Forum Thread: How can i Port Forward for WAN Attacks in Kali Linux HELP

basically you have to set up your pc to see from internet ...

you need set up port forwarding or dmz on your pc/laptop and set up some dynamic dns if you don't pay many for static ip.

Just be careful because it could happened that you get caught because no anonymity

i dont know how to port forward thats the problem , and i dont even know which port i should forward , i am new to linux and kali so i am abit confused and i dont use it on a virtual machine ,i have installed kali on my laptop

Port forwarding has absolutely nothing to do with Linux. It's your router. Go in the settings menu of your router, and under "applications & games", you should see the port forwarding menu.

-Phoenix750

i am using usb ethernet connection and it does not seem to have any option to port forward or anything

sorry for being such a noob ,as i said earlier i dont have a router , i am using a modem , connecting directly to my laptop ,i dont know where the settings are

You can just connect your computer directly to the internet then. you should really get a router though.

-Phoenix750

and how do i do that because i think i am already connected ,i could browse the settings of my modem on the internet and it says its connected to WAN however not any option for ports

i mean your computer directly to your ISP. No routers or modems in between. But this is highly unsecure

-Phoenix750

thanks alot for your reply ,let me try it ,i just want to see if i can do it on WAN i dont want to hack anyone

If you have a direct connection, try this:

nc -l -p 8080

this opens port 8080 for connection on your pc. Now go to this site and insert 8080 in the port, and click 'check port'. If it can connect, then you don't need port forward, but keep in mind that this kind of connection is highly insecure like Phoenix said (either buy new hardware or set up a firewall).

If you get an error, tell us what the brand and model your modem is, it's kinda hard without that.

it didnt work when i enter the command in terminal and press enter it just keeps blinking on a new line nothing happens and when i checked just to see if it was open on the site it said Error: I could not see your service on port (8080

and my modem is huawei model is e303h-1

thanks for your reply

The 'nothing happens' is intentional, if you just see it blinking it's working ok, as it's just waiting for someone to connect.

So you are connecting with a mobile operator (it was not clear before, or I just missed this) so maybe your connection has carrier NAT, and there's nothing beside going under a VPN that allows port forwarding.

Try calling your operator and ask for an IP outside their nat, but with the ip shortage nowadays it might not be possible (but worth an ask). Personally, I have the same problem, just sometimes when I reconnect I get assigned an ip from a different netblock and I'm allowed to port forward, but that happens rarely.

Can any help me with setting up Metasploit with DNS and portfowarding for wan

Try to search up your specific modem to see if you can port forward with it, also look in the manual on how to do it.

Cheers,
Washu

i tried there is nothing on google about it ,however i have the WAN ipadress because when i open the modem settings on the browser using this ip it says its connected to WAN but not sure about port forwarding because there is no such option there

Since each modem settings are different I'm afraid it will be hard to help for your individual case.

Make sure you really look through all your settings. If that doesn't work you may consider a VPN that can also do port forwarding (i.e. AirVPN). Last option would be to buy a new modem that you're sure can port forward.

Cheers,
Washu

thanks for your reply , i think my modem does not support port forwarding ,i will try the airvpn

thanks alot :)

if you're using a 3G dongle, look for some comments I made in this forum about using PortMapper to open your ports

Most of the modems is having setting called virtual server.u can just add the incoming and outgoing ports in it to the local IP address of your pc

if we use 3G network (Eg: Dialog Axiata) , is ISP blocking incoming connection ?

Most likely, it IS blocking connections due to either 'security measures' or ipv4 shorage. It's easy to find out tho.. just forward a port on your router and do the canyouseeme test I mentioned above.

hi triphat can you please tell me what ports to forward to which IP to attack on WAN for android hackinh

it's not a matter of WHAT ports, but IF you can succesfully forward them !! Port choice is arbitrary... you can use default 4444 or can pick 1337, 8008, or anything.

Moreover, if you don't have a router and you're using your android to tether the connection, it's even more complicated...

I suggest you try in an easier and more friendly environment. When you understand how it works, you can experiment on harsh conditions like mobile hotspot, natted connection, etc... just start easy and make sure you know what you are doing !

thank you very much for you reply , i just needed to know that do these ports need to be forward to your internal ip or public ?

so the source port shiuld be 4444 and the destination should be 4444 ?
i am trying to port forward using my android it has root access so i can do it and use it as router

so please explain me to which ip

so you set up iptables and ip forwarding correctly on your phone ?? nice !!! Haven't tried myself because my mobile is NATted, but that should work and it's totally cool.

