Jump to content

Search the Community

Showing results for tags 'iptables'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 12 results

  1. I currently use a NUC with kali on it as a tool to perform remote internal network testing. It is configured so that it acts as a client that connects to an OpenVPN (not the AS) server and allows for traffic to be routed through it to the inside network and back again. I'd like to just use LANTurtles as they are smaller, less expensive and supports a resource to the hacker community that has been invaluable for like 15 years. The issue is that we have an OpenVPN server using a tap interface instead of a tun interface. When I look at the iptables rules I can see that a tun0 rule has been placed. I have little to no experience with fw3 and how it functions. I cannot see where the tun rule is being configured (its not in the firewall file) so that I can imitate it. Inserting a new rule with the same syntax does not appear to resolve the issue. 1. Are the firewall rules, currently in place, just default rules for fw3, or have they been preconfigured specifically to facilitate the use of the available modules? If I wipe them and build my own am I likely to break a module capability? 2. Can someone point me to a detailed resource (my google foo has failed me, all I find are intros to this or that and they are surface notes at best) about fw3 or iptables as it is implemented here.
  2. Hello, I've been attempting to redirect port 80 to port 8080 using iptables v1.8.3 to test an SSL strip MITM attack. I've entered the command: iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 8080 upon entering it gives me the _error_: unknown option "--dport" it also doesn't recognize the "--to-port" option. I'm running Kali Linux on a Rasberry Pi 4B 4GB Does anyone know how I can resolve this? I haven't found anything useful on the web after three days of troubleshooting. cheers! -MichaelPV
  3. I'm having issues with getting internet to the bashbunny, it seems something goes wrong when docker and/or bridge interface of virtualbox are installed. patrick@patrick-X470-AORUS-ULTRA-GAMING:~/Downloads/bashbunny$ sudo ./bb.sh _____ _____ _____ _____ _____ _____ _____ _____ __ __ (\___/) | __ || _ || __|| | | | __ || | || | || | || | | (='.'=) | __ -|| ||__ || | | __ -|| | || | | || | | ||_ _| (")_(") |_____||__|__||_____||__|__| |_____||_____||_|___||_|___| |_| Bash Bunny by Hak5 USB Attack/Automation Platform v1 Saved Settings: Share Internet connection from enp7s0 to Bash Bunny at enx001122334455 through default gateway 192.168.178.1 [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit Select Bash Bunny Interface: [0] enp7s0 192.168.178.40/24 [1] docker0 172.17.0.1/16 [2] br-1f72b7506f18 172.18.0.1/16 [3] br-ccdda4d09e11 172.20.0.1/16 [4] br-cf988d4d1ce6 172.19.0.1/16 [5] vetha62eb95@if7 Device "vetha62eb95@if7" does not exist. [6] veth33983ef@if9 Device "veth33983ef@if9" does not exist. [7] enx001122334455 172.16.64.10/24 > 7 Select Internet Interface: [0] enp7s0 192.168.178.40/24 [1] docker0 172.17.0.1/16 [2] br-1f72b7506f18 172.18.0.1/16 [3] br-ccdda4d09e11 172.20.0.1/16 [4] br-cf988d4d1ce6 172.19.0.1/16 [5] vetha62eb95@if7 Device "vetha62eb95@if7" does not exist. [6] veth33983ef@if9 Device "veth33983ef@if9" does not exist. [7] enx001122334455 172.16.64.10/24 > 0 Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.178.1 0.0.0.0 UG 0 0 0 enp7s0 0.0.0.0 172.16.64.1 0.0.0.0 UG 0 0 0 enx001122334455 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp7s0 172.16.64.0 0.0.0.0 255.255.255.0 U 0 0 0 enx001122334455 172.17.0.0 0.0.0.0 255.255.0.0 U 0 0 0 docker0 172.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-1f72b7506f18 172.19.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-cf988d4d1ce6 172.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br-ccdda4d09e11 192.168.178.0 0.0.0.0 255.255.255.0 U 0 0 0 enp7s0 Specify Default Gateway IP Address: 192.168.178.1 Settings saved. Saved Settings: Share Internet connection from enp7s0 to Bash Bunny at enx001122334455 through default gateway 192.168.178.1 [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit Detecting Bash Bunny.......................found. _ . ___ (\___/) ( _ )_ <--> [___] <--> (='.'=) (_ _(_ ,) \___\ (")_(") iptables: Too many links.
