PivotSuite

PivotSuite is a portable, platform independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network.

Source: https://github.com/RedTeamOperations/PivotSuite

Use cases & Scenarios

We have direct access to the target machine
The target machine is behind a firewall/NAT

Case 1 - Forward

We should execute PivotSuite server on the target:

Dynamic Port Forwarding - using Socks5

python pivotsuite.py -S -F --server-option SP --server-ip IP --server-port PORT

Single Port Forwarding - using TCP/UDP Relay

python pivotsuite.py -S -F --server-option PF --network-protocol T/U --remote-ip IP --remote-port PORT 
          --server-ip IP (local-ip) --server-port PORT (local-port)

Case 2 - Reverse

We should execute PivotSuite server on the Attacker machine:

python pivotsute.py -S -W

And execute the Client on the Target machine:

Dynamic Port Forwarding - socks

python pivotsuite.py -C -O SP --server-ip IP --server-port PORT

Local / Remote Port Forwarding

python pivotsuite.py -C -O PF  - L / -R (local or remote port forwarding) -P T/U  --local-ip IP 
              --local-port PORT --remote-ip IP --remote-port PORT  --server-ip IP --server-port PORT

Network Enumeration

python pivotsuite.py -C -O NE --server-ip IP --server-port PORT

Example: Reverse Dynamic Port Forwarding

Considerations

It opens the socks on 0.0.0.0
It generates a random port each time
The connection is not reliable

PreviousNeo-reGeorg NextData Exfiltration

Last updated 2 years ago

hashtagUse cases & Scenarios

hashtagCase 1 - Forward

hashtagCase 2 - Reverse

hashtagExample: Reverse Dynamic Port Forwarding

hashtagConsiderations

Use cases & Scenarios

Case 1 - Forward

Case 2 - Reverse

Example: Reverse Dynamic Port Forwarding

Considerations