[intranet learning notes] 11. Use of frp

1. Introduction

Compared with the old ew introduced in the previous article, frp is much better. Basically, a new version will be released every few days, and the latest version will be updated just a few days ago.

In actual combat, frp is also widely used. frp project address: https://github.com/fatedier/frp

As for download and installation, just download your corresponding system version directly in the releases of the project.

2. Use

Official documents: https://gofrp.org/docs/

frp is divided into server and client, which are called frps and frpc respectively, and the configuration file corresponds to frps respectively Ini and frpc ini

The following environments are local environments. The VPS IP is 172.16.214.52 and the target host IP is 192.168.7.110

a. Intranet port penetration

Scenario: the intranet host can go out of the network. You want to access port 3389 of the intranet host from the public network

Start the server on VPS. Take kali as an example. First modify the configuration file FRPs ini

[common]
bind_port = 4444

Then start the server

frps -c frps.ini

> ./frps -c frps.ini
2021/06/09 03:45:03 [I] [root.go:200] frps uses config file: frps.ini
2021/06/09 03:45:03 [I] [service.go:192] frps tcp listen on 0.0.0.0:4444
2021/06/09 03:45:03 [I] [root.go:209] frps started successfully

Configure client profile

[common]
# Server IP
server_addr = vps_ip
# Server port
server_port = 4444

[rdp]
type = tcp
local_ip = 127.0.0.1
local_port = 3389
# Port connecting vps
remote_port = 3389

> .\frpc.exe -c frpc.ini
2021/06/09 15:50:29 [I] [service.go:304] [72904e8037a7fdf8] login to server success, get run id [72904e8037a7fdf8], server udp port [0]
2021/06/09 15:50:29 [I] [proxy_manager.go:144] [72904e8037a7fdf8] proxy added: [rdp]
2021/06/09 15:50:29 [I] [control.go:180] [72904e8037a7fdf8] [rdp] start proxy success

At this time, accessing the local 3389 port on vps will access the 3389 port of the intranet host.

b. Establish socks agent

Scenario: the intranet host can go out of the network. I want to use the intranet host as a springboard

The above scenario only uses frp to access the specified port of the specified intranet machine. We can also use frp to use the intranet host as a springboard machine.

This time we use frp's web control panel and access password to make our connection more secure and convenient.

Open the server on the VPS. The server configuration file is as follows:

[common]
bind_port = 4444

# Client authentication token
token = 123456

# Setting frps dashboard port, account and password seems to be of little use in practice, but if you set it, you must set a strong password
dashboard_port = 8000
dashboard_user = admin
dashboard_pwd = password

In practice, in order to better hide yourself, you'd better set up access through domain name

After configuring the file, start the server

frps -c frps.ini

./frps -c frps.ini
2021/06/09 04:06:34 [I] [root.go:200] frps uses config file: frps.ini
2021/06/09 04:06:35 [I] [service.go:192] frps tcp listen on 0.0.0.0:4444
2021/06/09 04:06:35 [I] [service.go:294] Dashboard listen on 0.0.0.0:8000
2021/06/09 04:06:35 [I] [root.go:209] frps started successfully

Configure client files

[common]
server_addr = vps_ip
server_port = 4444

# The client authentication token needs to be consistent with the server token
token = 123456


# Enable encryption to prevent traffic from being blocked
use_encryption = true
# Enable compression to improve traffic forwarding speed
use_compression = true

[socks5]
type = tcp
# Port connecting vps
remote_port = 1080
plugin = socks5

Open client

frpc -c frpc.ini

> .\frpc.exe -c frpc.ini
2021/06/09 16:11:21 [I] [service.go:304] [ee7ad330ab4e6036] login to server success, get run id [ee7ad330ab4e6036], server udp port [0]
2021/06/09 16:11:21 [I] [proxy_manager.go:144] [ee7ad330ab4e6036] proxy added: [socks5]
2021/06/09 16:11:21 [I] [control.go:180] [ee7ad330ab4e6036] [socks5] start proxy success

Test the socks5 agent of VPS IP 1080 and find that it is connected.