当前位置:网站首页>nc 端口转发
nc 端口转发
2022-07-24 17:04:00 【ailx10】
前面我们已经学习了ssh端口转发、防火墙端口转发、rinetd 端口转发,今天我们来看一下最重要的端口转发,nc端口转发,之前我们学习反弹shell的时候就已经知道nc了,今天再学习nc一个新功能,那就是端口转发。在做安全蓝队的日子里,很多小伙伴不免看到3389端口反弹的安全事件,今天就来一探究竟~
实验环境:
- macos:192.168.199.206
- kali:192.168.199.247
- centos:192.168.199.236
实验一:本地端口转发,将kali的8888端口转发到22端口
nc -lp 8888 -c "nc 127.0.0.1 22"
再看抓包情况,黑客视角来看,还是从客户端到服务端没有流量,但是服务端到客户端
受害者视角来看
实验二:远程端口转发,访问kali的7777端口,就是访问centos的22端口
nc -lp 7777 -c "nc 192.168.199.236 22"
再看看抓包情况,从黑客视角来看,一样的都是单边流量
再从跳板机视角看一下,双向流量奔赴
网络安全任重道远,洗洗睡吧~
边栏推荐
- QT graphical interface beginner project - unmanned aerial vehicle group combat simulation
- Xxx.pro learning in QT
- Problems encountered in upgrading chrome to version 80 - solutions to system login failure
- MODIS data WGet Download
- Implementation of side list menu (side menu) of wechat applet
- EF combined with sqlbulkcopy batch insert data
- Delay and jitter in network
- 剑指 Offer 22. 链表中倒数第k个节点
- 【零基础】充分理解WebGL(八)
- Wechat applet list (list rendering of data rendering)
猜你喜欢
CDN(Content Delivery Network)内容分发网络从入门到与实战
Development dynamics | stonedb 2022 release milestone
Qsqldatabase: solution of qmmysql driver not loaded
At & T pseudo instruction and interpretation of CFI CFA
我们为什么要推出Getaverse?
Topic 6 - message queue for client communication
SS-Paper【1】:Fully Convolutional Networks for Semantic Segmentation
Long awaited full platform support - Open Source im project uniapp update of openim
Shardingsphere database read / write separation
CANN训练营学习2022第二季 模型系列 动漫风格化和AOE ATC调优
随机推荐
Problems encountered in upgrading chrome to version 80 - solutions to system login failure
Topic 6 - message queue for client communication
IP第十三天笔记
期盼已久全平台支持-开源IM项目OpenIM之uniapp更新
Envi grid resampling
Win10 download address
Mcd12q1 data shows multiple classifications in envi
PAT甲级——签到与签出
ShardingSphere数据库读写分离
Summary of experience in using.Net test framework xUnit, mstest, specflow
Axi protocol (3): handshake mechanism and implementation details of Axi architecture
QT design simulation robot controller
AI opportunities for operators: expand new tracks with large models
How to effectively avoid memory leakage when customizing the handler?
MySQL addition, deletion, modification, retrieval and constraint (detailed teaching)
Cann training camp learns the animation stylization and AOE ATC tuning of the second season of 2022 model series
剑指 Offer 22. 链表中倒数第k个节点
C font usage effect
Still shocked by the explosion in the movie? Then you must not miss this explosive plug-in of unity
荣耀CEO赵明:单一厂商很难实现全场景产品覆盖