Pivoting From a Meterpreter Shell

💡
Before all of this, if you are on a Windows machine, it might be a good idea to first migrate to another process like explorer.exe to be sure that the meterpreter session runs with the admin’s privileges. Otherwise, you might still be using a process running with the privileges of a lower privileged user. To do so, from your meterpreter session, run:
migrate -N explorer.exe

Then, run:

background
use post/multi/manage/autoroute
💡
For more information about the configuration of this module, see the official documentation: https://docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html#autoroute

Once you have correctly configured the module, run:

run

We can verify that the route was correctly configured using:

route

At this point, Metasploit modules should be able to use the pivot. To use the pivot with different tools:

use auxiliary/server/socks_proxy
💡
For more information about the configuration of this module, see the official documentation: https://docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html#socks-server-module-setup

From another terminal, we can configure proxychains-ng to pass through our proxy by adding:

socks5 127.0.0.1 1080

at the end of the file, using:

sudo nano /etc/proxychains.conf

We can now run any command through our pivot by using the command:

sudo proxychains4 $CMD

Note that UDP traffic cannot pass through the proxy.