So you’re broke and you don’t own msfpro, cobalt strike or any of the other expensive tools that allow vpn pivoting. (FYI: Paying for tools like cobalt strike helps Raphael Mudge continue to keep developing free tools like Armitage)

So now that that’s out of the way lets explain the scenario.

You’ve managed to get a meterpreter session on a box via a webshell (possibly a network firewall… Continue reading

So I got bored this evening and decided to write a quick and simple python SSH bruteforcer (I wanted to learn how to use paramiko).

It takes the dictionary in a user:pass format.

It’s not the most efficient as it uses a sleep (300ms) function, if i get the time to play i’ll use some form of thread queuing to ensure that you can throttle the requests. Might also be… Continue reading

This will allow your VNC session to run over the ssh session, just vnc to yourself

1ssh username@ -L 5900:

This will set up a SSH SOCKS5 proxy on port 8080 (don’t forget to set your borwser proxy to socks5 8080)

1ssh username@ -ND 8080

This allows mounting of a remote file system over ssh. Ensure that theĀ sshfs package is installed.

1sshfs /media/ssh -o allow_other