How to run Responder remotely?

Hello,

I am trying to experiment with hacking internal Active Directory from an external standpoint.
Let’s say I compromised a Linux machine that is external facing but also connected to the internal network with Active Directory. And I cannot escalate privilege on the Linux machine, but I do have a tunnel that allows me to run tools like smbclient, nmap, Impacket, through proxychains on my attacking Kali machine. However, I need to run Responder and ntlmrelayx.py on the internal network but I learned that is not possible to do so since Responder uses my attacking Kali’s network interface. How can I work around this?

Thank you

look into port forwarding and tunneling. You can forward a port on the external network on the compromised machine, through a port on to the internal network to access other machines on the internal network. once you have a tunnel set up, you can use it to attack internal machines with responder.