jOte-
-
Posts
38 -
Joined
-
Last visited
Posts posted by jOte-
-
-
@vailixi this is f* scary
... and this is how they hack ppl...
I hope my country have ppl @ the top understanding this threat!
using code embeded in jpg/png and use the decoder in using cached images... SUBLIME
its a MASTERWORK and i'm glad he made it public!!!
-
lol good luck...
-
https://www.nginx.com/blog/running-non-ssl-protocols-over-ssl-port-nginx-1-15-2/
If you can man in the middle in that case....
- wget ok
- curl ok
- internet explorer ok
- edge ok
- firefox ok
- chrome ok / newest version is complaining (can be some bad configuration... - just testing-) ... TLSv1.3
*if you disable it in chorme it works...
map $ssl_preread_protocol $upstream {
default ssh;
"TLSv1.2" web;
}- vivaldis ok
-
no @reboot ... in cronjobs....
I think this is a good example for this "problem"...
Add a cronjob in script
croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab -
Delete a cronjob in script
croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab -
I use this script to be sure it is connected....
ssh.vpn.start
#!/bin/bash up=`ping -c1 192.168.0.6 &> /dev/null; echo $?` if [ "$up" -eq "1" ] then ssh -NTCf -w 0:0 -o TCPKeepAlive=yes -o ServerAliveInterval=60 root@hostname tun=`ip a show tun0 &> /dev/null ; echo $?` if [ "$tun" -eq "0" ] then ip link set tun0 up ip addr add 10.0.0.174/32 peer 10.0.0.184 dev tun0 ip route add 192.168.0.0/24 via 10.0.0.184 arp -sD 10.0.0.184 eth0 pub echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd"; echo "$cronjob" ) | crontab - ssh root@hostname 'ip link set tun0 up && ip addr add 10.0.0.184/32 peer 10.0.0.174 dev tun0 && ip route add 10.0.0.0/24 via 10.0.0.174' fi fi
ssh.vpn.stop
#!/bin/bash sudo kill $(ps aux | grep 'ssh -NTCf -w 0:0' | awk '{print $2}') ps aux | grep 'ssh -NTCf -w 0:0' croncmd="/home/yourusername/ssh.vpn.start" cronjob="*/5 * * * * $croncmd" ( crontab -l | grep -v -F "$croncmd" ) | crontab -
https://wiki.archlinux.org/index.php/VPN_over_SSH
https://help.ubuntu.com/community/SSH_VPN
+---------------+ OpenSSH 4.3 +---------------+ | Machine A | tun0 -- Tunnel Interface -- tun0 | Machine B | | Has a tunnel | <------------------------------->| Has a tunnel | | and ethernet | 10.0.0.100 10.0.0.200 | and ethernet | +-------+-------+ point to point connection +-------+-------+ eth0 | creates a bridge | eth0 10.0.0.100 | that plugs machine B | 192.168.0.100 port 22 | into network A | forwarded | | here | | +-------+-------+ +-~-~-~-~-~-~-~-+ +-------+-------+ | Network A | | | | Network B | | 10.0.0.1/24 | 1.2.3.4 | The Internet | | 192.168.0.1/24| | Has internet |<-------->| |<----->| Has internet | | NAT gateway | Routable | | | NAT gateway | +---------------+ Address +-~-~-~-~-~-~-~-+ +---------------+VLAN ALL UNTRUSTED DEVICES!!! THEY ALL PHONE HOME....
-
bruteforcing rdp is stupid... gpo would lock u out as PoSHMagiC0de is mentioning...
-
See spoiler:
@ECHO OFF
:: @jOte- 2059
:: CONNECT RDP/RDGATEWAY and cleanup ...
:: SETTINGSSET RDGATEWAY=remote.bla.com
SET RDUSERNAME=BASE\admin
SET RDPASSWORD=whatthefuckSET HOSTNAME=TS01
SET USERNAME=BASE\admin
SET PASSWORD=whatthefuckSET RDPFILE=%TMP%\~bb%RANDOM%.tmp
:: END SETTINGS
@ECHO OFF
CLS:: "Unknown publisher"
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /t "REG_DWORD" /d 109 /f >NUL 2>&1:: "The identity of the remote computer cannot be verified. Do you want to connect anyway?"
