root💀bl4ck4non-sec:~#

Hack. Eat. Sleep. Repeat!!!

View on GitHub

To understand pivoting, you need to understand portforwarding

Port forwarding is the process of directing traffic from a specific port on a target system to a specific port on our system

So, to get access to the other IP, add it to your route table after running

ipconfig

To add the route, the IP we are adding to route is the victim 1’s ip

run autoroute -s 10.0.29.0/20

To list active routes

run autoroute -p

Since the autoroute applies only in metasploit, the inbuilt portscanner module can be used

use auxiliary/scanner/portscan/tcp
set rhosts (Victim's 2 ip)
run

If there’s an http or https port running, we can’t view it in our browser since the autoroute is only available in metasploit. So, what we can do is portforward

portfwd add -l 1234 -p 80 -r 10.10.10.10

-l --> port you want to forward to
-p --> port you want to forward
-r --> ip address of victim 2

To view the webpage you can go to the url

http://127.0.0.1:1234

or if you want to run a nmp scan

nmap -sV -p 1234 127.0.0.1