Pinggy is a fast, versatile, and privacy-focused tunneling solution that enables users to expose local services, files, and ports over the internet. It can be leveraged for legitimate purposes like development, testing, and IoT access, but it may also be misused by threat actors to expose sensitive systems, services, or files for malicious purposes. This can be used with SSh or directly via the provided binary.
PageKite provides binarues for multiple operating systems that are not required to be installed on the system as these are standalone binaries.
wget https://s3.ap-south-1.amazonaws.com/public.pinggy.binaries/v0.1.3/mac/univ/pinggyHaving a local web server running on the local machine, it is possible to expose the entire file system via pinggy tunnels.
ssh -p <PORT> -R0:localhost:8000 -L4300:localhost:4300 a.pinggy.ioExposing local shell services running on the local machine over the internet for shell access.
ssh -p <SSH/RDP/ PORT> -R0:localhost:8000 -L4300:localhost:4300 a.pinggy.ioExposing local serivces/applications running locally and binding them to pinggy domains to be accessed over the internet.
ssh -p <PORT> -R0:localhost:8000 -L4300:localhost:4300 a.pinggy.ioHaving local files in the directory and exposing them via hosting local web server and binding it to pinggy tunnels will enable threat actors to download malicious binaies onto the compromised host.
ssh -p <PORT> -R0:localhost:8000 -L4300:localhost:4300 a.pinggy.ioHosting phishing website locally and exposing it over pinggy tunnels to compromise users.
ssh -p <PORT>> -R0:localhost:8000 -L4300:localhost:4300 a.pinggy.io