This payload starts Packet Squirrel in NAT mode and awaits for user input. When the button is pressed, the payload connects to a remote SSH server and creates a local port tunnel. It then launches a meterpreter shell over said tunnel. The intent is to get a meterpreter shell on a target network in a way that hides meterpreter network traffic behind legitimate SSH activity.
There are many forms of remote access which may be used by different actors for various purposes. A red team may use remote access techniques that provide persistent access to an exploited target for the purposes of reconnaissance and lateral movement across the network. A systems administrator may use remote access to perform day to day operations on a network accessible computer. An array of techniques exist to obtain and maintain remote access across a network, including using a command and control server such as Cloud C². Common remote access techniques include reverse shells and may employ obfuscation techniques to mask the connection. See all remote access payloads.
This payload is for the Packet Squirrel, a matchbook-sized Ethernet multi-tool designed to give you covert remote access, painless packet captures, and secure VPN connections with the flip of a switch. This tiny linux-box is a man-in-the-middle that's nuts for networks.