Port Forwarding Windows: Netsh

E.g. compromised a Windows 10 host, which would allow to pivor further from within the network the workstation is in.

We can use netsh.exe to forward all data received on a specific port (say 8080) to a remote host on a remote port.

C:\Windows\system32> netsh.exe interface portproxy add v4tov4 listenport=8080 listenaddress= connectport=3389 connectaddress=

Verifying Port Forward

C:\Windows\system32> netsh.exe interface portproxy show v4tov4

Listen on ipv4:             Connect to ipv4:

Address         Port        Address         Port
--------------- ----------  --------------- ----------   8080     3389

After configuring the portproxy on our Windows-based pivot host, we will try to connect to the 8080 port of this host from our attack host using xfreerdp. Once a request is sent from our attack host, the Windows host will route our traffic according to the proxy settings configured by netsh.exe.