Sometimes we need to jump from one network to another, sometimes because of network segregation or perhaps to jump past a firewall. This is called a Pivot. Pivots are different between operating systems, and so the Metasploit modules you need to use might be different. Here, we will pivot from a Windows machine. On a segregated network, the machine we need to attack is the machine that has an interface on both networks. Sometimes this can be found in your network probes, from the leaked system information gleaned from RPC or SNMP probes. Also, sometimes machine names will give away this information. If there is a machine named JumpBox, that is the one you want.
Tip
Hacker Tip
Whenever possible, remove details such as naming your machines Jumpbox-2
, Mail-1
, HTTP-2003
, and other such transparent names. A good naming convention that your administrators know well can help you make a cracker's life more difficult.
Below, we see the layout of our attack. Even if you are not a "visual...