  4. I have been using my tetra with openvpn as a travel router. it works great. I recently configured it with a USB modem; the Huawei E8372. It still connects to the VPN and client's traffics is routed via the VPN tunnel. The issue I am having is that the traffic for the pinneaple itself is not being routed via the tunnel. There is my routing table. Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.100.1 128.0.0.0 UG 0 0 0 tun0 default 192.168.8.1 0.0.0.0 UG 0 0 0 eth2 Modem's IP 192.168.8.1 255.255.255.255 UGH 0 0 0 eth2 128.0.0.0 192.168.100.1 128.0.0.0 UG 0 0 0 tun0 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.8.0 * 255.255.255.0 U 0 0 0 eth2 192.168.8.1 * 255.255.255.255 UH 0 0 0 eth2 192.168.100.0 * 255.255.255.0 U 0 0 0 tun0 I am not really familiar with routing tables. Thank you for the assistance
  5. Hi, i have error wnrb configure root@zion:/opt# ./wp6.sh _ ___ _______ ____ _ __ | | / (_) ____(_) / __ \(_)___ ___ ____ _____ ____ / /__ | | /| / / / /_ / / / /_/ / / __ \/ _ \/ __ '/ __ \/ __ \/ / _ \ | |/ |/ / / __/ / / / ____/ / / / / __/ /_/ / /_/ / /_/ / / __/ |__/|__/_/_/ /_/ /_/ /_/_/ /_/\___/\__,_/ .___/ .___/_/\___/ /_/ /_/ v6.4 Saved Settings: Share Internet connection from to WiFi Pineapple at eth1 through default gateway [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit WiFi Pineapple detected. Please disconnect the WiFi Pineapple from this computer and press any key to continue with guided setup. Step 1 of 3: Select Default Gateway Default gateway reported as Use the above reported default gateway? [Y/n]? Step 2 of 3: Select Internet Interface Internet interface reported as Use the above reported Internet interface? [Y/n]? Step 3 of 3: Select WiFi Pineapple Interface Please connect the WiFi Pineapple to this computer. ....[Checking] Detected WiFi Pineapple on interface eth1 Use the above detected WiFi Pineapple interface? [Y/n]? Settings saved. Saved Settings: Share Internet connection from to WiFi Pineapple at eth1 through default gateway [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit Detecting WiFi Pineapple............found. _ . ___ \||/ ( _ )_ <--> [___] <--> ,<><>, (_ _(_ ,) \___\ '<><>' Bad argument `eth1' Try `iptables -h' or 'iptables --help' for more information. SIOCDELRT: No such process Usage: inet_route [-vF] del {-host|-net} Target[/prefix] [gw Gw] [metric M] [[dev] If] inet_route [-vF] add {-host|-net} Target[/prefix] [gw Gw] [metric M] [netmask N] [mss Mss] [window W] [irtt I] [mod] [dyn] [reinstate] [[dev] If] inet_route [-vF] add {-host|-net} Target[/prefix] [metric M] reject inet_route [-FC] flush NOT supported Browse to http://172.16.42.1:1471 and after install, when start - don't have internet connections. PS how i can do hard reset? Maybe it will help.
