PortBender – TCP Port Redirection Utility

October 22, 2021

PortBender is a TCP port redirection utility that allows a red team operator to redirect inbound traffic destined for one TCP port (e.g., 445/TCP) to another TCP port (e.g., 8445/TCP). PortBender includes an

In this example, we want to deploy the covert persistence mechanism on a compromised Internet-facing IIS webserver. Here we run the “PortBender backdoor 443 3389 praetorian.antihacker” to instruct the backdoor service to redirect any connections to 443/TCP to 3389/TCP on the compromised host from any IP address that provides the specified “praetorian.antihacker” keyword. The expected output is shown below:

 

Acknowledgements

  • Arno0x0x for his work on DivertTCPConn [1]
  • Stephen Fewer for his work on Reflective DLL Injection [2]
  • Basil00 for his work on WinDivert [3]
  • Francisco Dominguez for his research into performing SMB relaying on Windows [4]

References

[1] https://github.com/Arno0x/DivertTCPconn
[2] https://github.com/stephenfewer/ReflectiveDLLInjection
[3] https://github.com/basil00/Divert
[4] https://diablohorn.com/2018/08/25/remote-ntlm-relaying-through-meterpreter-on-windows-port-445

Download PortBender

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Discord

Original Source

You may have missed

unlock membership

Fortifying the Backbone: Cybersecurity for Critical Infrastructure

November 15, 2024
news

Bank of England U-Turns on Critical Third Party Vulnerability Disclosure Rules

November 15, 2024
news

Sitting Ducks DNS Attacks Threaten Over 1 Million Global Domains

November 15, 2024
news

API Security Threats: 83% of Companies Experience Security Incidents

November 15, 2024
news

Microsoft Power Pages: Misconfiguration Risks and Data Exposure

November 15, 2024