Shulou(Shulou.com)05/31 Report--

This article mainly introduces Ngrok and raspberry pie how to bypass the corporate firewall and access the intranet host, the article is very detailed, has a certain reference value, interested friends must read it!

A common problem faced by most security researchers is how to access office computers or local devices in the target enterprise network when strict enterprise firewalls or routers are deployed in the target network. In many cases, our office computers are connected to the Internet under the protection of firewalls. Then there is the problem, by default, it does not allow traffic from external networks to enter the intranet. This means that you can use your office computer to communicate with external hosts on the Internet, but remote devices cannot connect to your office computer.

PS: this article is for technical discussion and sharing only, and is strictly prohibited for any illegal use

It can be a headache if you want to use your home computer to access files or other materials on your office computer. So what do we do now? Is there any way to access the networked devices behind the router or firewall?

There are four ways we can think of:

1. Add firewall rules and allow the specified remote IP to bind to the specified port to access the office computer

two。 Port forwarding

3. Reverse SSH

4. Ngrok

Ngrok

Ngrok this service allows us to use external port forwarding and over any network to connect any device (LAN/WAN). One of the biggest advantages of Ngrok is that if you want to access devices on a network, you don't have to keep your devices on the same local network. With the help of Ngrok, you can access the target device through a SSH, FTP, or Web server.

Now that we know the functions of Ngrok, we will use Ngrok to set up the office computer to accept SSH connections from remote devices. We will provide you with a simple example of using Ngrok. I will open a SSH server (port 22) in the office computer on the company's intranet, set up Ngrok, and then use the Ngrok link to access the office computer from the external network.

Step 1: set up an account

Click [this link] and create a Ngrok account.

After completing your account registration, you will get an authentication token that you need to use to connect your raspberry pie and Ngrok account.

Step 2: download Ngrok

Download Ngrok on your raspberry pie using the following command:

Wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip

Next, use the following command to extract the file:

Unzip ngrok-stable-linux-amd64.zip

If all goes well, you will see a file called "ngrok":

Step 3: create your account

Use the following command to set your authentication token (authtoken):

. / ngrok authtoken 4BSL861jeVz9wt7AM91QM_aksO43YvcKgmtC4pxv

Step 4: run Ngrok

Now you can run Ngrok (port 22) with the following command:

. / ngrok TCP 22

Now, you will see a message like this:

Web Interface http://127.0.0.1:4040Forwarding tcp://0.tcp.ngrok.io:36428-> localhost:22

The above data indicates that any link to '0.tcp.ngrok.io' (port 36428) will be redirected to the target device (port 22).

Step 5: use remote PC to access your office computer

You can now access your office equipment from the remote PC using the following command:

Ssh user@0.tcp.ngrok.io-p 36428

Yes, it's that simple. You can use this method to access your office computer at any time.

These are all the contents of the article "how Ngrok and Raspberry pie bypass corporate firewalls and access intranet hosts". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.