PivotSuite

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network.

Source: https://github.com/RedTeamOperations/PivotSuite

Use cases & Scenarios

1. We have direct access to the target machine

2. The target machine is behind a firewall/NAT

Case 1 - Forward

We should execute PivotSuite server on the target:

• Dynamic Port Forwarding - using Socks5

python pivotsuite.py -S -F --server-option SP --server-ip IP --server-port PORT

• Single Port Forwarding - using TCP/UDP Relay

python pivotsuite.py -S -F --server-option PF --network-protocol T/U --remote-ip IP --remote-port PORT 
          --server-ip IP (local-ip) --server-port PORT (local-port)

Case 2 - Reverse

We should execute PivotSuite server on the Attacker machine:

python pivotsute.py -S -W

And execute the Client on the Target machine:

• Dynamic Port Forwarding - socks

python pivotsuite.py -C -O SP --server-ip IP --server-port PORT

• Local / Remote Port Forwarding

python pivotsuite.py -C -O PF  - L / -R (local or remote port forwarding) -P T/U  --local-ip IP 
              --local-port PORT --remote-ip IP --remote-port PORT  --server-ip IP --server-port PORT

• Network Enumeration

python pivotsuite.py -C -O NE --server-ip IP --server-port PORT

Example: Reverse Dynamic Port Forwarding

Open the server on Attacker

Connect the client to the server

Connected

We can access through proxychains

Wireshark Results

Considerations

• It opens the socks on 0.0.0.0

• It generates a random port each time

• The connection is not reliable