I’m currently doing the PIVOTING, TUNNELING, AND PORT FORWARDING - SKILLS ASSESSMENT, and I sort of baffled about couple of things.
First, why is proxychains with nmap NOT doing the scan sequentially?
proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
Starting Nmap 7.92 ( https://nmap.org ) at 2023-04-05 10:27 BST
Initiating Ping Scan at 10:27
Scanning 256 hosts [2 ports/host]
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.1:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.4:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.7:80 <--socket error or timeout!
...
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.253:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.0:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.5:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.9:80 <--socket error or timeout!
...
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.248:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.252:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.2:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.8:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.15:80 ... OK
...
This had me really worried at the beginning that I’m doing something wrong, because some hosts are being skipped.
Secondly, why am I seeing this output on the machine in the “middle”
webadmin@inlanefreight:~$ channel 3: open failed: connect failed: No route to host
channel 3: open failed: connect failed: No route to host
channel 3: open failed: connect failed: No route to host
channel 3: open failed: connect failed: No route to host
channel 3: open failed: connect failed: No route to host
everytime a packet goes through? Even thought the packet should be routable since it’s dest. is in a reachable network?
And lastly, why is the result of nmap goes against what proxychains says?
proxychains output of target subnet scan:
172.16.5.218:80 <--socket error or timeout!
Ping Scan Timing: About 95.80% done; ETC: 10:40 (0:00:33 remaining)
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.35:80 <--socket error or timeout!
[proxychains] Strict chain ... 127.0.0.1:9050 ... 172.16.5.53:80 <--socket error or timeout!
IP 172.16.5.35 socket error or timeout! while the output of nmap is:
Nmap scan report for 172.16.5.34
Host is up (3.1s latency).
Nmap scan report for 172.16.5.35 <---------- host actually alive
Host is up (0.012s latency). <---------- host actually alive
Nmap scan report for 172.16.5.36
Host is up (3.1s latency).
Nmap scan report for 172.16.5.37
Host is up (3.1s latency).
Not only all hosts are up, by the nmap search, but only thanks to a different latency I was able to see the target.
Now, I know that a ping scan from the “middle” machine would do the trick, but I wanted to make this work.