Before all of this, if you are on a Windows machine, it might be a good idea to first migrate to another process like
explorer.exe
to be sure that the meterpreter session runs with the admin’s privileges. Otherwise, you might still be using a process running with the privileges of a lower privileged user.
To do so, from your meterpreter session, run:migrate -N explorer.exe
Then, run:
background
use post/multi/manage/autoroute
For more information about the configuration of this module, see the official documentation: https://docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html#autoroute
Once you have correctly configured the module, run:
run
We can verify that the route was correctly configured using:
route
At this point, Metasploit modules should be able to use the pivot. To use the pivot with different tools:
use auxiliary/server/socks_proxy
For more information about the configuration of this module, see the official documentation: https://docs.metasploit.com/docs/using-metasploit/intermediate/pivoting-in-metasploit.html#socks-server-module-setup
From another terminal, we can configure proxychains-ng
to pass through our proxy by adding:
socks5 127.0.0.1 1080
at the end of the file, using:
sudo nano /etc/proxychains.conf
We can now run any command through our pivot by using the command:
sudo proxychains4 $CMD
Note that UDP traffic cannot pass through the proxy.