ports – How can you attack or redirect the client from the server over an RDP or SSH conneciton?

I have a penetration testing scenario where I am on the network with two machines, Machine A and Machine B. I have complete control over Machine B and am trying to leverage that to get access to Machine A. Machine A appears to be some variant of Linux (I pinged it and the response had a TTL value of 64, but I know this could be spoofed which is why it is only my guess), and Machine B is Ubuntu Linux.

An nmap scan of Machine A found that port 443 was open and port 22 was filtered. I have drawn the conclusion that Machine A accepts SSH connections via port 22, but behind some rule or firewall.

Machine A acts as a bastion, so the web application on port 443 (which I have already tested for vulnerabilities and found none) lets authenticated users have an interactive RDP or SSH session with machines on the network, from the context of Machine A. So I can log into the web application that Machine A is hosting and connect via a browser over to Machine B via RDP or SSH.

Because I have full control over Machine B and can get Machine A to connect to it, what RDP or SSH attacks are there that I can leverage? I am thinking primarily of whether or not there’s a way to have Machine B make Machine A redirect the session to localhost, which would mean Machine A would connect back to itself over SSH in a session I can interact with.

Note: I am aware of SSH reverse tunneling, but that requires special configuration on Machine A’s side when the connection is established, and I don’t have access to that.

hosting – FTP client logged out immediately after logging in. Pure-ftp/Cpanel/WHM

I’m trying to enable ftp on a cpanel/whm server but users are having trouble logging in. Ports are open and I can see connections are reaching the server because they are logged. However the clients show a timeout and the logs just say that the user is immediately logged out after.

Could someone explain this and provide a solution for me? The server is running Cloudlinux, Litespeed and CageFS however I’ve tested disabling each one for a user to no avail.

enter image description here

vpn – Azure Virtual Network Gateway client – Unable to execute custom scripts (to update your routing table). Required files could be missing

We have an Azure virtual network gateway setup with machines connecting using the Point to Site client which was downloaded from the Azure portal. Most of the time this works fine, however occasionally users are getting the error: “Unable to execute custom scripts (to update your routing table). Required files could be missing.”

enter image description here

There’s no indication as to why would be occurring or why it works most of the time. Event log doesn’t provide much information, merely stating the connection was terminated with reason code 631 (port disconnected by the user).

Does anyone have any pointers on what might be happening here or how to resolve?

enter image description here

penetration test – What are the ways to attack the client if you have full control of the server, over an RDP or SSH connection?

I am not sure whether I accurately captured this question with the title, so let me explain it.

I have a penetration testing scenario where I am on the network with two machines, Machine A and Machine B. I have complete control over Machine B and am trying to leverage that to get access to Machine A. Machine A appears to be some variant of Linux (I pinged it and the response had a TTL value of 64, but I know this could be spoofed which is why it is only my guess), and Machine B is Ubuntu Linux.

An nmap scan of Machine A found that port 443 was open and port 22 was filtered. I have drawn the conclusion that Machine A accepts SSH connections via port 22, but behind some rule or firewall.

Machine A acts as a bastion, so the web application on port 443 (which I have already tested for vulnerabilities and found none) lets authenticated users have an interactive RDP or SSH session with machines on the network, from the context of Machine A. So I can log into the web application that Machine A is hosting and connect via a browser over to Machine B via RDP or SSH.

Because I have full control over Machine B and can get Machine A to connect to it, what RDP or SSH attacks are there that I can leverage? I am thinking primarily of whether or not there’s a way to have Machine B make Machine A redirect the session to localhost, which would mean Machine A would connect back to itself over SSH in a session I can interact with.

Note: I am aware of SSH reverse tunneling, but that requires special configuration on Machine A’s side when the connection is established, and I don’t have access to that.

Is an automatically use of OpenPGP in an email client a good idea?

Is an automatically use of OpenPGP in an email client a good idea? – Information Security Stack Exchange

On TLS 1.2 with ECDHE Key Exchange, how does the client make sure the server has the certificate’s private key?

When RSA is used for Key Exchange, the pre-master key is encoded with the server certificate public key, so the server would not be able to decode it if it didn’t possess the private key.

However, when ECDHE is used for Key Exchange, how does the client make sure the server is legit and possess the private key relative to the provided certificate?

mail.app – As of 2Q2021 is any osx email client besidesOutlook that allows use of public shared folders in exchange?

mail.app – As of 2Q2021 is any osx email client besidesOutlook that allows use of public shared folders in exchange? – Ask Different

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123