OpenSSH_4.7p1, reverse shell
Hayder Mouhammed
hmouhammed at gmail.com
Thu Apr 3 05:07:49 EST 2008
Bob,
I appreciate your speedy response and your suggestions. The netstat showing
all the information was very helpful. I noticed something and I'm just
curious if you have any information. Machine C is running OpenSSH v3.7 and A
& B are running v4.7. If I switch the scenario and use A as the destination,
I have to use a -P instead of -p. However with the first method, using v4.7
as starting point, I have to use a -p instead of -P. Was their a change in
case between the versions?? Many thanks once again.
On Tue, Apr 1, 2008 at 5:20 PM, Bob Proulx <bob at proulx.com> wrote:
> Hayder Mouhammed wrote:
> > What I am trying:
> >
> > On C: ssh -N -R 10000:localhost:22 root at machineB
> > On B: running sshd
> > On A: ssh root at machineB -p 10000
>
> A useful tool to double check where ports are open for listening is
> 'netstat'. Try this to see all listening connections:
>
> netstat -na | grep LISTEN
>
> netstat -na | grep :10000
>
> Try that on all of the involved systems and verify where you are
> listening. That can clear up a lot of confusion.
>
> The next thing to look for when trying to connect remotely is what IP
> address the listening port is bound. This is controlled by
> GatewayPorts=yes and I see that you set it in your sshd configuration.
> Did you restart the daemon after changes to make sure they could take
> effect?
> 127.0.0.1 only accepts connections from the loopback interface.
> 0.0.0.0 accepts connections from any network interface. Any specific
> IP address would be assocated with that specific network device.
>
> After this I would simply 'connect'[*], or 'telnet' if that isn't
> available, to the port and verify that you are getting an ssh banner.
>
> On C:
> connect localhost 22
>
> On B:
> connect localhost 10000
>
> On A:
> connect B 10000
>
> If the port is open and available but still blocked then I would look
> for a firewall that is blocking the connection.
>
> Bob
>
> [*] http://www.meadowy.org/~gotoh/projects/connect<http://www.meadowy.org/%7Egotoh/projects/connect>
>
--
--H
More information about the openssh-unix-dev
mailing list