Reverse SSH Tunneling (NAT)

Home / Hacking, News, Security / Reverse SSH Tunneling (NAT)

January 7, 2010 PlanetCreator 0 Comments 0 tags

Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with reverse SSH tunneling. This document will show you step by step how to set up reverse SSH tunneling. The reverse SSH tunneling should work fine with Unix like systems.

Let’s assume that Destination’s IP is 192.168.20.55 (Linux box that you want to access).

You want to access from Linux client with IP 138.47.99.99.

Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99)
1. SSH from the destination to the source (with public ip) using command below:

ssh -R 19999:localhost:22 [email protected]

* port 19999 can be any unused port.

2. Now you can SSH from source to destination through SSH tuneling:

ssh localhost -p 19999

3. 3rd party servers can also access 192.168.20.55 through Destination (138.47.99.99).
Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob’s server

3.1 From Bob’s server:

ssh [email protected]

3.2 After the sucessful login to Source:

ssh localhost -p 19999

* the connection between destination and source must be alive at all time.

Tip: you may run a command (e.g. watch, top) on Destination to keep the connection active.

Explore More

critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru

PlanetCreator.Netâ€™s Security Team Member has reported another critical XSS vulnerability on Accounts Chamber of the Russian Federation http://www.ach.gov.ru These are some information from Vulneral Site http://www.ach.gov.ru: This vulnerability has been

Critical SQL Injection in www.kmd.com KMD Group of Companies

PlanetCreator.Net’s Security Team Member Info Freakzz <infofreakzzz(at)gmail.com> has reported another critical SQL Injection (vulnerability) on http://www.kmd.com.sg owned by KMD Group of Companies These are some information from Vulneral Site http://www.kmd.com.sg

Online Services

Gathering information: (set) http://www.subnetonline.com/ (set) http://ping.eu/ (ping, dns_tools, traceroute, web_tools) http://serversniff.net/ (DIG / nslookup, whois, traceroute) http://networking.ringofsaturn.com/Tools/ (whois, dns_tools, service_scan, traceroute) http://centralops.net/co/DomainDossier.aspx (whois, dns_tools, domain_search) http://www.whois.ws/ (whois, dns_tools) http://www.robtex.com/ (whois)

[local] tar-fs 3.0.0 - Arbitrary File Write/Overwrite
on April 22, 2025 at 12:00 am
tar-fs 3.0.0 - Arbitrary File Write/Overwrite
[webapps] WordPress Core 6.2 - Directory Traversal
on April 22, 2025 at 12:00 am
WordPress Core 6.2 - Directory Traversal
[local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
on April 22, 2025 at 12:00 am
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
[remote] OpenSSH server (sshd) 9.8p1 - Race Condition
on April 22, 2025 at 12:00 am
OpenSSH server (sshd) 9.8p1 - Race Condition
[remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
on April 22, 2025 at 12:00 am
WonderCMS 3.4.2 - Remote Code Execution (RCE)