Ngrok is a platform that, using installed utilities, allows you to remotely access a web server or some other service running on your PC. Access via tunnel generated when ngrok runs. Also, your PC can be NATed and doesn’t need a static IP address.
Các bài viết liên quan:
With Ngrok you don’t need to test the project in another environment, you can test the project for the client directly from the local machine or, e.g. using Ngrok, you can easily split share files on your PC.
What is Ngrok?
Ngrok exposes desktop services to the internet, even if you don’t have a static Public IP address, behind NAT and firewalls.
With ngrok, any port on the computer can be accessed from the Internet through the tunnel. For example, you can make your local web server accessible from the Internet via a direct link without any configuration.
How does Ngrok work?
When installed on your computer, Ngork will connect to the server under its own tunnel and provide you with a subdomain of ngrok with a Port to connect to.
If you open this address in a web browser, traffic will be redirected to the network service on your machine or to any address you specify.
What is Ngrok used for?
- Deploy websites without using hosting
- Create web hooks on your computer for software development
- NAT port does not need to be configured on the Router
- Provide addresses for connected devices
- Run a cloud service from a personal computer
How to install Ngrok on Kali linux
To install ngrok on Kali Linux, we need to first download Ngrok from the terminal.
Website: https://ngrok.comsudo wget `curl -s https://ngrok.com/download | grep -o -E 'https://bin.equinox.io/c/[A-Za-z0-9]{4,}/ngrok-stable-linux-amd64.zip''
Extract Ngroksudo unzip ngrok-stable-linux-amd64.zip
Install Ngrok
chmod +x ./ngrok ./ngrok -h
Commands on Ngrok
Setting up Ngrok Authtoken
the authtoken parameter stores the authentication token in the config.
Usage: ngrok TOKEN [COMMAND OPTIONS] [ARGUMENTS…]
The authtoken command modifies your config file to write the specified authtoken to it. By default, this config file is located at $HOME/.ngrok2/ngrok.yml .
To use many advanced features of the service, ngrok.com requires you to register for an account. To link your customers to an account, they must send a secret token to the ngrok.com service at startup. Instead of sending the authtoken for every call, you can use this command to store it in the config file so that the client application always authenticates you properly.
For example:
./ngrok authtoken MJHGSkjst2HNWLXui5PM_qCaBq0W2sNFcCa0olTAs
Parameter credits
The Credits parameter will print the author and license information of that project.
Using: ./ngrok credits
Parameter https
Parameters http create an HTTP tunnel.
Usage: ngrok http [COMMAND OPTIONS] [ARGUMENTS…]
Describe:
Creates a tunnel that listens for HTTP/HTTPS traffic with the specified hostname. The HTTP Host header on public requests is checked to determine which tunnel matches it.
HTTPS endpoints terminate TLS traffic on the ngrok server using the ngrok.io certificate. The decrypted HTTP traffic will then be routed through a secure tunnel and to your local server. If you don’t want your TLS traffic to end up on the ngrok server, use a TLS or TCP tunnel.
For example:
Redirect the ngrok.io subdomain to local port 80:
./ngrok http 8080
Redirect traffic to example.com:9000:
./ngrok http example.com:9000
Requires subdomain name: ‘bar.ngrok.io’
./ngrok http -subdomain=bar 80
Request tunnel ‘ex.com’ (DNS CNAME):
./ngrok http -hostname=ex.com 1234
Basic authentication required on tunnel endpoint:
./ngrok http -auth="falken:joshua" 80
Rewrite Host header to ‘ex.com’:
./ngrok http -host-header=ex.com 80
Allow access from the Internet to local files in /var/log:
./ngrok http file:///var/log
Redirect to local https server:
./ngrok http https://localhost:8443
Parameter start
parameters start start a tunnel by name from the config file.
Usage: ngrok start [COMMAND OPTIONS] [ARGUMENTS…]
The Ngrok start command creates tunnels by name from the config. You can specify any number of tunnel names. You can start all tunnels from the config file by adding the -all parameter.
For example:
Run a tunnel named ‘dev’ in the config file:
./ngrok start dev
Run “web” and “blog” tunnels:
./ngrok start web blog
Run all the tunnels defined in the config file:
./ngrok start --all
tcp . parameter
Parameters tcp start a TCP tunnel.
Usage: ngrok tcp [COMMAND OPTIONS] [ARGUMENTS …]
The TCP command launches a tunnel that redirects all TCP traffic from the public port to the local address. This is extremely useful for providing services that run on non-HTTP traffic (ssh, sip, rdp, game servers, etc.).
