# Rpivot Source: ## Requirements * Python 2.6/2.7 * Add this line to the /etc/proxychains.conf file: * *socks4 127.0.0.1 1080* ## When to use rpivot? Imagine this scenario:

Diagram

* **A** machine can connect to **B** * **B** machine can connect to **C** * **C** can't connect directly to **A** * So, in this case, we can use rpivot from C to B proxying the access * After that, we can access **A** directly from **C**

Open the server - Machine C

Connect the client to the server - Machine B

3rd one - Machine A

Extracting the Shadow of the 3rd machine

#### #### In Wireshark we can see that all the communication happened through port 4444 that we set up with rpivot

Wireshark Results

## ## We can also PIVOT through a NTLM Proxy In this case, we **add** in the client side these flags: ```bash --ntlm-proxy-ip --ntlm-proxy-port 8080 --domain DOMAIN.COM --username John --password password ``` Or using *pass the hash*: ```bash --ntlm-proxy-ip --ntlm-proxy-port 8080 --domain DOMAIN.COM --username John --hashes ```