After gaining access to one host we can use the compromised host to exploit other hosts on the same internal network to which we could not access previously.
Pivoting using proxychain tool
run autoroute -s <target_subnet>E.g.run autoroute -s 10.10.10.0/24## Now we can access this subnet via msfconsole...- now we want to use "proxychain" tool on our attacking machine or a MSF module:
use auxiliary/server/socks_proxy set VERSION 4aset SRVPORT 9050set it as what you did for socks4 tool. Our attacking machine will start listening on this port- so now we can nmap the second system from our main system:
proxychain nmap <Second_target> -sT -Pn -sV -p 445
Another method:
- In meterpreter use this:
run autoroute -s <target_subnet> - Then just use
portscanmodules in msfconsole