Francisco G. Canteli

Laboratory

In the following link, you can find the repository that contains all the necessary files to deploy the Pivoting laboratory.

https://github.com/franc205/pivoting-lab

Walkthrough

In this walkthrough, we will outline how to start from a compromised machine and pivot within the network. To start, we have a scenario where we have already obtained the following credentials from the machine Jerry-PC, which we can use to authenticate via SSH to this machine:

Credentials:

User: root
Password: IAmJerry

Next, we will see how to configure our Attacker Machine to connect to the compromised machine.

Attacker-PC

Connection via NoVNC to Attacker-PC - Recommended

The laboratory has an Attacker Machine with Kali Linux. This Attacker Machine can be accessed through the browser by going to http://127.0.0.1:6080/vnc.html, as shown below:

The key to connect is kali.

Upon connecting, you will see that all the tools necessary for the Workshop are already installed and copied within the Attacker Machine:

SSH Connection to Attacker-PC

If we do not want to connect using a graphical interface, we can use SSH to connect to the Attacker Machine. To do this, log in via SSH with the following command:

Code:

ssh [email protected] -p 2222