Port forwarding

So far, we have learned about a number of methods to gain full control over computers. We have seen how to do this using server-side attacks, client-side attacks, and social engineering as well. All of the attacks that we've done so far have been inside the network, and we've chosen to do that for convenience. That doesn't mean that these attacks only work inside the network; in fact, all of these attacks work outside the network as well. The only thing is that we need to configure our network in a way that allows incoming connections from the internet from outside our local network. We can use BeEF, we can use the backdoors, and we can also use server-side attacks—all the attacks that we have done so far, except for the special cases. The only thing that we want to keep in mind is that we want to configure the router to handle reverse connections properly, and direct them to the Kali machine. Now we will be focusing on that aspect and seeing how it would work and how to configure the router to achieve that.

Firstly, let's learn how to set up a default network. We've seen a similar diagram to the following in Chapter 5, Pre-Connection Attacks, and in the following diagram, we can see that we have the ROUTER, we have the CLIENTS that are connected to the ROUTER, and then we have the ROUTER that is connected to the INTERNET:

We mentioned before that none of the CLIENTS (all devices inside the network), don't have an internet connection; they can only access the INTERNET through the ROUTER. Whenever they want to request something, or they want to go to a website—for example, if they want to go to Google—the device would send a request to the ROUTER, then the ROUTER would go to the INTERNET, which is going to receive Google.com, and the response would be sent back to the ROUTER, then the ROUTER would forward that response to the device that requested it.

So, inside the network, each device has its own private IP. We can see in the preceding diagram that there are some IPs are written in red, and these only exist within the network; that's why we call them private IPs, because outside the network these IPs are not visible. Once we are in, we can see that the router has two IPs: it has a private IP in red, which is accessible by all the devices in the network and is only used inside the network; and it also has a public IP, which is in green, and is accessible through the INTERNET. The IP that is highlighted in green is the IP that Google sees. If we actually go to Google, or to any other website, they see an IP address but they won't see our private IP address; they'll actually see the IP address of the ROUTER because the ROUTER is the device that's actually making the requests, not the machine. All the requests made by these devices on the same network will all appear as if they're coming from the same machine, or from the same IP. Again, this is because the only device that has access to the INTERNET is the ROUTER; none of the other devices do.

In most cases, or, if we think about it, in all the attacks that we do, the main thing we want is to get a reverse connection. Even when we're using the BeEF browser, we actually get a connection on port 3000, which is the port that the BeEF is working on, and when we're using our backdoors, we actually receive a connection on the port that we specify when we make the backdoor. When we want to send that backdoor to somewhere outside our network, the first thing we have to keep in mind is that our local IP is not going to be visible. What we have to do is use the public IP, the IP of the router. To know the router's IP, we just have to go on Google, and then type in whats my IP in the search bar. Google will return the IP address of the router, and that IP will be the same from all the machines in the same network.

Now, we are connected through a wireless card. When we launch the command, we will see that we are not using a NAT connection, we are using an external wireless card that's connected to the home network. Therefore, all the devices in our wireless network at home will have the same IP. Again, that's because they all use the same router, so they're all connected to the same network. We will be using this IP in our backdoor, we're going to send the backdoor to a person that exists on the internet, that person is going to run that backdoor, and that backdoor is going to use a reverse connection. It's then going to try to connect back to the router on port 8080, for example, if we chose that port in the backdoor. Once the router gets a request for port 8080, it won't know what to do with it, because the router is not listening to port 8080, and this request will not tell the router where it wants to go. All we need to do is configure the router to tell it that we want to forward the port 8080 to the Kali machine whenever we get a request from it. We are just using 8080 as an example, but we can do it for any port that we are listening on, whether it's 8080, 444, or 3000 for BeEF.

The main idea is that we want to use our real IP outside the network. Whenever we run any attack in previous chapters and even in future chapters, if we want to run that attack on the internet, on someone who doesn't exist on our home network, then we first of all make sure we use the public IP, and also make sure we configure the router to forward requests on the port that we're listening to on the Kali machine. We're going to see how to do that in the next section of the chapter.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.217.144.32