Connecting to Metasploit Behind NAT Network

As customer of our Pentesting VPS Machines they will notice that for security reasons we utilize a NAT network. While this may be a little of an inconvenience for those that are used to having a public IP directly connected to the interface it is not that difficult to overcome this.

Using Metasploit when using a NAT network simply requires you to instead use the internal IP rather than the public IP. So you would do the following:

msf exploit(ms13_069_caret) > set LHOST 192.168.0.187
LHOST => 192.168.0.187

However an additional command is necessary.

msf exploit(ms13_069_caret) > set ReverseListenerBindAddress 192.168.0.187
ReverseListenerBindAddress => 192.168.0.187

Having reverse connections when using NAT is not all that different and will work every time when using our network. We thought about changing our network configuration but considering that using Metasploit with NAT is not that difficult we decided to leave it the way it is so that we go still have the benefit of NAT security while still offering our Pentesting VPS Hosting

More information about using NAT and Metasploit can be found here.

Remote Desktop Kali Linux

 

  • We have tested this on our Cloud Instance just as a customer would and it works as explained above. Using NAT networks with metasploit is not issue and everything works just fine!!