Forum Thread: Using External IP as LHOST

Hey there,

I was asking, I have a kali linux verison my laptop, I need to try penetrating an android phone with MetaSpolit, I saw many methods and they are the same by creating an APK file and sending it to the victim using msconsle but I was wondering, The android phone I am trying to hack must be connected to my own internet connection (Local Host) or it doesn't matter?

I mean I need to make a WAN Connection instead of doing it on LAN because my victim isn't connected to the same network.
Should I port-forward 4444/80 ports & then add in LHOST space my external ip or the kali internal ip?

12 Responses

Yes. It doesn't really matter what port you use. You just need to port forward it. WAN requires it because the Lhost IP address leads to the router. The router needs to know where to send the traffic. So as long as you port forward, it should work fine.

Thanks for your reply.

So you mean by port-forwarding the ports, it doesn't matter if I used the Public/External or Local (Internal) IP Addreas, It will access any android phone that is not on my same internet connection?

There are 2 conditions :

First unless your kali is exposed with a public IP you bought, you need port forwarding at your side in order to redirect the trafic to your kali. You'll specify your router public IP and configure it to redirect all trafic incoming to your LPORT to your kali host (private IP).

You'll also need to be able to reach your target at least in order to send your payload which mean that you also need the target to have a public IP (RHOST) or to be port-forwarded. This situation is really unlikely to happen because you're targeting a smartphone.

Thanks for your reply :)!

Alright I understand but I got a new problem here, I portforwarded the port 4444 to my Windows IP Addreass but I noticed that the Kali Linux IP 192.168.188. differs from the Windows 192.168.1. IP (Using VMWare) does this effect on the WAN connection or not? ...- Also, I tried to install the APK which I made to the Kali IP, It fails,Giving me "Application is not installed", I tried in other 2 devices and gives the same... I am not sure it's due to the connection or it's an android problem...?

Your kali and your windows are not on the same LAN. But don't understand what you're doing. Why did you port forward your windows ?

I'm using VMWare ...I portforwarded the port 4444 to my Windows Local IP which is: 192.168.1.x, Which I will use on WAN because the target's device I want to penetrate isn't on LAN (same internet connection) , But in the 'ifconfig' in Kali the ip is 192.168.188.x, does this effect on the portforwarding or I should portforward the port 4444 to 192.168.188.x ?

I'm not familiar with VMWare but I'm pretty sure that you misconfigured your VM network setting. You need your Kali to be the LAN of your router.

Look at your VM network setting (VMWare UI). You should find something like "bridged mode" option.

Hi,
Lets take this Step By Step:
(MAKE SURE NETWORK IS BRIDGED)

  1. App Not Installed:

This is probably because you made a mistake in the terminal while writing the command (Common), or your app needs a DIGITAL SIGNATURE (Occurs Often). You can easily add a Digital Signature onto the apk. Refer Google on How-to.

  1. Ip Address Confusion:

There are 2 kinds of IP Address Private and Public. Since you are working with Kali on VMware and are deploying the METERPRETER, Below Lies how to conduct your attack on the WAN (a.k.a The INTERNET):

When making the payload (msfvenom.apk) use your PUBLIC IP as LHOST. you can get this by typing "what is my ip address?" on Google.

When Deploying the MSFCONSOLE use your PRIVATE IP as LHOST, obtained from typing "ifconfig" on you VMWare Kali Linux Terminal.

  1. Port Forwarding:

Make sure Port Forwarding is done on the same port EVERYWHERE in LPORT.

And, That's how you successfully conduct an Android Meterpreter hack.

Cheers,
Sherlock

Thanks for your reply!
Alright thanks but one more question
By saying (MAKE SURE NETWORK IS BRIDGED)..You mean??

never mind I did it
Thanks all for your help.. Ireally appreciate your support for me ^_^

Share Your Thoughts

  • Hot
  • Active