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f >NUL 2>&1:: Delete old credentials from Micro$oft vault
CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1
CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1:: Store credentials to Micro$oft vault
CMD /Q /D /C cmdkey /add:"%RDGATEWAY%" /user:"%RDUSERNAME%" /pass:"%RDPASSWORD%" >NUL 2>&1
CMD /Q /D /C cmdkey /generic:"%HOSTNAME%" /user:"%USERNAME%" /pass:"%PASSWORD%" >NUL 2>&1:: Create tmpfile
CALL :createFile %HOSTNAME% %USERNAME%:: Start tmpfile
REM START mstsc /admin %RDPFILE%
START mstsc %RDPFILE%:: Wait 20 seconds and cleanup
TIMEOUT /NOBREAK 30 >NUL
CALL :cleanup
GOTO :EOF:cleanup
:: Delete stored credentials from Micro$oft vault
CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1
CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1:: Restore "Unknown publisher"
REG DELETE "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /f >NUL 2>&1:: Restore "The identity of the remote computer cannot be verified. Do you want to connect anyway?"
REG DELETE "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /f >NUL 2>&1:: Delete tmpfile
DEL /F /Q %RDPFILE% >NUL 2>&1
GOTO :EOF:createFile
(
ECHO screen mode id:i:2
ECHO use multimon:i:0
ECHO desktopwidth:i:1920
ECHO desktopheight:i:1080
ECHO session bpp:i:32
ECHO winposstr:s:0,3,0,0,800,600
ECHO compression:i:1
ECHO keyboardhook:i:2
ECHO audiocapturemode:i:0
ECHO videoplaybackmode:i:1
ECHO connection type:i:7
ECHO networkautodetect:i:1
ECHO bandwidthautodetect:i:1
ECHO displayconnectionbar:i:1
ECHO enableworkspacereconnect:i:0
ECHO disable wallpaper:i:0
ECHO allow font smoothing:i:0
ECHO allow desktop composition:i:0
ECHO disable full window drag:i:1
ECHO disable menu anims:i:1
ECHO disable themes:i:0
ECHO disable cursor setting:i:0
ECHO bitmapcachepersistenable:i:1
ECHO full address:s:%1
ECHO audiomode:i:0
ECHO redirectprinters:i:0
ECHO redirectcomports:i:0
ECHO redirectsmartcards:i:1
ECHO redirectclipboard:i:1
ECHO redirectposdevices:i:0
ECHO autoreconnection enabled:i:1
ECHO authentication level:i:2
ECHO prompt for credentials:i:0
ECHO negotiate security layer:i:1
ECHO remoteapplicationmode:i:0
ECHO alternate shell:s:
ECHO shell working directory:s:
ECHO gatewayhostname:s:%RDGATEWAY%
ECHO gatewayusagemethod:i:2
ECHO gatewaycredentialssource:i:4
ECHO gatewayprofileusagemethod:i:1
ECHO promptcredentialonce:i:0
ECHO gatewaybrokeringtype:i:0
ECHO use redirection server name:i:0
ECHO rdgiskdcproxy:i:0
ECHO kdcproxyname:s:
ECHO username:s:%2
)>%RDPFILE%GOTO :EOF
:END
EXIT 1 -
:: "Unknown publisher"
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\LocalDevices" /v "%HOSTNAME%;%RDGATEWAY%" /t "REG_DWORD" /d 109 /f >NUL 2>&1:: "The identity of the remote computer cannot be verified. Do you want to connect anyway?"
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client" /v "AuthenticationLevelOverride" /t "REG_DWORD" /d 0 /f >NUL 2>&1:: Delete old credentials from Micro$oft vault
CMD /Q /D /C cmdkey /delete:"%RDGATEWAY%" >NUL 2>&1
CMD /Q /D /C cmdkey /delete:"%HOSTNAME%" >NUL 2>&1:: Store credentials to Micro$oft vault
CMD /Q /D /C cmdkey /add:"%RDGATEWAY%" /user:"%RDUSERNAME%" /pass:"%RDPASSWORD%" >NUL 2>&1
CMD /Q /D /C cmdkey /generic:"%HOSTNAME%" /user:"%USERNAME%" /pass:"%PASSWORD%" >NUL 2>&1
Common internal penetration tests
in Security
Posted
I want this JOB !!!!!! 🙂