Not so much a hacking post as it is general Help.

I got layed off from my original employer and found work with a local IT company that is based around the world best thing that has ever happened to me as I am constantly being challenged my first "test" is this. I have no way to go around doing this I need some help.

I have to tunnel RDP through SSH via putty to my home network from a windows server 2k3 box. now that seems to be the easy part however the server is running off a linux host as a VMware machine. so I have access to the linux host just not the windows host. the vm is on its own internal lan by the looks of it. something like a 10.50.10.x.

any way to find that machines IP without a scanner using linux commands? how would you guys do this?

P.S. Thanks for all your help in advance.

I'm a bit confused also.  If you have access to the host then usually you can just do a ifconfig (*ix) or ipconfig (windows) and it will give you a list of listening NICs.  That includes real and virtual.  If that doesn't work for some reason, and you have full access to the host, you can us VMware itself to get the IP.  Just look at the configuration for the instance you are interested in.  When you look at the NIC configuration it should show you was IP range it is set to, or the IP pool that it can pull a range from (for example 10.10.10.0/24).  Your description sounds like you are NATing using your linux host's physical NIC.  That means it should be pretty straightforward to tunnel out of the w2k3 server, but not fun trying to setup the tunnel from your home network into that server.

just do a simple bash script to ping all the hosts in your 10.10.50.x range

.1 should be your vmware gateway

You've shown your woirth and were given additional duties. That's how you climb that ladder. Well done.

Don

Shawal,


Nice tip, haven't come across that one before. One more for the toolbox