jOte-

I want this JOB !!!!!! 🙂

@vailixi this is f* scary ... and this is how they hack ppl... I hope my country have ppl @ the top understanding this threat! using code embeded in jpg/png and use the decoder in using cached images... SUBLIME its a MASTERWORK and i'm glad he made it public!!!

lol good luck...

https://www.nginx.com/blog/running-non-ssl-protocols-over-ssl-port-nginx-1-15-2/ If you can man in the middle in that case.... - wget ok - curl ok - internet explorer ok - edge ok - firefox ok - chrome ok / newest version is complaining (can be some bad configuration... - just testing-) ... TLSv1.3 *if you disable it in chorme it works... map $ssl_preread_protocol $upstream { default ssh; "TLSv1.2" web; } - vivaldis ok

no @reboot ... in cronjobs.... I think this is a good example for this "problem"... Add a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - Delete a cronjob in script croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - I use this script to be sure it is connected.... ssh.vpn.start #!/bin/bash up=`ping -c1 192.168.0.6 &> /dev/null; echo $?` if [ "$up" -eq "1" ] then ssh -NTCf -w 0:0 -o TCPKeepAlive=yes -o ServerAliveInterval=60 root@hostname tun=`ip a show tun0 &> /dev/null ; echo $?` if [ "$tun" -eq "0" ] then ip link set tun0 up ip addr add 10.0.0.174/32 peer 10.0.0.184 dev tun0 ip route add 192.168.0.0/24 via 10.0.0.184 arp -sD 10.0.0.184 eth0 pub echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - ssh root@hostname 'ip link set tun0 up && ip addr add 10.0.0.184/32 peer 10.0.0.174 dev tun0 && ip route add 10.0.0.0/24 via 10.0.0.174' fi fi ssh.vpn.stop #!/bin/bash sudo kill $(ps aux | grep 'ssh -NTCf -w 0:0' | awk '{print $2}') ps aux | grep 'ssh -NTCf -w 0:0' croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab - https://wiki.archlinux.org/index.php/VPN_over_SSH https://help.ubuntu.com/community/SSH_VPN +---------------+ OpenSSH 4.3 +---------------+ | Machine A | tun0 -- Tunnel Interface -- tun0 | Machine B | | Has a tunnel | <------------------------------->| Has a tunnel | | and ethernet | 10.0.0.100 10.0.0.200 | and ethernet | +-------+-------+ point to point connection +-------+-------+ eth0 | creates a bridge | eth0 10.0.0.100 | that plugs machine B | 192.168.0.100 port 22 | into network A | forwarded | | here | | +-------+-------+ +-~-~-~-~-~-~-~-+ +-------+-------+ | Network A | | | | Network B | | 10.0.0.1/24 | 1.2.3.4 | The Internet | | 192.168.0.1/24| | Has internet |<-------->| |<----->| Has internet | | NAT gateway | Routable | | | NAT gateway | +---------------+ Address +-~-~-~-~-~-~-~-+ +---------------+ VLAN ALL UNTRUSTED DEVICES!!! THEY ALL PHONE HOME....

bruteforcing rdp is stupid... gpo would lock u out as PoSHMagiC0de is mentioning...

See spoiler:

:: "Unknown publisher" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /t "REG_DWORD" /d 109 /f >NUL 2>&1 :: "The identity of the remote computer cannot be verified. Do you want to connect anyway?" REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f >NUL 2>&1 :: Delete old credentials from Micro$oft vault CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1 CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1 :: Store credentials to Micro$oft vault CMD /Q /D /C cmdkey /add:"%RDGATEWAY%" /user:"%RDUSERNAME%" /pass:"%RDPASSWORD%" >NUL 2>&1 CMD /Q /D /C cmdkey /generic:"%HOSTNAME%" /user:"%USERNAME%" /pass:"%PASSWORD%" >NUL 2>&1