Use pivoting to hack clients that aren’t directly accessible.

First, we exploit a publicly-visible client. Then, using pivoting, we attack a second client on the same network. Outside access to the second client is blocked by a firewall, which is why we must use pivoting to attack it.

TARGETS: Windows XP Pro service pack 2

EXPLOITS: The meterpreter payload in Metasploit

SOFTWARE: BackTrack5

KEY CONCEPT – Pivoting:

Pivoting refers to the practice of hacking a network computer or server and then using that host to attack other computer systems from within the network. By launching attacks from within the network, the attacker bypasses firewall policy and can execute attacks that would not be possible from outside the network. By using a compromised system to launch attacks from, the attacker has an improved prospect of remaining undetected and can leave less of a fingerprint.

The full notes for this tutorial are available on my website:
http://www.danscourses.com/Network-Penetration-Testing/metasploit-pivoting.html

MORE DAN’S COURSES

Subscribe!
http://www.youtube.com/subscription_center?add_user=danscourses

More security videos:
http://www.youtube.com/user/danscourses#grid/user/01324EDAD7DB9B40

My channel:
http://www.youtube.com/user/danscourses/

source