A TCP tunnel binds a public address on a remote ngrok server. Any service that requires a stable public address should use the –remote-addr parameter. ngrok.com requires you to reserve the TCP tunnel address for your account before you use it.
For example:
Port forwarding to your local ssh server
./ngrok tcp 22
Provision an RDP server at a specific public address that you have reserved
ngrok tcp --remote-addr=1.tcp.ngrok.io:27210 3389
Tls . parameter
The tls parameter starts a TLS tunnel.
Usage: ngrok tls [COMMAND OPTIONS] [ARGUMENTS …]
The tls command starts a tunnel to listen for TLS traffic on port 443 with the specified hostname. The TLS SNI (Server Name Indication) on the connection with TLS is checked to determine which tunnel it matches.
The ngrok server does not terminate TLS connections forwarded with this command. Any basic protocol can be used. Optionally, you can specify a key pair and a TLS certificate that will be used to terminate client-side traffic before it is forwarded. If not specified, traffic sent will be encrypted.
The use of this command is recommended only with the -hostname option. Other uses will work, but will always result in a certificate mismatch warning.
For example:
Forward TLS traffic for example.com to port 443 (requires CNAME)
./ngrok tls -hostname=example.com 443
Forward TLS traffic to subdomain (certificate mismatch warning)
./ngrok tls 1234
Terminate TLS traffic for t.co before forwarding
./ngrok tls -hostname=t.co -crt=/path/to/t.co.crt -key=/path/to/t.co.key 443
Update parameter
The update parameter updates ngrok to the latest version.
Usage: ngrok update [COMMAND OPTIONS] [ARGUMENTS…]
Update ngrok to the latest version. This command checks the ngrok web service for newer versions of the ngrok client. If a newer version is available, it will be downloaded, the download will be validated, and the existing executable will be replaced with the new one.
For a successful update, the ngrok binary must be in a directory that is writable by the current user. If you put ngrok in the system PATH, you may need to run it as the root or administrator user.
For example:
Update ngrok to the latest stable version:
./ngrok update
Update ngrok to latest beta version:
./ngrok update -channel=beta
How to use ngrok
Example of how to run ngrok
Create tunnel from created subdomain accessible via public link to local port 80 (web server):
./ngrok http 80
Immediately after launch, you can see that the service has created a temporary subdomain of the form c68c9c03db47.ngrok.io to provide access to PC and local at 127.0.0.1:4040, a dashboard has been launched showing data about remote connections to the tunnel. We can open the domain c68c9c03db47.ngrok.io from anywhere and have access to the configured directory on the web server.
Specify Tunnel to HOST:PORT (foo.dev:80) instead of localhost:
./ngrok http foo.dev:80
Make the local HTTPS server accessible from the internet:
./ngrok http https://localhost
Tunnel arbitrary TCP traffic to port 22:
./ngrok tcp 22
Create a tunnel (http) to kalitut.com site using https protocol (https://kalitut.com) by replacing Host HTTP header with kalitut.com(-host-header = kalitut.com):
ngrok http https://kalitut.com -host-header=kalitut.com
If you plan to use the server often, you should register on ngrok.com, get the authorization code and add it to the local client with the command:
./ngrok authtoken 5vEpKbBvnjSrMqZIkYJLb_2sbNRQbxZm0PSo23X6QpQ
authorization will be written to the file ~/.ngrok2 /ngrok.yml.
Proxy for other PCs on the local network
It is not necessary to keep the web server on the same machine that Ngrok runs on. If the service on the local network is running on a separate machine, we can proxy the traffic there:
./ngrok http 192.168.1.25:8080
Not only work with web server
Actually, we can configure remote access to any tcp service running on the PC. For example, if we want to access via SSH, we can do the following:
./ngrok tcp 22
At the same time, from the service we will get an address of the form tcp://0.tcp.ngrok.io: 18211 -> localhost:22, and to access the PC we just need to connect via SSH to hostname 0.tcp.ngrok.io and port 18211. You can also do the same with game server.
Install Ngrok on Windows
Go to the official website and download ngrok for Windows: https://ngrok.com/download
Unzip the downloaded archive, open cmd and go to the directory where the executable is with the cd command, for example, my program is located in the directory C:\Users\WTS\Downloads\;
cd C:\Users\WTS\Downloads\
To check, you can open the help panel with the command:
.\ngrok -h
So that’s it then. In addition, you can also create a server in just 15 minutes using github here.
