To do this, and since we only have access to the target machine through the service we have just exploited, we will try to use this same service to create a TCP traffic tunnel on this protocol, in this case TCP over HTTP. The tool to use will see reDuh, from Sensepost, which has two pieces: a server in php, aspx and jsp versions that can be uploaded to the compromised server, and a java client that will be launched from our computer to establish the tunnel.
Once the corresponding reDuh server has been uploaded (in this case it was php), we can check if it has been uploaded correctly simply by accessing its URL. This piece is not prepared to be called this way, so it gives us an error message, but at least confirms that the URL is correct.
Full content on Pentester
