You have three boxes: A, B and C.
A = Ubuntu client
B = Ubuntu relay
C = Windows RDP server
Host B has two IP addresses, so two NICs, so is part of two networks. Using dynamic port forwarding like this is an effective way to pivot traffic from one network (where Host A is) to another (where Host C is) using Host B as a pivot between the two. This will also show how to access a service on Host C from Host A.
Prep:
- Install proxychains and xfreerdp on Host A
- Install OpenSSH server on Host B
- Ensure RDP service is enabled on Host C
On Host A:
- Edit proxychains.conf.
- Add an entry like:
127.0.0.1 9050
- Setup dynamic port forward
ssh -D 9050 user@<relay-ip>- This creates an SSH tunnel between A and B.
- Specifically, a connection to local port 9050 is made by the SSH client. Whenever a connection is made to this port by an application, it is forwarded over the secure SSH connection to a destination determined by the application, e.g., a web browser will send packets to google.com.
- Also, this turns the localhost into a SOCKS proxy listener.
- Run xfreerdp with proxychains
proxychains xfreerdp /v:target-server-ip /u:user /p:pass
- Voila! You can now access the RDP service from your client machine.