Exam PT0-001 topic 1 question 81 discussion

I think I will go with D. SSH and E. Netcat. I may be overthinking this but, SSH has many features including local port forwarding. Therefore, I would use ssh to forward the traffic back to a device (my attacking machine). Now using netcat (nc -nlvp 1234) I would start my listener on my attacking machine to intercept and monitor all connections being made. Correct me if I'm wrong, but the question is stating that the pentester wishes to forward traffic and now capture traffic. Tcpdump(command-line) and Wireshark(GUI) does the same thing, nmap would say what ports are opened (the pentester already knows that info), Cain and Abel is a password recovery tool. SSH Features: https://www.techrepublic.com/article/how-to-use-local-and-remote-ssh-port-forwarding/

C and D - PenTest+ Practice Tests Book - SYBEX In this scenario, the best options are SSH and Wireshark. Secure Shell (SSH) provides secure encrypted connections between systems. SSH provides remote shell access via an encrypted connection. SSH is used for secure command-line access to systems, typically via TCP port 22, and is found on devices and systems of all types. Because SSH is so common, testing systems that provide an SSH service is a very attractive option for a penetration tester. Wireshark is a protocol analyzer that allows penetration testers to eavesdrop on and dissect network traffic. Wireshark also allows for capturing network traffic from wireless networks.

D,E CORRECT

looks good to me

Going with A& E.

It was on the exam

This Question is FUN ... Ist it like: wich two tool you can use first ... Or is it like wich two tool you can use to complete the complete task? let's exclude the obvious wrong one: B. Nmap -> scans for ports an services ... we allready have access F. Cain and able -> more like a mitm tool Now the Objective is to forward (copy) all Traffic (incoming and outgoing) not manipulating it. Do we know the Operating System (Linux/Windows?) -> no. So first thing is we need to capture the traffic untouched ... can be done by Wireshark and TCP Dump both can send captured traffic to a pipe. So are we done now ? But we need to send it to another host ... sending Data from a Pipe can either be done by ssh oder netcat. BUT you wanna redirect the Traffic "some" device, so to me that means raw traffic. This would rule out SSH. So is boils down to 3 options: Wirshark&tcpdump netcat&wirehark netcat&tcpdump ON Linux you would go for tcpump & ncat ... but if it's a Windows OS thers no tcpdump just wireshark ... so ... well flip a 3 sided coin ... :)

The purpose seems to be to capture all traffic going to this port on the DMZ device. Since it calls out "forwarding traffic" the only way to capture that traffic is tcpdump, then use something to send it out, which is ssh. This is probably what they're wanting to do: https://serverfault.com/questions/362529/how-can-i-sniff-the-traffic-of-remote-machine-with-wireshark Despite it saying wireshark, as already mentioned wireshark is just a gui for tcpdump which is the packet capture engine. So wireshark could be involved but they only mentioned how to "forward traffic", nothing about capturing it on the other side.

If we agree to understand the question as: which two tools are needed in order to achieve the goal - it might be tcpdump/wireshark (as one tool to dump the traffic) and second one to have secure, encrypted connection to transfer that data.

D. SSH E. Netcat

I would go with DE. The following script allows to use both Netcat with SSH for port forwarding: $ mkfifo pipe $ while [ 1 ]; do nc -l -p 8080 < pipe | ssh gw_to_private_net \ -p 22977 "nc 192.168.12.230 80" | tee pipe; done https://jtway.co/netcat-with-ssh-port-forwarding-148177b2e850

Tcpdump and netcat. Odds are that you only have a shell... tcpdump is the way to go. Then pipe the capture to nc and capture with tcpdump on your end.

Its A & E. Please use common sense. Wireshark has nothing to do with forwarding traffic. Jesus christ

I asked about this on linuxquestions.org. I think the replies are interesting: https://www.linuxquestions.org/questions/linux-security-4/can-tcpdump-and-or-wireshark-and-or-netcat-forward-traffic-to-another-device-4175672194/

According to this article: netcat can be used: "Well, here I would like to point out that you most likely would have used backpipes in linux to bi-directionally port forward traffic using netcat, which also involves using mknod and tee." https://www.esecforte.com/advanced-traffic-pivoting-with-netcat/

C and D. In this scenario, the best options are SSH and Wireshark. Secure Shell (SSH) provides secure encrypted connections between systems. SSH provides remote shell access via an encrypted connection. SSH is used for secure command-line access to systems, typically via TCP port 22, and is found on devices and systems of all types. Because SSH is so common, testing systems that provide an SSH service is a very attractive option for a penetration tester. Wireshark is a protocol analyzer that allows penetration testers to eavesdrop on and dissect network traffic. Wireshark also allows for capturing network traffic from wireless networks.

I would go with D and E is nmap capable to forward traffic ? https://jtway.co/netcat-with-ssh-port-forwarding-148177b2e850