Simple-Port-Forwarding
Simple Port Forwarding Scenario
Secnario
Kali Machine (Attacker): Located on the internet, controlled by the attacker.
Compromised Machine: A server that is exposed to the internet and also has access to the DMZ network.
DMZ Internal Machine: A protected machine located inside the DMZ, not directly reachable from the internet.
Port Forwarding Using socat
Step 1. Execute socat command on compromised machine
socat TCP-LISTEN:8888,fork TCP:10.10.10.5:80
10.10.10.5 : IP of the DMZ machine
80 : Port of the DMZ machine
Step 2. Execute command on kali linux
socat TCP-LISTEN:8080,fork TCP:COMPROMISED_IP:8888
so form kali machine port 80 can be access via port 8080 which will be tunneled through port 8888.