Chisel: Network Tunneling On Steroids
Port Forwarding and SOCKS Proxies
Hello, World! On a recent pentest, I compromised a Windows machine that only allowed inbound traffic and not outbound, which was odd because it's normally the other way around. However, I wanted to see what other machines were on the network from the perspective of the compromised host, so I transferred chisel
onto the target machine and created a SOCKS proxy that I could use with Proxychains to proxy my Nmap traffic. In this article, I will show you how to use chisel
for both port forwarding and creating SOCKS proxies. Let’s go for it!
Building Chisel
I typically always have a Windows and Linux binary of chisel
on my attacking machine so in this section I do a quick demo on how to build chisel
for both Windows and Linux.
Note: You will need to have Go and Git installed on your machine — check out this article I wrote which includes steps showing you how to install Go on Linux. Git can be installed using your favorite distros package manager like this: sudo apt -y install git
Before we build chisel
, let’s clone the chisel
repository with the following commands:
sudo git clone https://github.com/jpillora/chisel.git /opt/chisel
cd /opt/chisel