Post Exploitation Pivoting

I am doing PTP - Post Exploitation Lab. I got a meterpreter shell on with a backdoor that was installed on the machine. I started enumerating the machine locally and I found FTP credentials and FTP server IP ( . FTP Server was on another subnet. I ran “run autoroute -s” and now I am able to scan machine from metasploit. I got information about another subnet from FileZilla files. When I run “route” command on the exploited machine ( ) there is no route to subnet. I might ask a stupid question but how does the exploited machine have access to subnet when I can’t see a route to the network from “route” command?

Thank you.

can you screenshot what you get when you run the “route” command?

Could be no static route added manually and might be using the default route (gateway) to communicate with the other subnets. But ideally there should be at-least one entry shown when you run the route command.

Thank you for the responses. Here is the output of the “route” command on machine:

@jaa @jmason-joshua17sc

It is using the default gateway(the first entry) to access the subnet. No other static route entries are configured in the machine.

Yes, I remember that I learned about default route. I should pay more attention to networking. Sorry for the dumb question. Thank you

Doubts are not at all dumb. We all are learning and trying to help eachother. Best wishes.

1 Like