If you are interested in red teaming at large, check out my book about Red Team Strategies.TCP COM Bridge is a networking application made for users who need to redirect data received via a COM port device. Hope the post was informative and useful. In this post we explored some simple commands to expose ports (proxy/forward them) on different network interfaces. Remove-NetFirewallRule -Name FirefoxRemote
Netsh advfirewall firewall del rule name="Open Port 48333" The firewall rule can be removed again using the following command: The same applies for opening port 48333 on the machine. In order to remove port forwarding and revert to the defaults, we can run the following commands:Īlternatively, there is a delete argument. Now, it is all setup to connect to from another machine to port 48333. New-NetFirewallRule -Name FirefoxRemote -DisplayName "Open Port 48333" -Direction Inbound -Protocol tcp -LocalPort 48333 -Action Allow -Enabled True On modern Windows machines, this can also be done via PowerShell commands: Netsh advfirewall firewall add rule name="Open Port 48333" dir=in action=allow protocol=TCP localport=48333 Besides the UI the following commands might come in handy:
There are multiple ways to update firewall rules in Windows. How does that work on Windows you might ask? Allowing traffic through the firewall We have to add a new firewall rule to allow port 48333. This is the basic configuration to expose that web server remotely on a different interface.Īlthough, by default remote connections to port 48333 will be blocked by the firewall. In our example, the proxy to connect to is on 127.0.0.0 port 80.
The good news is that Windows 10 ships with ssh - but this post is not about ssh. If you know Linux, you probably are familiar with the power of ssh and it’s range of command line options.
It took me quite a while to figure how to do this on Windows the first time I needed this. Or there are two network interfaces and you want expose traffic from one to the other (maybe some evil persistence for port 3389) - or think of basic pivoting. Let’s say you have an existing process that listens only on the loopback interface, and you want to expose it remotely.
Proxying ports is useful when a process binds on one (maybe only the local) interface and you want to expose that endpoint on another network interface. A technique on Windows that is less known is how to do basic port-proxying.