https://ioctl.lol/tags/port-forwarding/Recent content in Port-Forwarding on ioctlHugoenioctlMon, 16 Mar 2026 00:00:00 +0000https://ioctl.lol/tools/tunneling/Mon, 16 Mar 2026 00:00:00 +0000https://ioctl.lol/tools/tunneling/<p>Every method. Copy-paste the command. Move on.</p> <p>Conventions: <code>10.10.14.x</code> = attacker, <code>172.16.0.x</code> = internal target, <code>pivot</code> = compromised dual-homed host.</p> <hr> <h2 id="ssh-tunneling">SSH Tunneling</h2> <p>The foundation. If you have SSH creds to a pivot host, you have everything you need.</p> <h3 id="local-port-forward--l">Local port forward (-L)</h3> <p>Route traffic from your machine through the pivot to an internal target.</p> <div class="highlight"><div class="chroma"> <table class="lntable"><tr><td class="lntd"> <pre tabindex="0" class="chroma"><code><span class="lnt">1 </span><span class="lnt">2 </span></code></pre></td> <td class="lntd"> <pre tabindex="0" class="chroma"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl"><span class="c1"># Access 172.16.0.10:80 via pivot, available at localhost:8080</span> </span></span><span class="line"><span class="cl">ssh -L 8080:172.16.0.10:80 user@pivot -N </span></span></code></pre></td></tr></table> </div> </div><p>Now <code>curl http://127.0.0.1:8080</code> hits the internal web app. The pivot does the routing.</p>