Multi-level internal network penetration (internal network routing/port forwarding)

What is a multi-level internal network

The multi-level internal network mentioned in the title is common in various large enterprises. For example, as shown in the following figure:

In network A, there are generally enterprise DMZ areas, including external web servers, DNS servers, etc.

In network B, there are generally enterprise internal server areas, including domain control servers, internal OA, etc.

In network C, there are generally enterprise red zones, including databases storing sensitive information or various key business servers. (For example, the HIS in hospitals, the industrial controllers in industrial enterprises, etc.)

In this kind of network, network A can connect to the Internet, network B can connect to network A and network C but cannot connect to the Internet, and network C can only connect to network B.

How to penetrate a multi-level internal network with Viper

Viper is developed based on msf. In msf, there are two network jumpers for penetrating a multi-level internal network. One is internal network routing and the other is port forwarding. Of course, the two methods mentioned here refer to the case without using external network jumper tools.

The network configuration of the experimental environment is as follows: