UNDERCODE COMMUNITY

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Domain name service-set up dynamic dns by undercode :

especially like doing dynamic DNS, all friends who are interested in dynamic DNS should read it. Due to time constraints, I have not done any sorting.
name.conf:

// --------------- The part that declares Key ---------------
// PS: leo, mail key underneath Is the incorrect
key "leo" {
algorithm hmac-md5;
secret "hB / XM2eFTyxA5r / scautOZ ==";
};

key "mail" {
algorithm hmac-md5;
secret "ht5TkKKFP5l8u9ZTcDbStw ==";
};

//- ------------- Declaring the ZONE part ---------------
zone "sayya.org" {
type master;
file "named.sayya";

notify yes;

also-notify {
140.128.78.250;
211.23.99.
61.218.164.83;
};

allow-transfer {
140.128.78.250;
211.23.99.147;
61.218.164.83;
};

allow-query {
0.0.0.0/0;
};

update-policy {
// use the mail HOST key, only Permission change mail.sayya.org and rsync.sayya.org's A record
grant mail name mail.sayya.org. A;
grant mail name rsync.sayya.org. A;
// Use leo USER's key to fully control sayya .org, for example, add a subdomain, specify DNS
// or add an A, CNAME, TXT .. record, etc.
grant leo subdomain sayya.org. ANY;
};

}; This is

probably what it looks like, plus the previous reply the essay ..

--------

author: leoliou (warm winter) Kanban: Linux

> This seems to be a bug in the ddClient program given by DynDNS
> I used perl and bash shell script to write some small programs
> It can be used to detect the existence of the PPP interface
> If it does not exist, connect ^ o ^

Well, see this The letter feels that there is really an atmosphere of discussion. I really like this feeling ~ icon_smile.gif I

remember that when I used ADSL dial-up system before, I used rp-pppoe
to connect. This can solve the problem of disconnection.

Next is the point, what about Dynamic IP? My current environment is a two-way cable, and the IP is also obtained by
DHCP Server from Dynamic IP. Of course, if you apply for a program like dns2go,
it can solve your dynamic IP problem, but the disadvantage is that you can't use your own URL. It must be
some URL that has been legally regulated , or it may require you to use Point to the company's
escrow, in addition, you may have to run the dynamic IP update program provided by the company in the Server ..
In any case, it reminds me of system security issues .. For me, it is very inconvenient.

So, I found a server with a fixed IP and put Bind on it. This is the
Primary DNS of my own domain , which is Dynamic DNS. How to set it up is mentioned later. And the
fixed IP of this DNS is assumed to be 61.22.33.20, Domain is example.com, and the registered name is
ns.example.com icon_smile.gif

Then, let ’s say my mail server is at home, which is my current two-way cable line. ,
this mail server of the Domain name is assumed to be: mail.example.com
I just timed my Primary DNS to update my mail server's IP on Hello,

how Primary DNS to determine which computer updates allowed to do it? There are two ways. The first way is
to set allow-update in Primary DNS. Setting certain fixed IPs can
update data to Primary DNS, but it is less flexible. The other is the
update-policy to be introduced later .

allow-update can allow specific IP or key to do dynamic update. By default, no
IP update is allowed .

The update-policy is only available in BIND 9. You do not need to specify a specific IP to perform dynamic updates.
Instead , you need to determine the update authority by key. Primary DNS has this key,
The mail server can use this key to dynamically update the IP in the future.
Of course, the mail server and Primary DNS have the same key.

146 views21:44

UNDERCODE COMMUNITY

The key is the visa generated by the dnssec-keygen tool, which is now
generated on the Primary DNS and sent to the mail server.

First, induced by the mail server Key:

# DNSSEC-keygen -a HMAC-MD5 -b 128 -n HOST mail
. Kmail 157 + 44 587 +
#

to see what the results will produce a file name similar Kmail + 157 + 44587.. key and
Kmail. + 157 + 44587.private two files.

