How To Pivot Through a Network with Chisel

117,322

3,169 0

Published 2023-09-14

jh.live/7a-john40 || 7ASecurity offers training and penetration tests with a free fix verification -- get 40% off training with JOHN40, $1000 off a pentest, or a enter their contest to win a completely FREE pentest! jh.live/7a-freepentest

00:00 - Chisel
00:23 - Setup
01:30 - Recon
05:55 - On static binaries
12:44 - Using chisel
14:35 - Put it in reverse
19:22 - Socks Proxy
20:49 - Proxychains
23:12 - HTTP service
27:40 - Forward Shell
32:54 - Final Thoughts

🔥YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware

All Comments (21)

@LzX000 7 months ago

You are the only YouTube channel that I actually watch the adds for because they are on topic and actually useful. Please keep up the good work!
@grzegorztlusciak 7 months ago

John, you have no idea how much that helps in my OSCP preparation :) Huge thanks for this vid!
@sh3bu 7 months ago

Nice video John ! Love the way how you simplify complex stuff for us to understand.. Thanks a lot ❤
@OldSnake1883 7 months ago

Thank you very much John for this walkthrough. This is a very important part.
@bufordmaddogtannen 7 months ago

Pretty much everything you described is already available natively using SSH chains, including socks support and dynamic port forwarding to access remote ports as if they are local once the connection to the last endpoint has been established. Using the SSH client config file you can easily create a chain where you start from your local box, reach the jumphost and SSH through one or more hosts transparently and without the need to deploy additional software. Chisel is basically SSH over HTTP. Edit: in the scenario depicted in this video, with SSH available on the various hosts, Chisel seems redundant.
@scottp8329 7 months ago

Absolutely fantastic John you just make it sound so easy thanks for the vid buddy🤙🏼
@nelmatrix3942 7 months ago

Wow, this is fascinating. Your skill set is incredible. 🤩
@neffisback9729 7 months ago

That looks like a really useful tool for internal pentesting. Thank you for your awesome videos❤️
@creatormike1853 7 months ago

Thanks John, this is really helpful and more understandable than adding routes through metasploit ect, keep it up! <3
@DanT89 6 months ago

This video is incredibly helpful. Thank you for all the help you provide. Also for the work you do with the dinosaurs ❤
@brymstoner 6 months ago

quality episode! worthwhile takeaways here for any linux up and comers; ping sweeping and static binaries. nice one, john. thank you!
@Lupinicus1664 7 months ago

Nice video, well explained. Thank you.
@PowerUsr1 7 months ago

excellent demo of lateral movement...
@Jesse_Johnson 1 month ago

Awesome. Super excited to work this in.
@jakegarrison5214 7 months ago

that music during the sponsor clip was 🔥
@night0x1 7 months ago

Thanks for doing a pivoting video!! Gonna use chisel for eCPPT!
@DoomerzZ 2 months ago

Thanks to your explanations, I understood the concept well, thank you very much
@justkiddieng6317 7 months ago

definitely will save this for future works. thanks
@sagar12527 6 months ago

Hey Thanks for this video. I was really strugling in the lateral movemet.
@cy_wareye7395 7 months ago

I using Chisel already 2 years but here John explain main functionality in rly easy way. Listen, forward ...