frp intranet penetration-public network IP uses high-performance kali at low cost
1.frp
Github project address: https://github.com/fatedier/frp
Find the latest releases to download, and confirm the system version by yourself.
Use command
❯ uname -a
Darwin bogon 19.5.0 Darwin Kernel Version 19.5.0: Tue May 26 20:41:44 PDT 2020; root:xnu-6153.121.2~2/RELEASE_X86_64 x86_64
2.vpn
A vps with a public IP, configurable at will
3. Server configuration
Server configuration with public IP:
Unzip—delete client files (optional)—modify configuration file—run (-c specifies the configuration file to run, and the default frps.ini does not need to be used in the same directory)
root@vultr:~# tar -zxvf frp_0.33.0_linux_amd64.tar.gz
frp_0.33.0_linux_amd64/
frp_0.33.0_linux_amd64/frps_full.ini
frp_0.33.0_linux_amd64/frps.ini
frp_0.33.0_linux_amd64/frpc
frp_0.33.0_linux_amd64/frpc_full.ini
frp_0.33.0_linux_amd64/frps
frp_0.33.0_linux_amd64/LICENSE
frp_0.33.0_linux_amd64/frpc.ini
frp_0.33.0_linux_amd64/systemd/
frp_0.33.0_linux_amd64/systemd/[email protected]
frp_0.33.0_linux_amd64/systemd/frpc.service
frp_0.33.0_linux_amd64/systemd/frps.service
frp_0.33.0_linux_amd64/systemd/[email protected]
root@vultr:~/frp_0.33.0_linux_amd64# rm -rf frpc*
root@vultr:~/frp_0.33.0_linux_amd64# ls
LICENSE frps frps.ini frps_full.ini systemd
root@vultr:~/frp_0.33.0_linux_amd64# vi frps.ini
[common]
bind_port = 7000 #frps和frpc之间通讯端口
dashboard_port = 7500 #监控页面web地址
dashboard_user = xiaobaitu #监控页面账号
dashboard_pwd = baiyoubai #监控页面账号
root@vultr:~/frp_0.33.0_linux_amd64# ./frps -c frps.ini
2020/06/16 15:41:42 [I] [service.go:178] frps tcp listen on 0.0.0.0:7000
2020/06/16 15:41:42 [I] [service.go:277] Dashboard listen on 0.0.0.0:7500
2020/06/16 15:41:42 [I] [root.go:209] start frps success
4. Client configuration
The steps are the same as above, unzip - delete server files (optional) - edit configuration file - run the service.
root@kali:~# tar -zxvf frp_0.33.0_linux_amd64.tar.gz
frp_0.33.0_linux_amd64/
frp_0.33.0_linux_amd64/frps_full.ini
frp_0.33.0_linux_amd64/frps.ini
frp_0.33.0_linux_amd64/frpc
frp_0.33.0_linux_amd64/frpc_full.ini
frp_0.33.0_linux_amd64/frps
frp_0.33.0_linux_amd64/LICENSE
frp_0.33.0_linux_amd64/frpc.ini
frp_0.33.0_linux_amd64/systemd/
frp_0.33.0_linux_amd64/systemd/[email protected]
frp_0.33.0_linux_amd64/systemd/frpc.service
frp_0.33.0_linux_amd64/systemd/frps.service
frp_0.33.0_linux_amd64/systemd/[email protected]
root@kali:~# cd frp_0.33.0_linux_amd64/
root@kali:~/frp_0.33.0_linux_amd64# ls
frpc frpc_full.ini frpc.ini frps frps_full.ini frps.ini LICENSE systemd
root@kali:~/frp_0.33.0_linux_amd64# rm -rf frps*
root@kali:~/frp_0.33.0_linux_amd64# ls
frpc frpc_full.ini frpc.ini LICENSE systemd
root@kali:~/frp_0.33.0_linux_amd64# vi frpc.ini
[common]
server_addr = x.x.x.x #此处为公网IP
server_port = 7000 #此处为公网服务端端口
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22 #监听本地22端口
remote_port = 10086 #转发到公网10086端口
use_compression = true
5. Connection test
ssh [email protected] -p 10086 #输入账号密码即可
If you want to use other protocols or perform other port forwarding, you can modify the configuration for forwarding. For example, if msf generates a tcp rebound shell and specifies the public IP and port 7878, you only need to modify the frp configuration file of the client (kali) and add the following content
root@kali:~/frp_0.33.0_linux_amd64# vi frpc.ini
[common]
server_addr = x.x.x.x #此处为公网IP
server_port = 7000 #此处为公网服务端端口
[msf]
type = tcp
local_ip = 127.0.0.1
local_port = 7878 #监听本地7878端口
remote_port = 7979 #转发到公网7979端口
use_compression = true