Infrastructure penetration testing notes
  • Initial page
  • Table Of Content
  • Infrastructure testing
    • Enumeration
      • Packet Capture
      • Host Discovery
      • Services / Ports
        • 21 - FTP
        • 22 - SSH
        • 25 - SMTP
        • 53 - DNS
        • 67 - DHCP
        • 69 - TFTP
        • 79 - Finger
        • 88 - Kerberos
        • 111 - RPC
        • 113 - ident
        • 135 - MSRPC
        • 137 - Netbios
        • 139/445 - SMB
        • 161 - SNMP
        • 177 - XDMCP
        • 363 - LDAP
        • 443 - HTTPS
        • 500 - IKE (IPSEC)
        • 512/513/514 - R Services
        • 623 - IPMI
        • 873 - RSYNC
        • 1099 - Java RMI
        • 1433 - Microsoft SQL
        • 1521 - Oracle DB
        • 2049 - NFS
        • 3306 - MySQL
        • 3389 - RDP
        • 5432 - PostgresSQL
        • 5900 - VNC
        • 5985 - WinRM
        • 6000 - X11
        • 6379 - Redis
        • 8080 - Jenkins
        • 11211 - Memcached
        • RDS
        • SQLite
        • Docker
      • IPV6
        • Scanning
        • Enumeration
        • Transfering files
        • Pivoting and routes
        • THC IPv6
    • Gaining Access
      • IP Forwarding
      • VLAN Information
      • Psexec
      • Upgrading shell
      • Reverse Shells One-Liners
      • Bruteforce
      • MITM cleartext protocols
      • Null session
      • LLMNR / NBT NS Spoofing
      • Port knocking
      • Downloading/Transfer files
      • Remote Desktop
      • NAC Bypass
      • Pass-The-Hash
    • Exploitation
      • Solaris
      • IPv6
      • Windows
        • Compiling Code
        • SMB Vulnerabilities
        • Kerberos Attacks
    • Privilege Escalation
      • Situational Awareness
        • Linux
        • Windows
          • Registry
          • PowerView
          • FSMO Roles
      • Windows
        • Disable Apps and Firewall
        • Add user script
        • UAC Bypass
        • icacls
        • Running services
        • Common Exploits
      • Linux
        • SUID Shell script
        • CVE-2019-14287
        • Kernel exploit
      • Solaris
      • FreeBSD
      • Automated tools
      • Metasploit Modules
      • Password Dumping
    • Breakout
      • LOLBas
      • powershell constrained language byass
      • Alternatives to command prompt
      • Windows utilities
      • Applocker
      • Restricted shells
      • Environmental Variables / Bypassing Path Restrictions
      • Docker escape
      • Just Enough Administration (JEA)
    • Presistance
      • Windows
    • Pivoting
      • Adding routes
    • Password Cracking
      • Hashcat
      • John
      • Cisco Passwords
      • Passwords Lists
      • Generating wordlist
    • Tools
      • Nishang
      • UACME
      • Bypass-UAC
      • MSBuildAPICaller
      • Impacket
      • SharpPersist
      • Terminals
      • IP Calculation
      • pwsh
      • psTools / Sysinternals
      • Unlock applocker
      • enum4linux
      • Bloodhound
        • aclpwn
      • mitm6
      • Enyx
      • nfsshell
      • PowerUpSQL
      • Metasploit
        • msfvenom
    • Others
Powered by GitBook
On this page
  • Linux
  • Display your current routing table
  • Adding routes:
  • Linux add a default gateway (route) using ip command
  • Windows
  • Print routes:
  • Add route
  • Remove route:

Was this helpful?

  1. Infrastructure testing
  2. Pivoting

Adding routes

Linux

Display your current routing table

Open the Terminal or login to server using ssh/console. Type the following command to display routing table: 

# route 
Or 
# route -n 
Or 
# ip route show 
Or 
# ip route list

Adding routes:

Linux add a default route using route command

Route all traffic via 192.168.1.254 gateway connected via eth0 network interface: 

# route add default gw 192.168.1.254 eth0 
OR 
# route add -host {Target host} gw {Gateway IP} 
OR Range: 
# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.254

Linux add a default gateway (route) using ip command

Route all traffic via 192.168.1.254 gateway connected via eth0 network interface: 

iron@ubuntu-vm:~$ ping 192.168.249.130
PING 192.168.249.130 (192.168.249.130) 56(84) bytes of data.
^C
--- 192.168.249.130 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2045ms


iron@ubuntu-vm:~$ sudo ip route add 192.168.249.0/24 dev ens33

iron@ubuntu-vm:~$ ping 192.168.249.130
PING 192.168.249.130 (192.168.249.130) 56(84) bytes of data.
64 bytes from 192.168.249.130: icmp_seq=1 ttl=64 time=0.497 ms
64 bytes from 192.168.249.130: icmp_seq=2 ttl=64 time=0.741 ms

^C--- 192.168.249.130 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1022ms
rtt min/avg/max/mdev = 0.497/0.619/0.741/0.122 ms
iron@ubuntu-vm:~$

Add route via other route: 

ip route add 10.0.1.3 via 10.0.0.1 dev eth0
root@UK198899:~# ping 172.16.0.128 
^CPING 172.16.0.128 (172.16.0.128) 56(84) bytes of data. 
--- 172.16.0.128 ping statistics --- 
7 packets transmitted, 0 received, 100% packet loss, time 6154ms 
root@UK198899:~# ip route add 172.16.0.0/24 via 192.168.0.30 
root@UK198899:~# ping 172.16.0.129 
PING 172.16.0.129 (172.16.0.129) 56(84) bytes of data. 
64 bytes from 172.16.0.129: icmp_seq=1 ttl=64 time=2.07 ms 
64 bytes from 172.16.0.129: icmp_seq=2 ttl=64 time=0.445 ms 
^C 
--- 172.16.0.129 ping statistics --- 
2 packets transmitted, 2 received, 0% packet loss, time 1002ms 
rtt min/avg/max/mdev = 0.445/1.255/2.065/0.810 ms

or

route add –host 172.2.202.20 gw 10.2.202.2

Windows

Open command prompt as administrator

Print routes:

route print

Add route

route ADD 192.168.35.0 MASK 255.255.255.0 192.168.0.2

Remove route:

route delete destination_network

PreviousPivotingNextPassword Cracking

Last updated 4 years ago

Was this helpful?