Have Remote Router Access - What Now?

[Scouser]

Ok. So I have turned on remote router access to my own ISP-provided router at home (NowTV/sky router), where I have 2 laptops connected by WiFi, with a desktop on the ethernet. I have removed the firewall and lowered protection so I can have easier access. I have also turned on some services, namely FTP, IMAP, POP3, SSH, HTTP and some others - as advised by someone....not sure exactly why...

What I now want to do is 'experiment' with what I can do from another location with remote access. For example - if I wanted to see the file systems on any pc/laptop - how would I go about it? Do I need to do an exploit or can I use SSH? How do I go about using FTP etc? These are just a couple of queations of many I can think, but it's somewhere to start.

I'm still slightly confused about using the router and DCHP...I understand that the devices attached are given an internal IP (192.168.0.**) but I'm not sure how use access these IP's correctly from outside the LAN. How do I 'login' so to speak from a remote PC to my router and pivot to the desktop (if that's the right terminology)? As you can tell I'm quite new to this.

So you know, I'm using Mint as my OS after ditching Windows, and also have Kali installed on a VM. I don't want step-by-step solutions - I fully understand the key to learning is to actually do things for myself, I just need a liitle guidance on where to go from now and what to do next (SSH, FTP etc). Can anyone help point me in the right direction?

[NoExecute]

Hey there :)

Well, first off. There's no need to lower the firewall, or turn on everything :)

You see, DHCP, provides your machines on the inside with an address, BUT the modem / router have an external address. You cant access the internal addresses directly.
So for connecting from the outside, you need to figure out what the external address is (whatismyip.com) can do that for you. When you have the external address, you need a server or two / or remote desktop / SSH enabled.

When it comes to exploits, it's another matter. standard exploits / shells connect attacker --> target, reverse shells connect target --> attacker.

Configure the servers for static addressing through DHCP, so they are easier to find. Next, set up port forwarding from the outside, to the internal addresses.
Look up the machines using the external address, and if you've done everything right, you should get a connection.
For extra credits, setup some DNS pointing to the external adres, and use the hostname :)

BTW, if you want to access the machine running SSH, and use it as a remote harddrive, install sshfs. Then it's just a simple sshfs you@server:/ /mount/point -p port_for_ssh
And, maybe setup SSH to only accept keys, and run on a non standard port :)

I hope that helped you a bit on you way :) Have fun

NoExecute