What is Port Forwarding |  use of ngrok |  Access localhost website from outside network

In computer networking, port forwarding or port mapping is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall. This technique is most commonly used to make services on a host residing on a protected or masqueraded (internal) network available to hosts on the opposite side of the gateway (external network), by remapping the destination IP address and port number of the communication to an internal host.



Port forwarding allows remote computers (for example, computers on the Internet) to connect to a specific computer or service within a private local-area network (LAN).[3]


In a typical residential network, nodes obtain Internet access through a DSL or cable modem connected to a router or network address translator (NAT/NAPT). Hosts on the private network are connected to an Ethernet switch or communicate via a wireless LAN. The NAT device's external interface is configured with a public IP address. The computers behind the router, on the other hand, are invisible to hosts on the Internet as they each communicate only with a private IP address. What is Port Forwarding ? use of ngrok ? Access localhost website from outside network


When configuring port forwarding, the network administrator sets aside one port number on the gateway for the exclusive use of communicating with a service in the private network, located on a specific host. External hosts must know this port number and the address of the gateway to communicate with the network-internal service. Often, the port numbers of well-known Internet services, such as port number 80 for web services (HTTP), are used in port forwarding, so that common Internet services may be implemented on hosts within private networks.





Typical applications include the following:

•     Running a public HTTP server within a private LAN
•     Permitting Secure Shell access to a host on the private LAN from the         Internet
•     Permitting FTP access to a host on a private LAN from the Internet
•     Running a publicly available game server within a private LAN

Administrators configure port forwarding in the gateway's operating system. In Linux kernels, this is achieved by packet filter rules in the iptables or netfilter kernel components. BSD and macOS operating systems prior to Yosemite (OS 10.10.X) implement it in the Ipfirewall (ipfw) module while macOS operating systems beginning with Yosemite implement it in the Packet Filter (pf) module.





When used on gateway devices, a port forward may be implemented with a single rule to translate the destination address and port. (On Linux kernels, this is DNAT rule). The source address and port are, in this case, left unchanged. When used on machines that are not the default gateway of the network, the source address must be changed to be the address of the translating machine, or packets will bypass the translator and the connection will fail.



When a port forward is implemented by a proxy process (such as on application layer firewalls, SOCKS based firewalls, or via TCP circuit proxies), then no packets are actually translated, only data is proxied. This usually results in the source address (and port number) being changed to that of the proxy machine.



Usually only one of the private hosts can use a specific forwarded port at one time, but configuration is sometimes possible to differentiate access by the originating host's source address.



Unix-like operating systems sometimes use port forwarding where port numbers smaller than 1024 can only be created by software running as the root user. Running with superuser privileges (in order to bind the port) may be a security risk to the host, therefore port forwarding is used to redirect a low-numbered port to another high-numbered port, so that application software may execute as a common operating system user with reduced privileges.


The Universal Plug and Play protocol (UPnP) provides a feature to automatically install instances of port forwarding in residential Internet gateways. UPnP defines the Internet Gateway Device Protocol (IGD) which is a network service by which an Internet gateway advertises its presence on a private network via the Simple Service Discovery Protocol (SSDP). An application that provides an Internet-based service may discover such gateways and use the UPnP IGD protocol to reserve a port number on the gateway and cause the gateway to forward packets to its listening socket.

Types of port forwarding

Port forwarding can be divided into the following specific types: local, remote, and dynamic port forwarding.

Local port forwarding

Local port forwarding is the most common type of port forwarding. It is used to let a user connect from the local computer to another server, i.e. forward data securely from another client application running on the same computer as a Secure Shell (SSH) client. By using local port forwarding, firewalls that block certain web pages are able to be bypassed.

Remote port forwarding

This form of port forwarding enables applications on the server side of a Secure Shell (SSH) connection to access services residing on the SSH's client side.[8] In addition to SSH, there are proprietary tunnelling schemes that utilize remote port forwarding for the same general purpose.[9] In other words, remote port forwarding lets users connect from the server side of a tunnel, SSH or another, to a remote network service located at the tunnel's client side.


To use remote port forwarding, the address of the destination server (on the tunnel's client side) and two port numbers must be known. The port numbers chosen depend on which application is to be used.


Remote port forwarding allows other computers to access applications hosted on remote servers. Two examples:


An employee of a company hosts an FTP server at their own home and wants to give access to the FTP service to employees using computers in the workplace. In order to do this, an employee can set up remote port forwarding through SSH on the company's internal computers by including their FTP server’s address and using the correct port numbers for FTP (standard FTP port is TCP/21).


Opening remote desktop sessions is a common use of remote port forwarding. Through SSH, this can be accomplished by opening the virtual network computing port (5900) and including the destination computer’s address.
   

