Pivoting to internal networks using ssh like a boss

Pivoting using SSH Original Writeup on medium

HTB Luke Writeup

Luke Recon Nmap Scan We begin our reconnaissance by running an Nmap scan checking default scripts and testing for vulnerabilities. 1 nmap -sC -sV -oA nmap/tcpInitial -vv PORT STATE SERVICE REASON VERSION 21/tcp open ftp syn-ack ttl 63 vsftpd 3.0.3+ (ext.1) | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_drwxr-xr-x 2 0 0 512 Apr 14 12:35 webapp | ftp-syst: | STAT: | FTP server status: | Connected to 10.