How To Pivot Through a Network with Chisel

120,999

3,260 0

Published 2023-09-14

jh.live/7a-john40 || 7ASecurity offers training and penetration tests with a free fix verification -- get 40% off training with JOHN40, $1000 off a pentest, or a enter their contest to win a completely FREE pentest! jh.live/7a-freepentest

00:00 - Chisel
00:23 - Setup
01:30 - Recon
05:55 - On static binaries
12:44 - Using chisel
14:35 - Put it in reverse
19:22 - Socks Proxy
20:49 - Proxychains
23:12 - HTTP service
27:40 - Forward Shell
32:54 - Final Thoughts

🔥YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware

All Comments (21)

@benjaminlocker8484 14 days ago

Best pivoting explanation I've come across.
@LzX000 9 months ago

You are the only YouTube channel that I actually watch the adds for because they are on topic and actually useful. Please keep up the good work!
@grzegorztlusciak 9 months ago

John, you have no idea how much that helps in my OSCP preparation :) Huge thanks for this vid!
@bufordmaddogtannen 9 months ago

Pretty much everything you described is already available natively using SSH chains, including socks support and dynamic port forwarding to access remote ports as if they are local once the connection to the last endpoint has been established. Using the SSH client config file you can easily create a chain where you start from your local box, reach the jumphost and SSH through one or more hosts transparently and without the need to deploy additional software. Chisel is basically SSH over HTTP. Edit: in the scenario depicted in this video, with SSH available on the various hosts, Chisel seems redundant.
@sh3bu 9 months ago

Nice video John ! Love the way how you simplify complex stuff for us to understand.. Thanks a lot ❤
@OldSnake1883 9 months ago

Thank you very much John for this walkthrough. This is a very important part.
@scottp8329 9 months ago

Absolutely fantastic John you just make it sound so easy thanks for the vid buddy🤙🏼
@nelmatrix3942 9 months ago

Wow, this is fascinating. Your skill set is incredible. 🤩
@cy_wareye7395 9 months ago

I using Chisel already 2 years but here John explain main functionality in rly easy way. Listen, forward ...
@neffisback9729 9 months ago

That looks like a really useful tool for internal pentesting. Thank you for your awesome videos❤️
@creatormike1853 9 months ago

Thanks John, this is really helpful and more understandable than adding routes through metasploit ect, keep it up! <3
@Jesse_Johnson 3 months ago

Awesome. Super excited to work this in.
@brymstoner 8 months ago

quality episode! worthwhile takeaways here for any linux up and comers; ping sweeping and static binaries. nice one, john. thank you!
@Logan-vw8bg 9 months ago

Thank you, thank you, thank you! Amazing video.
@PowerUsr1 9 months ago

excellent demo of lateral movement...
@JackOfAllThreatsMasterOfNone 9 months ago

Thanks for this video, I'll watch it for sure. Hope you'll do another for ligolo. It seems to be simpler, but right now youtube is the only resource for learning about it... Well, if I don't ask too much, you could add a tools comparison at the end of your ligolo tutorial 😜
@DocGMoney 1 month ago

This was like infinitely better than the Offsec Teachings.... Thank you so much! Edit: I say like because I don't think Offsec really tried to teach it... so yeah THANK YOU!
@Lupinicus1664 9 months ago

Nice video, well explained. Thank you.
@justkiddieng6317 9 months ago

definitely will save this for future works. thanks
@DanT89 8 months ago

This video is incredibly helpful. Thank you for all the help you provide. Also for the work you do with the dinosaurs ❤