  6. Hello everyone, I have create a very simple html which is the only page i want my clients to see. Like a captive portal but not intrested in giving them internet connection. I am having problems with nodogsplash which does not redirect any traffic when my pineapple is not connected to the internet. I know i can use "Evil Portal" but i am trying to make this manual. I also noticed that nodogsplash is at 0.9_beta9.9.9 but opkg brings 0.9_beta9.9.6 (not only pineapple, openwrt too) Does the pineapple have to be connected to the internet for nodogsplash to work? Is there a way to replicate the iptables rules nodogsplash creates? Is there any good alternative "captive portal manager" you can suggest? My nodogsplash.conf My /etc/config/dhcp Running: nodogsplash -d 7 -f and it stays like this even when clients connect. As an alternative i tried dnsspoof and iptables (one at a time and both together) My spooofhost.conf dnsspoof -i br-lan -f spoofhost.conf iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to-destination 172.16.42.1 and iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 172.16.42.1 In this case it redirects traffic to 172.16.42.1 but if pineapple is not connected to the internet Android and iPhone Devices cannot betect the "captive portal" and pop the pseudo browser.
  7. Hello all, I am having an issue with redirecting traffic for sslstrip using iptables, I have tried to use these commands: iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 60000 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 60000 Which should redirect http traffic from port 80 to 60000, where I would have my sslstrip listening, however, nothing happens. After applying the above rule I test using tcpdump -i wlan0 'port 60000' and no traffic is seen, while port 80 has traffic. I have tried flushing all tables (iptables -F, iptables -t nat -F) and running the above rules, to no avail. If anyone has any ideas any help would be appreciated.
  8. I'm trying to set up my pineapple MK4 (running 2.7.0) to be able to filter certain tcp ports on a bridge interface. I am able to do this same thing on my laptop running 12.04 ubuntu between two interface cards, but I can't seem to get it to work on the MK4. I realize the below steps are not persistant on a reboot as this is only a POC I am trying to achieve. The steps I take on the MK4: - I edit /etc/sysctl.conf and reboot the MK4 (I read this in another forum and have tried it both ways (with '1' or '0' -default) net.bride.bridge-nf-call-iptables=1 - I create a new bridge and add eth1 brctl addbr br0 ifconfig eth1 0.0.0.0 promisc up brctl addif br0 eth1 - I delete the pineapple exsisitng bridge and add eth0 to the new bridge ifconfig br-lan down ifconfig eth0 down brctl delbr br-lan ifconfig eth0 0.0.0.0 promisc up brctl addif br0 eth0 - I bring up the bridge ifconfig br0 192.168.1.1 netmask 255.255.255.0 up At this point traffic goes through the bridge between eth0 and eth1 (which is good) but I want to be able to filter the forwarding traffic via iptables. - so I add this to the iptables flush them iptables -X iptables -F add filter iptables -A FORWARD -p tcp --dport 80 -j DROP but it still continues to forward port 80 (or any port I put in) I have also tried iptables -A FORWARD -j DROP and it still continues to forward everything. If I do this on INPUT or OUTPUT it does work as I expect it to. What am I missing? I understand that bridge is layer 2 while iptables are layer 3 but I have read that "bridge-nf-call" (I have no idea what I am talking about) takes care of this. Do I need to install additional iptables packages maybe? Thanks in advance for any advice you may have. magoo
  9. While i know its very possible, I was just wondering if anyone could possibly help me try to figure out how i could go about using an MK4 essentially as Dual Wan load-balancing router. For example,
