Forum Thread: Some Questions Which I Didnt Understand.

Port forwarding depends on the attack, not all attacks are created equal. Let me give you this example. Let's say you are trying to trick someone to give you their SSH password, in this situation you would need to have an SSH server running with runs on port 22. Routers would need this port forwarded. Overall port forwarding isn't needed if on the same LAN.

On the other question there are several different methods, one common one among script kiddies but is still very useful and effective is Skype IP lookup. It is interesting and kinda scary. Other more complicated ways are looking at access logs of your server. An example would be Apache, you would trick the person into connecting too your web server and BAM you have their IP in your access log.

Hope my answers gave you some insight. If you have any more don't be afraid to ask!

1. Do i need port forwarding for attack using Beef + Metasploit + MITMF?
2. So are you saying that a server is enough to get the ip address of the person to be tricked?

Thanks for your time.

1. Yes you will need port forwarding for any ports they require, for BeEF it will be port 80 if any, don't know BeEF super well but I would think because of what it does it would need port 80 if any. MITMF redirects all data to your IP so it depends on the attack you are doing but it will be all data of theirs. Metasploit you can set the LPORT to whatever you want but that would have to be the port you port forward to.
2. Really any connection you can get their IP from but something like Apache it is a web server so you can trick your friends by saying "Come check out my cool site I made" and you just look at the access log (you might have to enable access logging, I don't know)

Answer 2 is clear and understood.

1. Can i achieve port forwarding with VPN?

Does the port forward work for attacks specified in: http://www.systutorials.com/816/port-forwarding-using-iptables/