Ngrok is a platform that, using the installed utility, allows you to organize remote access to a web server or some other service running on a PC. Access is organized through the secure tunnel created when ngrok starts. At the same time, the PC can be behind NAT and not have a static IP address.
It is not at all necessary to drag the test project somewhere else, you can show it to the customer directly from the local machine, or, for example, using Ngrok, you can very easily share files on your PC.
What is Ngrok?
The ngrok tool makes local services available on the global network, even if the computer does not have a static IP address and is behind NAT and firewalls.
With ngrok, any port on your local computer will be accessible from the Internet through a secure tunnel. For example, you can make your local web server accessible from the Internet via a direct link without additional configuration.
for Video tutorial check How to install Ngrok on linux
How does ngrok work?
You download and run a tool on your machine and specify the port of a network service, usually a web server.
The program connects to the ngrok cloud service, which gives you a generated address (third-level domain). If you open this address in a web browser, then the traffic will be redirected to your local network service or to any address that you specify.
What is ngrok used for?
- Demonstration of websites without deployment on real hosting
- Creating web hooks on your computer for software development
- Testing mobile apps connected to a locally running backend
- Stable addresses for connected devices deployed in the field
- Launch personal cloud services from your home
how to install ngrok
Installation on Kali Linux
to install ngrok in Kali Linux first we need to download Ngrok from terminal
Website: https://ngrok.com
wget `curl -s https://ngrok.com/download | grep -o -E 'https://bin.equinox.io/c/[A-Za-z0-9]{4,}/ngrok-stable-linux-amd64.zip'`
Extract Ngrok
unzip ngrok-stable-linux-amd64.zip
install it
chmod +x ./ngrok ./ngrok -h
Ngrok Commands
What are the most important commands and how to use them
Setup Ngrok Authtoken
Authtoken command reference
authtoken stores the authentication token in a config file.
Using: ngrok TOKEN [COMMAND OPTIONS] [ARGUMENTS …]
The authtoken command modifies your config file to write the specified authtoken to it. By default, this config file is located at $ HOME / .ngrok2 / ngrok.yml .
To use many of the advanced features of the service, the ngrok.com service requires you to register for an account. To associate your client with an account, they must pass a secret token to the ngrok.com service at startup. Instead of passing this authtoken on every call, you can use this command to store it in a config file so that your client always authenticates you properly.
Example:
./ngrok authtoken MJHGSkjst2HNWLXui5PM_qCaBq0W2sNFcCa0olTAs
Credits command reference
credits prints information about the author and licensing.
Using:
Ngrok Https command reference
http starts an HTTP tunnel.
Using: ngrok http [COMMAND OPTIONS] [ARGUMENTS …]
Description:
Starts a tunnel listening for HTTP / HTTPS traffic with the specified hostname. The HTTP Host header on incoming public requests is checked to determine which tunnel is right for it.
HTTPS endpoints terminate TLS traffic on the ngrok server using ngrok.io certificates. The decrypted HTTP traffic is then routed through a secure tunnel and then to your local server. If you don’t want your TLS traffic to end on the ngrok server, use a TLS or TCP tunnel.
Examples:
Redirects ngrok.io subdomain to local port 80:
Redirects traffic to example.com:9000:
./ngrok http example.com:9000
Requests the subdomain name: ‘bar.ngrok.io’
./ngrok http -subdomain=bar 80
Requests tunnel ‘ex.com’ (DNS CNAME):
./ngrok http -hostname=ex.com 1234
Requests basic authentication on the tunnel endpoint:
./ngrok http -auth='falken:joshua' 80
Rewrites the Host header to ‘ex.com’:
./ngrok http -host-header=ex.com 80
Allows access from the Internet to local files in /var/log:
./ngrok http file:///var/log
Redirects to local https server:
./ngrok http https://localhost:8443
Start command reference
start starts the tunnel by name from the config file.
Using: ngrok start [COMMAND OPTIONS] [ARGUMENTS …]
The Ngrok start command Runs tunnels by name from a config file. You can specify any number of tunnel names. You can start all tunnels from the configuration file by specifying the –all switch.
Examples:
Run a tunnel named in the ‘dev’ config file:
Run the ‘web’ and ‘blog’ tunnels:
Run all tunnels defined in the config file:
Tcp command reference
tcp starts a TCP tunnel.
Using: ngrok tcp [COMMAND OPTIONS] [ARGUMENTS …]
The TCP Command Launches a tunnel that redirects all TCP traffic from the public port to the local address. This is extremely useful for providing services that run on non-HTTP traffic (ssh, sip, rdp, game servers, etc.).
