NGROK

Using ngrok to access internal services

Purpose
Ngrok allows us to share internal services to Internet facing systems. It's an incredibly useful way to access internal systems or create a way to directly access sensitive network systems.
Setup
Visit ngrok.com to get set up with an account. 
Download the tool at https://ngrok.com/download​
Configure the ngrok preferences with the applicable key
ngrok config add-authtoken ***REDACTED KEY***
Usage
As always, we ask for help to learn what to do.
ngrok help
To start a listener, we can simply run the code below:
ngrok http 9999
This will result in a window similar to below:
After starting the listener, this shows the web interface to reach the internal port
In the example above, we can directly access the service on localhost:9999 by accessing the page at https://7807-52-22-69-233.ngrok.io. This was a python3 simple http server on that port.
EXAMPLES:
    ngrok http 80                    # secure public URL for port 80 web server
    ngrok http -subdomain=baz 8080   # port 8080 available at baz.ngrok.io
    ngrok http foo.dev:80            # tunnel to host:port instead of localhost
    ngrok http https://localhost     # expose a local https server
    ngrok tcp 22                     # tunnel arbitrary TCP traffic to port 22
    ngrok tls -hostname=foo.com 443  # TLS traffic for foo.com to port 443
    ngrok start foo bar baz          # start tunnels from the configuration file
​

Offensive - Previous

Certs and Secrets

Next - Offensive

Misc.

Last modified 6mo ago