tunnelling Metasploit through a single ssh connection

[Robin Wood <dninja () gmail com>]

Hi
I've a friend who is doing a test and all the client has given him is
an ssh connection to a machine inside their network so he can connect
in and probe around but not do much else. He could install Metasploit
on the machine he has a connection to but he asked me about running it
through the tunnel.

I suggested he could open port forwarding tunnels for the ports on the
remote network he wanted to attack and then attack them locally but
then came the problem of getting payloads back as I think the machines
on the network he connected to don't have outbound access. We could
mess around setting up multiple port forwards, for the attack and
payload and anything else but I was wondering if there was a better
way to do it.

Anyone got any tips?

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework