1. Why use intranet penetration
I want to install a B to let other students access my program on the external network, what should I do?
What if I took over a small outsourcing project and demonstrated the demo to the client without a site?
What should I do if there is no external network callback address for functions on other third-party platforms such as WeChat and Alipay?
2. Intranet Penetration Tool
- Ngrok: open source, old-fashioned penetration tool, many penetration tools are packaged on the basis of it, certification requires 2 yuan , there is a free channel, you can purchase services if you want a stable channel
- DingTalk Intranet Penetration: The tool is based on the ngrok package, easy to use, and the best choice for individual developers. currently obsolete
- NATAPP: Free channel , easy to operate, provide http, tcp, udp full tunnel penetration, random domain name/random TCP, UDP port, forced to change domain name/port from time to time.
- Millet ball ngrok: It is also based on ngrok packaging, an intranet penetration tool maintained by individuals, authentication requires 0.5 yuan , and is easy to operate.
- Peanut Shell: Haven’t tested it, you need to establish an account for real-name authentication, pay for 2 packs of Weilong Latiao, you can choose a shell domain name, the registration process is cumbersome, and the traffic is limited
- FRP self-built intranet penetration service: open source, powerful, suitable for development and use in enterprises, can penetrate any conventional legal port (including 22), need to provide cloud server, own domain name, broadband is determined by cloud server
Three, Ngrok
Download address: : https://ngrok.cc/
3.1, download and register
Download the Ngrok client on the official website, and register an account
to download the decompressed file.
After registration, you need to bind their official account first, and then open the tunnel through the intranet. You need to spend money
for real-name authentication first, and you need to spend 2
After successful real-name authentication, you can buy tunnels for 1 yuan . The free ones are extremely unstable, and you will fight for character. You can try it out for $10.
It is free to buy, and you can configure intranet penetration information after entering. After configuration, you can view it in the tunnel management. The most important thing is the tunnel id , which is needed when starting Ngrok.
3.2, start the Ngrok client
Windows computer cmd opens a small black window, cd to the ngrok directory, and then enter the command to start the ngrok client.
The command to start the client
//sunny.exe clientid 隧道ID
sunny.exe clientid 155133361144
After successful intranet penetration
4. DingTalk Intranet Penetration Tool
DingTalk intranet penetration tool document: https://open.dingtalk.com/document/resourcedownload/http-intranet-penetration
has been abandoned on 2022.07.21
4.1, download address
Use the Git clone command to download locally, or download directly on GitHub.
After the download is complete, there will be three folders and a Readme.md file after decompression: linux, mac_64, windows_64. Install the corresponding version as needed. Take Windows as an example here.
git clone https://github.com/open-dingtalk/pierced.git
4.2, use
There are two files in the windows operating system: ding.cfg (configuration file) and ding.exe (cmd command line running program).
cmd opens a black window and runs the command
# 进入可以运行ding.exe文件的目录(windows_64目录)
cd X:xxx/windows_64
# 运行ding.exe文件,参数-subdomain后面的changsheng代表 一会儿域名访问的前缀,80代表我要代理的本地端口
ding.exe -config=./ding.cfg -subdomain=changsheng 80
# 如果出现提示:Server failed to allocate tunnel: The tunnel http://changsheng.vaiwan.com is already registered.
# 说明你需要换一下-subdomain后面的域名前缀或者端口了。
Command parameter description: Excerpted from the official website
| parameter | illustrate |
|---|---|
| -config | The configuration file for intranet penetration is fixed to the ./ding.cfg provided by DingTalk according to the command and example, without modification |
| -subdomain | The domain name prefix you need to use, the prefix will match before "vaiwan.com". For example, if your subdomain is abcde, abcde.vaiwan.com will be mapped to the local after starting the tool. |
| port | You need to proxy the local service http-server port, for example, your local port is 8080, etc. |
After successful penetration, it looks like this. The domain name you need to visit is http://abcde.vaiwan.com/xxxxx instead of http://abcde.vaiwan.com:8082/xxxxx. Do not bring the port number.
Note : Do not close this command line interface. After closing, intranet penetration will be closed.
Five, natapp intranet penetration tool
5.1, download and install
Natapp download address: https://natapp.cn/
Download the Windows version, and unzip it directly after downloading.
5.2, using natapp
2.1, register a natapp account: https://natapp.cn/member/dashborad
2.2, log in to the natapp console, purchase a free tunnel, then click Configure in My Tunnel, configure your local address and port number, and copy the authtoken at the same time.
2.3, start the natapp.exe command installed on the local computer
: start natapp -authtoken=the token copied from the console
Six, millet ball Ngrok
6.1, Registration Download
Official website address: http://ngrok.ciqiuwl.cn/
First register as a user, download the corresponding version of the client.
Download the file content.
After registering an account, real-name authentication is required. It takes a few cents to purchase real-name authentication first, and then go to 'My Account ' page for real-name authentication, copy the token
to set the mapping port of the tunnel, if not set, there is no need to configure here, the system defaults to port 80,
6.2, modify the configuration and start
Find the Mi Ball installation file, and replace the copied token with the token in the configuration file. The
small black window starts the Mi Ball client. If you don’t want to use the black window, you can click one-click to start the tool, and the effect is the same.
Start the command
//小米球客户端启动命令
xiaomiqiu.exe -config xiaomiqiu.conf -log=xiaomiqiu.log -log-level=info start-all
Result after startup
Seven, FRP self-built intranet penetration
frp intranet penetration construction: https://blog.csdn.net/ybsgsg/article/details/125932063