A TCP tunnel binds a public address on a remote ngrok server. Any services that require a stable public address should use the –remote-addr parameter. ngrok.com requires you to reserve a TCP tunnel address for your account before you can use it.
Examples:
Forward port to your local ssh server
Provide an RDP server at a specific public address that you have reserved
ngrok tcp --remote-addr=1.tcp.ngrok.io:27210 3389
Tls command reference
tls starts a TLS tunnel.
Using: ngrok tls [COMMAND OPTIONS] [ARGUMENTS …]
The tls command Starts a tunnel to listen for TLS traffic on port 443 with the specified hostname. The TLS SNI (Server Name Indication) extension field on the TLS connection is checked to determine which tunnel it fits into.
The ngrok server does not terminate TLS connections forwarded with this command. Any basic protocol can be used. Optionally, you can specify a TLS key / certificate pair that will be used to terminate client-side traffic before it is forwarded. If not specified, traffic will be sent encrypted.
The use of this command is recommended only with the -hostname option. Other uses will work, but will always result in certificate mismatch warnings.
Examples:
Forward TLS traffic for example.com to port 443 (CNAME required)
./ngrok tls -hostname=example.com 443
Forward TLS traffic to subdomain (certificate mismatch warning)
Terminate TLS traffic for t.co before forwarding
./ngrok tls -hostname=t.co -crt=/path/to/t.co.crt -key=/path/to/t.co.key 443
Update command reference
updates ngrok to the latest version.
Using: ngrok update [COMMAND OPTIONS] [ARGUMENTS …]
Updates ngrok to the latest version. This command checks the ngrok web service for newer versions of the ngrok client. If a newer version is available, it will be downloaded, the downloaded file will be authenticated and the current executable file will be replaced with the new one.
For a successful update, the ngrok binary must be in a writable directory by the current user. If you put ngrok in your system PATH, you may need to run it as root or administrator.
Examples:
Update ngrok to the latest stable version:
Update ngrok to the latest beta version:
./ngrok update -channel=beta
How to use ngrok
Examples of running ngrok
Create a tunnel from the generated subdomain accessible via a public link to local port 80 (web server):
Immediately after launch, you can see that the service created a temporary subdomain of the form c68c9c03db47.ngrok.io to provide access to the PC, and locally at 127.0.0.1:4040, a panel was launched that displays data on remote connections to the tunnel. We try to open the c68c9c03db47.ngrok.io domain from anywhere, and get access to the directory configured on the web server.
Tunnel to the specified HOST: PORT (foo.dev:80) instead of localhost:
Make the local HTTPS server accessible from the global network:
./ngrok http https://localhost
Tunneling arbitrary TCP traffic to port 22:
Creating a tunnel (http) to the kalitut.com site using the https protocol (https://kalitut.com) with replacing the Host HTTP header with kalitut.com (-host-header = kalitut.com) :
ngrok http https://kalitut.com -host-header=kalitut.com
Good to know
If you plan to use the server often, it makes sense to register on ngrok.com, pick up the token from the authorization settings page , and add it to the local client using the command:
./ngrok authtoken 5vEpKbBvnjSrMqZIkYJLb_2sbNRQbxZm0PSo23X6QpQ
The token will be written to the file ~ / .ngrok2 / ngrok.yml and now, the client, when working with the service, will authorize on it. This will provide access to free fare, but with limits b About lshimi than available are not an authorized user. On paid plans, there are additional features that make working with the service convenient (reserve of subdomains, for example), but within the framework of this note, I am considering only what the user can use without payment.
We proxy to other PCs on the local network
It is not at all necessary to keep the web server on the same machine where Ngrok runs. If the service on the local network is running on a separate machine, we can proxy traffic there:
./ngrok http 192.168.1.25:8080
We work not only with the web server
In fact, we can configure remote access to any tcp service running on a PC. For example, if we want to get access via SSH, we can do like this:
At the same time, from the service we will receive an address of the form tcp: //0.tcp.ngrok.io: 18211 -> localhost: 22, and to access the PC we just need to connect via SSH to the hostname 0.tcp.ngrok.io and the port 18211. Those who like to raise game servers can do the same. Just start proxying to the desired tcp port, give the coordinates to your friends and start playing.
Installing on Windows
Go to the official website page and download ngrok for Windows: https://ngrok.com/download
Unpack the downloaded archive, open the command line and go to the folder with the executable file using cd , for example, my program is placed in the C:\Users\WTS\Downloads\ folder :
cd C:\Users\WTS\Downloads\
To check, display the help with the command:
and that it for now, we will write more about ngrok usage in the coming days make sure to check our YouTube channel : https://youtu.be/aHFHFhqK57w