1. Launch ngrok with the tcp flag followed by your own Local IP address and a Local Port number of your choice. See the example below for guidance.

ngrok tcp 10.0.2.15:4444

2. After performing Step 1, you'll be greeted with a terminal output letting you know that ngrok has started tunneling. Focus on the section that looks similar to the example below, which contains what we will refer to from now on as our Tunnel IP Address and Tunnel Port Number.

0.tcp.ngrok.io:19876 => 10.0.2.15:4444

In this section, where it reads 0.tcp.ngrok.io, this is the Tunnel IP Address, and where it reads 19876, this is the Tunnel Port Number. Your values will differ, but the steps will always remain the same.

3. First, you will want to go ahead and copy the Tunnel IP Address (in the examples case, the Tunnel IP Address is 0.tcp.ngrok.io) and paste it in the Server IP box in the APK Builder tab. Then, you'll want to copy the Tunnel Port Number (in the examples case, the Tunnel Port Number is 19876) and paste it into the Server Port box in the APK Builder tab also.

4. Go ahead and click the Red ⚡ | Build button or the Green 🔨 | Bind button and wait for the payload to be generated. Once the payload has been generated, you can install it onto the Victim Device.

5. After installing the generated payload onto the Victim Device, you can go ahead and start listening for the connection.

Before clicking the Listen button, it is EXTREMELY IMPORTANT that we input the original port number that we chose to start ngrok with in Step 1 as the Port number to Listen on in AhMyth, NOT THE TUNNEL PORT NUMBER WE USED IN Steps 3 & 4. In this examples case, the original port number that was used when starting ngrok in Step 1 was 4444.

1. Launch ngrok with the tcp flag followed by your IP address and either port 80 or port 8080. This is similar to LAN Operations with ngrok, with the only exception being that the original port number to start ngrok with will always be either port 80 or port 8080, refer to the examples below for help.

ngrok tcp 10.0.2.15:80

ngrok tcp 10.0.2.15:8080

2. Once you've performed Step 1, you'll be greeted with a terminal output letting you know that ngrok has started tunneling. Focus on the section that looks similar to the example below, which contains what we will refer to from now on as our Tunnel IP Address and Tunnel Port Number.

0.tcp.ngrok.io:19876 => 10.0.2.15:80

0.tcp.ngrok.io:19876 => 10.0.2.15:8080

In this section, where it reads 0.tcp.ngrok.io, this is the Tunnel IP Address, and where it reads 19876, this is the Tunnel Port Number. Your values will differ, but the steps will always remain the same.

3. First, you will want to go ahead and copy the Tunnel IP Address (in the examples case, the Tunnel IP Address is 0.tcp.ngrok.io) and paste it in the Server IP box in the APK Builder tab. Then, you'll want to copy the Tunnel Port Number (in the examples case, the Tunnel Port Number is 19876) and paste it into the Server Port box in the APK Builder tab also.

4. Go ahead and click the Red ⚡ | Build button or the Green 🔨 | Bind button and wait for the payload to be generated. Once the payload has been generated, you can install it onto the Victim Device.

5. After installing the generated payload onto the Victim Device, you can go ahead and start listening for the connection.

Before clicking the Listen button, it is EXTREMELY IMPORTANT that we input the original port number that we chose to start ngrok with in Step 1 as the Port number to Listen on, NOT THE TUNNEL PORT NUMBER WE USED IN Steps 3 & 4.

• Note that your ngrok terminal outputs will be different from the examples above, but the steps remain the same.

• When using ngrok for WAN operations, ensure the Victim's Android Device has a strong internet connection.

• For LAN operations using AhMyth, the Server (Attacker) and Client (Victim) machines must be on the same network.

• Both the Server (Attacker) Side and the Client (Victim) Side require Wi-Fi for both LAN and WAN operations to work, regardless of whether you have used ngrok.