Re: Reverse Shell?

From: Jacob S (stormspotter_at_6Texans.net)
Date: 07/11/05

  • Next message: Jacob S: "Re: Reverse Shell?" 
    Date: Mon, 11 Jul 2005 11:33:13 -0500
To: debian-user@lists.debian.org

    On Mon, 11 Jul 2005 09:30:19 -0600
    bob@proulx.com (Bob Proulx) wrote:

    > Jacob S wrote:
    > > I have a friend that I'm helping upgrade Debian on their desktop.
    > > This friend is not very computer literate - even in Windows. So
    > > they're having a problem that I need to troubleshoot, but they're
    > > behind a firewall so I can't ssh into their computer.
    > >
    > > There are not currently any ports forwarded from the firewall to
    > > this computer and we do not have any access to the firewall to
    > > enable something like this, either. What I am hoping is that I can
    > > have them establish an ssh connection into my firewall with some
    > > software that would then allow me to get a shell on their computer.

    <snip - good legal disclaimer>
    > However if that is difficult, the security issues understood, then you
    > can open a tunnel with ssh from their machine to yours. You could
    > follow the tunnel back to their machine and then help them. Here is
    > an example:
    >
    > ssh -N -P -R 2222:$(hostname):22 user@remotehost
    >
    > That ssh's into the remote machine and opens a listening connection on
    > port 2222. Connections to that port will be forwarded through the
    > tunnel to the local host port 22. You would give your friend a login
    > on your machine (user@remotehost) and they would also give you a login
    > on their machine too so that you would be able to log in there.
    <snip>
    > You would connect to your friend's machine through the tunnel like
    > this:
    >
    > ssh -p 2222 localhost

    Ah, and we see once again why Debian-user is such a powerful resource...
    I hadn't even noticed the -R option for ssh. :-(

    Thanks, Bob, Frank, Steve and Henrik for the useful examples and
    explanations. That works beatifully! :-)

    Jacob 

    -- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
  • Next message: Jacob S: "Re: Reverse Shell?"

    Relevant Pages

    • Re: Mac `owned in hacking competition
      ... the router's port forwarding rules. ... The firewall or a NAT router only stops connections initiated from ... ssh will let you set up forwarded ports in both ... You start an ssh session from the target machine (this is ...
      (uk.comp.sys.mac)
    • RE: ssh attempts
      ... Change the port to something different than port 22. ... Subject: Re: ssh attempts ... > forget the excellent iptables firewall you probably already have on ... >>> Computer Emergency Response Teams, ...
      (Security-Basics)
    • RE: Tunneling over ssh with termination by the FW
      ... I would use something like Putty (ssh client software) to open a secure ... tunnel with the firewall. ... If the firewall has the sshd running on port ...
      (SSH)
    • Re: need help for setting SSH Server for Windows XP
      ... In my windows firewall proper ports are opened. ... Changing from port 22 to ports 80, 443 also doesn't give any results. ... static LAN IP of the server PC. ... It is *NOT* a valid test to call the SSH server PC from another ...
      (microsoft.public.windowsxp.work_remotely)
    • Re: PLINK and/or PuTTY -- Logon to Linux with no Privileges
      ... port 443 so it would look like HTTPS to a firewall (is that right ... We've tried just regular VNC, with no luck, then tried it on port 80, ... and would rather me run a tunnel than pay to have anything ...
      (comp.security.ssh)