  10. I'm trying to "hide" the fact that SSH + deluge are running when port scanned. I think my options are I can firewall the server, open SSH port and keep it visible, and get to the deluge by going to localhost:8112 after a ssh -D $someport. Or, I can use knockknock and hide SSH and Deluge but need to keep 1outbound+1inbound tcp port open for deluge xfers (or use knockknock-proxy). - Server(s) running Ubuntu 10.10 --> 12.04 - knockknock --> http://www.thoughtcr...are/knockknock/ - SSH - deluge-torrent.org/ 1. Has anyone on the forums attempted to setup port knocking with knockknock before? 2. Am I correct in assuming that it would be wise to NOT use UFW to configure my firewall and instead rely strictly on iptables? I believe this to be true because knockknock will need custom iptable entries to work. 3. SSH seems simple to think through. Knock on one port and connect. All Inbound+Outbound traffic flows over one port after the connection is established -- easy enough. 4. I threw in an application like Deluge because I can't get my head around the firewall logic. "deluged" runs as a local daemon on the server. Once a Torrent is added it needs two ports to operate (1 Inbound + 1 Outbound). "deluge-web --fork" is a web gui to add/remove Torrents. It runs on a separate port (8112 by default), for a total of three. My best guess is to create a knockknock rule for the web gui (8112) and leave deluge's inbound (5000) + outbound (6000) ports open and standard SSH knockknock rule. OR should I use the knockknock-proxy? Can anyone contribute/comment on how this should be setup? THANKS
  11. Hi All, Scenario/Background: I'm on a boat. We use VSAT + two year old Cisco router. Router has been locked down. The only ports open are 80 (http), 443 (https), 25 (mail), 3389 (RDP). When travelling I used to be able to use OpenVPN (udp), PPTP VPN (tcp), or a socksified (-D) SSH connection to tunnel my traffic. That's no longer the case. I borked my VPS server trying to get around the above stated issue. It's left me in a bit of a pickle. I can use TOR to get to my VPS's CPANEL (control panel). I have to use a service like TOR, because the CPANEL is on a non-standard web port (5454). I can't reinstall the server though. To do that I need to VNC to the VPS. I use 'Chicken of the VNC' which doesn't support proxying, like a web browser. I've looked at a few options, like NoVNC, etc which are browser based HTML5 implementations of a VNC client but they rely on a companion server which my VPS is not running. Any ideas? (1A) Help! *I'm asking a friend to remotely reconfigure my server, and to run SSH on port 443 so I'll have SSH access and web proxying ability, but it has led me to even more questions. I hope that the firewall doesn't filter to the Layer 7 networking stack, otherwise I might need a better solution. What are some ways to accomplish this? (2A) Below is what I've found so far. Please help me add to the list of possibilites. Is there a software solution (Mac OS X or Ubuntu) that allows a user to specify which application uses the socksified SSH connection (ex ssh -D 8080 username@y.y.y.y) on the local machine? (3A) It woud be ideal if an application could force traffic over the SSH connection. Example, tell 'Chicken of the VNC', Adium, etc to route through SSH without having to set a proxy in their individual preferences (most don't even have the option/ability). Future Solutions 1B. #Ubuntu wiki says this might be a problem on some VPS's - https://help.ubuntu....y/IptablesHowTo #execute on remote server iptables -t nat -I PREROUTING -p tcp -m conntrack --ctstate NEW -s x.x.x.x -d y.y.y.y --dport 443 -j REDIRECT --to-port 22 or #execute on remote server iptables -t nat -I PREROUTING --src x.x.x.x --dst y.y.y.y -p tcp --dport 443 -j REDIRECT --to-ports 22 sudo iptables -t nat -L -n -v #execute on local machine in Terminal ssh -p 443 -D 8080 username@y.y.y.y 2B. http://www.thoughtcr...tware/firemole/ 3B. http://dag.wieers.co...http-tunneling/ *anyone know of a more current way to do this? (4A) software doesn't look like it's been updated since 2009 4B. sudo nano /etc/ssh/sshd_config change the line "Port 22" to "Port 443" to save --> hit ctrl+o, then ctrl+x sudo restart ssh *how does encrypted web traffic (https 443) still work if SSH is now using port 443 on the VPS? (5A)
  12. Ho can make the iptable entries in to a startup script for jasager? How do I create 2 scripts, one for WAN port routing and 1 for Android USB Tethering? iptables -A FORWARD -i eth1 -o wlan0 -s 172.16.42.0 -m state --state NEW -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -s 172.16.42.0/24 -o usb0 -j ACCEPT iptables -A FORWARD -d 172.16.42.0/24 -m state --state ESTABLISHED,RELATED -i usb0 -j ACCEPT iptables -t nat -A POSTROUTING -s 172.16.42.0/24 -o usb0 -j MASQUERADE Thnks
×
×
  • Create New...