Archive

Archive for January, 2018

ssh tunnel with stunnel4 hop

January 23, 2018 Leave a comment

Previously I showed how to connect from computerA to computerB via ssh over https.

Now I will show how to connect from computerA to computerC using ssh over https through computerB.

The purpose of this is to allow the direct use of scp or sshfs directly between computerA and computerB while computerC simply tunnels all traffic.

After establishing the stunnel4 connection between computerA and computerB with the listening stunnel4 port on computerA being 2200, from computerA:

ssh -f localhost -p 2200 -L 2222:computerC:22 -N

The -f tells ssh to go into the background just before it executes the command. This is followed by opening a stunnel4 connection locally on 2200 (which is forwarded to computerB:22). The -L 2222:computerC:22 is in the form of -L local-port:host:remote-port.  This will open port 2222 on computerA which will tunnel through stunnel4 through computerB and open a connection to computerC port 22. Finally the -N instructs OpenSSH to not execute a command on the remote system.

To recap, this essentially forwards the local port 2000 to port 22 on computerC, with nice benefit of being encrypted.  Now, from computerA you can ssh directly to computerC using local port 2222:

ssh localhost -p 2222

computerA:2222 -> computerA:2200 -> stunnel4 -> computerB:443 -> computerB:22 -> computerC:22

you can now scp files from computerC directly to computerA

scp -P 2222 user:localhost:file .

In my next post I will figure out how to create multiple chains such that port 80 web browsing from computerA originates from computerC.

 

 

Categories: Uncategorized

stunnel4 ssh over https

January 22, 2018 Leave a comment

server:

sudo apt-get install stunnel4

openssl genrsa 1024 > stunnel.key
openssl req -new -key stunnel.key -x509 -days 1000 -out stunnel.crt
cat stunnel.crt stunnel.key > stunnel.pem
sudo mv stunnel.pem /etc/stunnel/

sudo chmod 600 /etc/stunnel/stunnel.pem

/etc/stunnel/stunnel.conf

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem

[ssh]

accept = public_ip:443
connect = 127.0.0.1:22

sudo service stunnel4 start

 

client:

sudo apt-get install stunnel4

/etc/stunnel/stunnel.conf

 

pid = /var/run/stunnel.pid
cert = /etc/stunnel/stunnel.pem

; debugging stuff (may useful for troubleshooting)
;debug = 7
;output = /var/log/stunnel.log

client=yes

[ssh]
accept = 127.0.0.1:2200
connect = server_public_ip:443

sudo service stunnel4 start

Categories: Uncategorized

Hacking Game

January 11, 2018 Leave a comment

An MMORPG cursors based terminal app which teaches the basics of hacking systems.  Although it will be a VNR virtual network reality, the skills learned and utilized will apply to the Internet.

The environment could possibly be ssh or ps in a scripted mode of sorts.

  1. The game will start with tutorial assignments in which the basics of the Linux Terminal is learned.
  2. Understanding the use of X windows to spawn a GUI interface within the application.
  3. BADGES – command line tool use ie ssh, lynx, email, nmap, KVM, tar, build, git, sudo, file system structure, etc. awarded to users for completing training.
  4. Learn virtual currency, cryptography, openssh, etc.
  5. Role playing bots communicating via email.
  6. Master / Student relationship.  First goal – locate Master
    1. SCRIPT KIDDIE – Establish home session breach using exploit tool
    2. Upon automated login UNIX <you’ve got mail> with instructions
    3. Welcome email message with email address of the Admin
    4. Social Engineering basics – communicate with admin as a new employee and gather target information.
    5. GOAL – Use session as starting point for all subsequent lessons.
    6. Establish Usenet and then find a Master.
  7. Porn Hacking
    1. PREREQUISITES – Purchase porn site hacked data from darkweb using bitcoins and hack somebody’s iPhone and have massive storage available ie hacked Amazon storage account.
    2. nmap from iphone
    3. locate laptop, streaming cameras, usb drives, etc.
    4. Establish terminal in laptop.
    5. sniff and retrieve credentials to rsync drive
      1. keyloger
      2. remote drive config
      3. backup script
    6. download massive porn
    7. sell porn on darkweb to make some bitcoin
  8. Bitches
    1. Obtain contact information from porn producers laptop
    2. contact and communicate with bitches (AI conversation bots)
    3. Obtain financial information from porn producers laptop
    4. send checks to bitches, buy bitcoin, stash money in PayPal, try to get as much money as possible from the account until account is closed and laptop is wiped.

 

Categories: Uncategorized

Big Open Source Blog Idea

January 11, 2018 Leave a comment

Open Source IP is very frequently pirated in the form of source code.  The pirated IP source code is then embedded into a commercial product which generates revenue none of which is never paid in royalties for the pirated IP source code.

I propose the following mitigation strategy:

  1. Include in the Open Source IP terms of license agreement that tracking device may be used to mitigate pirating and is accepted by the users of this Open Source IP source code.
  2. Incorporate a tracking device in the Open Source IP source code.  Upon execution the tracking device will send as much information about the source system as possible, including reverse dns, local dns probes, nmap scans, and os registration information.
  3. Publish this source code to main repository.
  4. Build release from HEAD~1 (not the version that contains the tracking device)
  5. Announce a new bin release of the open source app to the public
  6. Pirates of your Open Source IP will download the source code containing the tracking device
  7. Pirates of your Open Source IP will release versions of their commercial products and notify you of their presence.
  8. Legal action may be started and additional legal investigation may occur prior to ever notifying the pirate(s) businesses.
  9. The pirate business will always opt for a large quiet cash resolution.
  10. A legal firm who both specializes in the legal action and specializes in the technology involved, would be —-Michaelis & Michaelis—-
Categories: Uncategorized