[資訊安全] Reversing SSH Tunneling

最近需要連到防火牆後的某台電腦找東西,發現透過reverse ssh就可以做反向連線,輕鬆達陣

情境是這樣,要從123.45.67.89(public)連線到192.168.0.100(private):

Destination(192.168.0.100) <-- |NAT| <-- Source(123.45.67.89)

in destination host

dst$ ssh -R 1234:localhost:22 username@123.45.67.89

in source host

src$ ssh localhost -p 1234

目前是用ssh做,我想nc應該也有類似的功能,找到再補上吧

reference: Reverse SSH Tunneling