Dynamic port forwarding

Dynamic port forwarding (DPF) is an on-demand method of traversing a firewall or NAT through the use of firewall pinholes. The goal is to enable clients to connect securely to a trusted server that acts as an intermediary for the purpose of sending/receiving data to one or many destination servers.[11]


DPF can be implemented by setting up a local application, such as SSH, as a SOCKS proxy server, which can be used to process data transmissions through the network or over the Internet. Programs, such as web browsers, must be configured individually to direct traffic through the proxy, which acts as a secure tunnel to another server. Once the proxy is no longer needed, the programs must be reconfigured to their original settings. Because of the manual requirements of DPF, it is not often used.



Once the connection is established, DPF can be used to provide additional security for a user connected to an untrusted network. Since data must pass through the secure tunnel to another server before being forwarded to its original destination, the user is protected from packet sniffing that may occur on the LAN.



DPF is a powerful tool with many uses; for example, a user connected to the Internet through a coffee shop, hotel, or otherwise minimally secure network may wish to use DPF as a way of protecting data. DPF can also be used to bypass firewalls that restrict access to outside websites, such as in corporate networks.

How to use Ngrok for Access outside Network ?

1) first we need a localhost server such as hosting provider or need a web address to access the outside network ( For eg Ngrok )


ngrok.com













Spend more time programming. One command for an instant, secure URL to your localhost server through any NAT or firewall.




2) Signup or login to ngrok and go to with download option for downloading a ngrok server ( application )


https://ngrok.com/download




3) First, download the ngrok client, a single binary with zero run-time dependencies. you can downloa for MAC OS X, Windows, Mac (32bit), Windows (32-bit), Linux (ARM), Linux (ARM64), Linux (32-bit), FreeBSD (64-Bit), FreeBSD (32-bit)...  


4)  On Linux or OSX you can unzip ngrok from a terminal with the following command. On Windows, just double click ngrok.zip.


  $ unzip /path/to/ngrok.zip 


Most people like to keep ngrok in their primary user folder or set an alias for easy command-line access.







5)  Try it out by running it from the command line:


  ./ngrok help 




6) To start a HTTP tunnel on port 80, run this next:


  ./ngrok http 80  











OR


  ngrok http -subdomain=baz 8080 


OR



  ngrok http foo.dev:80   




OR


  ngrok http https://localhost 


OR


  ngrok tcp 22 

How To Access website from Outside Network ?

Type the following command and press enter :-


1)   serivce apache2 start 


otherwise i have already download and install external apache server ( XAMPP Server )









For chech a service status , it's a start or not  


  service apache2 start 



then we have ready to access our localhost website via inside and outside network  ( internet )



Now, we have to copy a ngrok's link


https://ab5ac26e3592.ngrok.io








Then access






Through Mobile

Disclaimer

 

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.







            
    


I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

As data sets are getting larger and more prevalent, researchers are having to try to to tons of leg add reference to core programming - resulting in longer spent with tools like GIT and Kali Linux (something we have seen Hardly done before!).

For software engineers reading this post: you would possibly not find the subsequent useful, but as someone who has been through those early self-taught days as a junior researcher, i might like to see data scientists or ML researchers Feeling of budding pain!

Looking at all of that, i assumed about what commands i exploit daily and in my routine and which commands I wanted to understand beforehand. So from this, i'm now presenting my top 5 Kali Linux commands which have helped me reach the highest of my career! top 5 linux command for beginners

Command 1: grep

grep sounds like the noise frogs make, but actually it stands for Global regular expression print. That long phrase doesn’t make much sense outright, but the essential use case for the grep command is to search for a particular string in a given file.



The function is fairly quick and incredibly helpful when you’re trying to diagnose an issue on your production box, in which for example, you may think a TXT file has some bad data.



As an example, say we’re searching for the string 'this’ in any file which begins with the name 'demo_’:


$ grep "this" demo_*
demo_file:this line is the 1st lower case line in this file.
demo_file:Two lines above this line is empty.
demo_file:And this is the last line.
demo_file1:this line is the 1st lower case line in this file.
demo_file1:Two lines above this line is empty.
demo_file1:And this is the last line.


Not so bad huh? We can see on the left hand side that there are two files that begin with demo (demo_file and demo_file1)

Command 2: wget

Now we move onto something a little bit more sophisticated but still something we use quite a lot. The wget command is a useful utility used to download files from the internet. It runs in the background so can be used in scripts and cron jobs.

To utility is called as follows:


wget <URL> -O <file_name>

Where the following is an example if we wanted to download a file:

wget https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.17.2.tar.xz

Command 3: wc

Often you have a file of arbitrary length and something smells fishy: maybe the size of the file seems too small for the number of rows you expect or something you’re just curious how many words are in it. Either way, you want to inspect it a bit more and need a command to do so.

The wc command helps out in that it essentially counts a few different things for the file in reference:


# wc --help
Usage: wc [OPTION]... [FILE]...
  -c, --bytes            print the byte counts
  -m, --chars            print the character counts
  -l, --lines            print the newline counts
  -L, --max-line-length  print the length of the longest line
  -w, --words            print the word counts
      --help            display this help and exit
      --version            output version information and exi

So, say we want to count the number of lines in a file:


wc -L tecmintt.txt


16 tecmintt.txt


or maybe the number of characters:


wc -m tecmintt.txt


112 tecmintt.txt


Awesome!