Yeah, you can map 4444 to 4444, and the IP will be the one of your Kali machine listening. Usually android make something like 192.168.43.1 for router, others are arbitraty, you can find yours with ifconfig and add that to the forward rules of iptables.

yes so everything i set accordingly and when i scan for open ports it shows that 4444 is open and it has also successfully forwarded to my internal ip (kali machine) i set my first command lhost to my public ip and the metasploit command i use my internal but when i exploit and tap open on my android i get this

* Started reverse handler on 1.1.1.1:333
* Starting the payload handler...
* Sending stage (56173 bytes) to 1.1.1.1
* - Meterpreter session 1 closed. Reason: Died
* Meterpreter session 1 opened )1.1.1.1 -> 1.1.1.1) at 2015-11-06 09:32:31 +0300

• Meterpreter session 1 is not valid and will be closed

• Invalid session identifier: 1

the ip adress in sending stage is correct its the ip which my andoid is using

NOTE: the phone i am using for port forwarding is the one i am trying to hack so i dont know if the error is because of that ,,the other whicch i have runs android 5.1.1 i doubt it will work

This is somewhat a messed up setup, a scenario that is unlikely to happen in real life ... it SHOULD work, but you'd actually want a more real scenario, either on LAN or with proper internet connection (no 3G - android router..)

Also, lollipop might cause problems, read here my post (that will link to more posts... lol)

i figured it out and made it work through using my mobile hotspot i can now attack on WAN thank you so much for your help :D

hey please tell me how you figured it out

thank you for your reply , i have tried on LAN it worked fine no problems and now it works on WAN too :D

Nice !!
Glad I could help... somehow...

Is it possible to do WAN attack without router port forwarding ?

only using 3g dongle (Huawei E3531) ? ( I try to use UPnP PortMapper , but got only errors)

WAN attack without router port forwarding is not possible, as a router must forward ports in order to allow the victim to connect back at you, the attacker.

Your 3g dongle is a modem, not a router, so you should be exposed to the internet already, every port you open on your pc is right accessible from your ip, but IF an only IF you are assigned a unique ip addess and not be behind some carrier NAT (that is most, if not all cases when using these keys nowadays). In this case, either you buy a VPN access that allows port forwarding. (and you still can connect with a limited connection where you have almost no control over routing your packets, and gain that ability with a VPN tunnel), or you ask your phone operator if they can give you a unique IP (extra charges may apply, or they simply could tell you it's not possible)

Upnp port mapper won't work in your case, it's useful only when you have a router AND the upnp service is active in its settings.

Also, keep in mind that Huawei has a long story of vulnerabilities, so it's fine as long as you're learning, but it's not good when your safety and privacy depend on it.

i used port forewarding with port 80 but its not working in kali linux 1.0. is it because apache2 is using the same port? how do i solve this

? help!!!!!!!!!!!!

ammar montana ,you ve said u figured out to work on wan, which I ddnt succeeded yet, any help? bcz i'm not familier with port forwarding....

hey folks,i'm new here.i tried every thing but no result. i set up port forwarding,called my isp but no ports are available for my public ip. please help

sir what to do of port fowarding when using usb dongle 'vodafone 3g K3800" i want to hack anothe mobile which is not connected to my wifi. i want to hack the phone that is connected through his personal mobile data not to my wifi.. please help me :-(

HI i want to ask that i don't have modem i hack a WiFi and i am using i am a noob or you can say i am new in hacking so how can i forward the port plz help me

I m using Router without net and Internet on my device by connecting it as LAN. So I have to put eth IP address in port forward or wlan0 IP address in Port Forward.

When I check port forward status of any port its showing closed. Any solution??

hello guys help me i cant figure out how to port forward in jiofi router

Hey I have A Little Doubt I Use To Use In Internet In My Linux Machines By USB thethring When I Make A MSF Payload disconnect My Net And Copy File .....And Reconnect My Ney And Exploit It Won't Work it get stuck in starting MSF paylod listener .....PLEASE HELP ME.....