Ngrok Intranet Penetration

Why do you use

As for why to use the network penetration technology, a large number of online, there are a lot of fee-based websites to penetrate the intranet, such as peanut shell and so on.

Here we choose an open source project Ngrok to build their own open source intranet penetration environment, the following servers and clients are compiled under Ubuntu use.

Compile

1. Install the compilation environment

Since Ngrok is written in the go language, it is necessary to download go, which can be downloaded directly from the compiled package.

2. Get Source code

git clone https://github.com/inconshreveable/ngrok.git ngrok

3. Generate key

NGROK_DOMAIN="xxx.com"openssl genrsa -out base.key 2048openssl req -new -x509 -nodes -key base.key -days 10000 -subj "/CN=$NGROK_DOMAIN" -out base.pemopenssl genrsa -out server.key 2048openssl req -new -key server.key -subj "/CN=$NGROK_DOMAIN" -out server.csropenssl x509 -req -in server.csr -CA base.pem -CAkey base.key -CAcreateserial -days 10000 -out server.crtcp base.pem assets/client/tls/ngrokroot.crt

It is best to generate the above key on the server, it is unclear at the time that the client generated these keys on the service side has always prompted the public private key is not on.

4. Compile

sudo make release-server release-client

The GO environment installed directly using Apt-get install Golang appears to be a version that is too old, is 1.6, and the current version is 1.11 so you need to install the GO environment in 1th step.

If everything is OK, there should be Ngrok, ngrokd two executables under the Ngrok/bin directory. NGROKD is a server-side software, Ngrok is the client software

Service side

Running the service-side program

sudo ./bin/ngrokd -tlsKey=server.key -tlsCrt=server.crt -domain="xxx.com" -httpAddr=":9081" -httpsAddr=":9082"

At this point, the Ngrok service is already running, and you can see more information through the logs displayed on the screen. HTTPADDR, httpsaddr are ngrok used to forward HTTP, HTTPS service port, can be arbitrarily specified. NGROKD will also open a 4443 port to communicate with the client (can be specified by-tunneladdr= ": XXX"), if you configure iptables rules or other security rules, you need to release the TCP protocol on these three ports.
Here I use <b>supervisor</b> to manage the process, very simple. It's not going to be introduced here.

Combined with Nginx

Because my server's port 80 is occupied by other services, unable to use the 80 port to use the Ngrok, originally wanted to use 80 port for forwarding, but a momentary lack of cooperation, so use Nginx 80 port for Port jump.

The Nginx configuration file is as follows

upstream ngrok {    server 127.0.0.1:9081;    keepalive 64;}server {    listen 80;    server_name "*.pub.xxx.com";    location / {        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_set_header Host  $http_host:9081;        proxy_set_header X-Nginx-Proxy true;        proxy_set_header Connection "";        proxy_pass      http://ngrok ;    }}

Because of the use of domain names, so in the domain name resolution needs to be configured to pan-resolution, here I use the <b>*.pub</b> to pan-resolution domain names, after the pan-resolution for multiple clients can not need to configure different domain name resolution separately

Client

Ngrok Client Configuration file

server_addr: "xxx.com:4443"trust_host_root_certs: falsetunnels:  http:    subdomain: "test.pub"    proto:      http: "9091"  ssh:    remote_port: 3322    proto:      tcp: "22"

Client Start command:

Start HTTP ngrok-config ngrok.conf start http

Start ssh ngrok-config ngrok.conf start ssh

If you start SSH, remote port 3322 is also enabled in the security rules.
You can use SSH to penetrate the intranet when you are outside the network. I think this is sometimes more convenient than TeamViewer, after all, some of the server is unable to use the TeamViewer client

After connecting on the console output

Tunnel Status   onlineVersionForwarding……

If there is no connection or the server disconnects online, it will be displayed as reconnecting