 

Command 4: Vi

The vi command is super helpful as it allows you to open and explore a file. The command works as follows:


vi [filepath]


And it takes you into an editor sort of thing. Now in this editor, you can use the following characters to navigate:


k    Up one line 
j    Down one line 
h    Left one character 
l    Right one character (or use <Spacebar>)
w    Right one word
b    Left one word



However, in reality, you’ll find navigation pretty naturally. The following commands will be the most useful though:



ZZ     Write (if there were changes), then quit
:wq    Write, then quit 
:q     Quit (will only work if file has not been changed) 
:q!    Quit without saving changes to file


You’ll learn to love vi, I swear!

 

Command 5: CTRL+R

So I’ve saved the best for last as I really use this command quite a lot. CTRL+R isn’t really a command but more a shortcut type of thing. It allows you to search your history of used commands by typing in something which resembles the command, and then similar commands that you’ve used before come up!


For example, say you’ve just run a really long command and for whatever reason your terminal session breaks and you have to re-run the command again. With this command, you can quickly search for it again instead of reconstructing the command from scratch!


Let’s say I’m trying to remember a command that begins with hi, but I can’t remember it all. I type in ctrl+r and then I see what it recommends:



$ historybck-i-search: his_



Perfect! The command history has been recommended and that’s exactly the
command we were looking for. If you press tab at this point, the autocomplete fills in the line:



$ history




I’ve actually always struggled to use both Linux and GIT but over time, I’ve managed to remember a few key commands that’ve helped my development as an independent researcher. I can work fairly independently now and it’s thanks to the above command line tools that I’m able to so.

Therefore, I really recommend spending a few hours getting used to linux as the small lessons you take now will really help progress your use of the system going forward. It’s pure upside!




I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

So today we will know about the open source tool that helps in keep anonymous, TorghostNG - Make all your internet traffic anonymized with Tor network. This tool is scripted in python language as you can tell -_- you can help us by subscribing to our youtube channel :. Kumar Atul Jaiswal .: before using the too.

About TorghostNG

TorghostNG is a tool that make all your internet traffic anonymized through Tor network.

Rewritten from TorGhost with Python 3.

TorghostNG was tested on:

•     Kali Linux
•     Manjaro
•     ...

  
  
Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.
TorghostNG - Make all your internet traffic anonymized with Tor network.

Before you use TorghostNG

• For the goodness of Tor network, BitTorrent traffic will be blocked by iptables. Although you can bypass it with some tweaks with your torrent client disappointed_relieved. It's difficult to completely block all torrent traffic.
• For security reason, TorghostNG is gonna disable IPv6 to prevent IPv6 leaks (it happened to me lmao or whatismyip.live). tor network TorghostNG  - How to anonymize your internet traffic

Installing TorghostNG

•     GNU/Linux distros that based on Arch Linux
•     GNU/Linux distros that based on Debian/Ubuntu
•     GNU/Linux distros that based on Fedora, CentOS, RHEL, openSUSE
•     Solus OS
•     Void Linux
•     Anh the elder guy: Slackware
•     (Too much package managers for one day :v) torghostng

How To Install ?

3) sudo python3 install.py






4) sudo python3 torghostng.py







5) sudo python3 torghostng.py -s -c -id it

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

Video Tutorial :- 

 

So today we will know about the open source tool that helps in finding XSS cross site scripting attack for any website. This tool is scripted in go language as you can tell -_- you can help us by subscribing to our youtube channel :. Kumar Atul Jaiswal .: before using the too.

XSS Vulnerability

Cross-site scripting ( XSS )is a type of computer security vulnerability typically found in web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.  XSS Vulnerability find in any website within minutes
XSS vulnerability search in any website within minutes

Dalfox

I talk about naming. Dal(달) is the Korean pronunciation of moon and fox was made into Fox(Find Of XSS). XSS Vulnerability find in any website within minutes

Key features

• Paramter Analysis (find reflected parameter, find free/bad characters, Identification of injection point)
• Static Analysis (Check Bad-header like CSP, X-Frame-optiopns, etc.. with base request/response base)
• Optimization query of payloads

•         Check the injection point through abstraction and generated the fit  payload.
•         Eliminate unnecessary payloads based on badchar

• XSS Scanning(Reflected + Stored) and DOM Base Verifying
• All test payloads(build-in, your custom/blind) are tested in parallel with the encoder.

•         Support to Double URL Encoder
•         Support to HTML Hex Encoder

• Friendly Pipeline (single url, from file, from IO)
• And the various options required for the testing :D

•         built-in / custom grepping for find other vulnerability
•         if you found, after action
•         etc..

How To Install ?

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing  malicious or damaging attacks. Performing any hacks without written permission is illegal ..!


All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.


All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

Video Tutorial :-