Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Exploit (computer security)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Pivoting === {{Off topic|date=August 2024|Pivoting (computer security)|Pivoting is a follow-on to an exploit}} Pivoting is a technique employed by both hackers and [[penetration test]]ers to expand their access within a target network. By compromising a system, attackers can leverage it as a platform to target other systems that are typically shielded from direct external access by [[Firewall (computing)|firewalls]]. Internal networks often contain a broader range of accessible machines compared to those exposed to the internet. For example, an attacker might compromise a web server on a corporate network and then utilize it to target other systems within the same network. This approach is often referred to as a multi-layered attack. Pivoting is also known as ''island hopping''. Pivoting can further be distinguished into [[Proxy server|proxy]] pivoting and [[VPN]] pivoting: * Proxy pivoting is the practice of channeling traffic through a compromised target using a proxy payload on the machine and launching attacks from the computer.<ref><!--is this a separate source? Fix (and with separate cite web): [http://www.metasploit.com/redmine/projects/framework/wiki/Pivoting Metasploit Framework Pivoting], -->{{cite web |url=https://www.digitalbond.com/index.php/2010/07/12/metasploit-basics-part-3-pivoting-and-interfaces/ |title=Metasploit Basics β Part 3: Pivoting and Interfaces |work=Digital Bond}}</ref> This type of pivoting is restricted to certain [[Transmission Control Protocol|TCP]] and [[User Datagram Protocol|UDP]] ports that are supported by the proxy. * VPN pivoting enables the attacker to create an encrypted layer to tunnel into the compromised machine to route any network traffic through that target machine, for example, to run a vulnerability scan on the internal network through the compromised machine, effectively giving the attacker full network access as if they were behind the firewall. Typically, the proxy or VPN applications enabling pivoting are executed on the target computer as the [[payload (software)|payload]] of an exploit. Pivoting is usually done by infiltrating a part of a network infrastructure (as an example, a vulnerable printer or thermostat) and using a scanner to find other devices connected to attack them. By attacking a vulnerable piece of networking, an attacker could infect most or all of a network and gain complete control.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)