ports are open for listening is > 'netstat'. Try this to see all listening connections: > > netstat -na | grep LISTEN > > netstat -na | grep :10000 > > Try that on all of the involved systems and verify where you are > listening. That can clear up a lot of confusion. > > The next thing to look for when trying to connect remotely is what IP > address the listening port is bound. This is controlled by > GatewayPorts=yes and I see that you set it in your sshd configuration. > Did you restart the daemon after changes to make sure they could take > effect? > 127.0.0.1 only accepts connections from the loopback interface. > 0.0.0.0 accepts connections from any network interface. Any specific > IP address would be assocated with that specific network device. > > After this I would simply 'connect'[*], or 'telnet' if that isn't > available, to the port and verify that you are getting an ssh banner. > > On C: > connect localhost 22 > > On B: > connect localhost 10000 > > On A: > connect B 10000 > > If the port is open and available but still blocked then I would look > for a firewall that is blocking the connection. > > Bob > >[*] http://www.meadowy.org/~gotoh/projects/connect<http://www.meadowy.org/%7Egotoh/projects/connect> > -- --H _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/li...enssh-unix-dev 
|
Linear Mode
