Please am facing a slight issue with Router To Forward Connections To Kali from outside network. After creating the backdoor using Public IP “By Google Search What Is My IP”, then after that I setup my reverse connection using msfconsole to setting up to listen to the outside connection, using my Kali wlan0 private IP address. I start the apache2 service to that target can download the backdoor from his window. Which target successfully download the backdoor on his window; target run the backdoor on his window, but at my end in my kali machine am not receiving any reverse connection. Please help! how can i fix this.
Kindly find attached screenshot below for more understanding
Below is how I portfoward both my machine kali wlan0 private IP and also for Apache2 below
Thanks hope to hear from you soon @Zaid_Sabih @Zaid @NathanHouse @Apurv-StationX
in addition i have all try other method like localhost.run it still not reversing connection or listen to outside network connect. Please what is the solution to fix all the problems. Thanks
Before doing all this metasploit stuff, after you do the port forwarding, just see if you can listen to your computer from outside on a specific port. Just start a basic listener on your machine with netcat then see if you can connect to it from outside if you can’t, then the port forward is broken. Once you fix that, you should be able to run any program to listen back to your machine whether its metasploit or any other reverse backdoor stuff
How do I go about the basic listener on my machine with netcat. Am a new student and we have not been thought about that. Do you have any guide you can provide to put me through?
@Zaid_Sabih @Zaid @NathanHouse @Apurv-StationX
Can anybody answer my questions? I create a backdoor forward my kali private IP and Port to 80/8080 on my router. from my outside network i was able to download backdoor and run it… Now back to my Kali Machine no reverse connection to metasploit in kali…
I have already try listen to my port 80 and 8080 in netcat the both listening
Sorry for the delay in responding. So you ran netcat and you are getting successful listening activity. This means something is wrong with the IP addresses you put in metasploit. by wrong I mean private vs public IP and the way metasploit deals with it. Try running a simple HTTP reverse shell to see if the IP address you have forwarded is working fine - A simple one that I have also written can be found here - GitHub - apurvsinghgautam/HTTP-Reverse-Shell: An HTTP Reverse Shell in Python OR you can just google and find other tools.
Go through the readme and try running it. If you get a successful connection, then we will have to figure out why Metasploit is not working. It has to do with IP addresses for sure, but hard to pin point what is happening wrong.
Also, you don’t need to ask someone to help you with stuff like running netcat. You can just google “how to run netcat” and you will get answers. The majority of the learning in security is searching on google even when you are in the industry. Always try searching multiple times on google.
Thanks for your response, I tried to run the script you provide is not work, or maybe i do not know how to run it…The current program am into from zaid is basic ethical hacking cause and python is not include, so i dont have any idea regarding python language.
Secondly I observe whenever I search what is my IP to check my public IP in Kali browser, the IP address keep changing to different IP; even if I just refresh the browser the IP change.
I don’t know if this can cause the Metasploit not to listen to the reverse connection or make my Backdoor not hooking the target machine?
I think your Kali VM’s network adaptor is not set correctly. You should be using a separate wifi adaptor for this to work. If you are on NAT or Bridged then the connection is through your host machine and IP is assigned from that host machine itself so that’s why you see IP address reset once you refresh. Ideally your public IP address should not be changing that quickly (it usually changes within few days).
You can check the same thing on your host machine. check public IP and see if it is changing on refresh. Another thing that may be causing this is if you are using a VPN and if the IP is set to rotating within VPN settings.
I just tried it on my host machine refresh the browser and the IP keep changing every 5 to 10 minute. while on kali machine I bridge the connection and the IP keeping change when i refresh the browser too in kali machine, same applicable to when I try use NAT. Secondly am not using VPN at all
Please what can I do…
Ok then it seems your ISP may be changing IP addr very quickly. This may be because of multiple reasons. You can read more about it here - networking - Rapidly changing public IP addresses on certain networks? - Server Fault
You cannot do anything about this. You have to go to some other network to perform this task.
Thanks for your reply. I just tried another network now and is using the same IP with both Host Machine and Kali Machine and it not changing the Ip like the previous network. I setup my backdoor again and run it on the host machine, still Metasploit still not listening to any connection.
Secondly i have also tried to use localhost.run to bypass the router, it still not working, I cant really pin-point what is the cause of the errors, am currently using VMware workstation 17 and latest custom kali zaid created for this lecture…i have google/youtube online i cant find any solution, am really stuck here. Please I need some help. @Zaid_Sabih @Zaid @Apurv-StationX @NathanHouse
You don’t need to tag everyone eveyrtime.
Ok so the problem was in the network. Now run the netcat again to check if you are getting connection. Open a netcat session on your Kali and try to connect to it using your outside machine. If you are able to run commands then the problem is with metasploit.
There can be multiple issues with metasploit
- Exploit not executing because of the victim machine’s security
- Exploit not configured properly
- Problem with reverse connection
In real world, you will hardly have to do metasploit from outside the network. If you are in a pentesting company, most of the time the testing is done from within the network. And if it is from outside the network, there are far more reliable method to gain access to the network than metasploit.
As long as you know the concept of how metasploit works, you will be good in whatever security job you go for.
Thanks for your response. i dont not know how to use netcat; we have not been thought here so far on how to use it and i have also search online to see if i can find any step or guide to follow to do what you ask me to do, i do not find any.
I just googled “create netcat connection” and this link was the 3rd result - https://www.baeldung.com/linux/netcat-command.