Where Kmail + 157 + 44587.key file content looks like this:

# Kmail + 157 + 44587.key less.
Mail. 3 157 512 the IN KEY BJ7y6dzxchy3u0B4hRLksQ ==.
#

File BJ7y6dzxchy3u0B4hRLksQ == content of which is encoded, the so-called Key.

First, you have to copy these two keys to the mail server. It is recommended to use sftp transmission to
avoid theft.

Now, the settings on Primary DNS are started.

----- /etc/named.conf ----------

key "mail" {
algorithm hmac-md5;
secret "BJ7y6dzxchy3u0B4hRLksQ ==";
};

zone "example.com" {
type master;
file "named.example";

update-policy {
grant mail name mail.example.com. A ;
// mail key is only allowed to update the A record of mail.example.com.
};
};

----- End of File ----------

Primary DNS Run bind.

Next, how to update the mail server?

Of course, the most important thing is to get the mail server key first. As mentioned earlier,
after the Primary DNS is generated, it is transferred to the mail server by ftp.

Use the nsupdate tool to update the Primary DNS:

$ nsupdate -k Kmail. + 157 + 44587.key
> server ns.example.com // Specify Primary DNS
> update delete mail.example.com A // Delete the old data first
> update add mail.example.com 0 A 210.64.233.10 // Add new information
> send // Send to Primary DNS
$ // Ctrl-C or Ctrl-D to leave to

verify whether the update was successful:

$ host mail. example.com ns.example.com
mail.example.com has address 210.64.233.10
$

Congratulations, your update is successful. If you are not successful, please go to the Primary DNS to see the messages log.
Note that the permissions of the key file should only be read and written by the owner, and should be -rw ------- Please note.
The user who executes nsupdate should be the owner of the key, otherwise Permission denied will occur
.

If you want your computer to update automatically, here is a script I wrote for reference:

create a tmp.txt with the following content:

----- tmp.txt ----------
server ns.example .com
update delete mail.example.com A
update add mail.example.com 0 A SERVER_NEW_IP
send
----- End of File ----------

Create updated script: newip.sh

----- newip.sh ----------
#! / Bin / sh
#
# Written by LeoLiou.
#

# Config the update dir.
Exe_path = / root / nsupdate

new_IP = `/ sbin / ifconfig eth0 | grep 'inet addr' | cut -d: -f 2
| cut -d '' -f1`

/ bin / cat $ exe_path / tmp.txt | sed s / SERVER_NEW_IP / $ new_IP / g
> $ exe_path / update.txt

# update now IP to name server.
/ usr / bin / nsupdate -k $ exe_path / Kmail. + 157 + 44587.key -v $ exe_path / update.txt
----- End of File ----------

Please put your key, tmp.txt, newip.sh in the same directory, and give newip.sh execute permission.
Please execute newip.sh once to confirm that there is no problem, and then use crontab to execute newip.sh.

0 * * * * /root/nsupdate/newip.sh

This completes the entire dynamic IP update mechanism.

For update-policy, please see the BIND 9 Administrator Reference Manual:

http://www.isc.org/products/BIND/bind9.html

The use of dnssec-keygen and nsupdate, I believe the man page has been written very clearly.
icon_smile.gif

-
Leo Liou (leo@i18n.linux.org.tw)

Join i18n project: http://i18n.linux.org.tw/

* ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~ * ~

---------------
Supplemented by netman on October 30, 2002 ﹕
---------- -----

I slightly modified Leo's script and placed it under the / root / nsupdate directory.
I changed the interface here to ppp0, and also reduced unnecessary transmission actions.
(Note: I changed the original tmp.txt to nsupdate.scr, please pay attention.) The

content is as follows:

#! / Bin / bash
#

130 views21:44

UNDERCODE COMMUNITY

# set variables
if echo $0 | grep '^/' ; then
w_dir=${0%/*}
else
w_dir=$PWD/${0%/*}
fi
KEY_FILE=$w_dir/Kmail.+157+44587.key
UPDATE_SCR=$w_dir/nsupdate.scr
UPDATE_DATA=$w_dir/nsupdate.data
HOST_NAME=mail.example.com
NS_SERVER=ns.example.com
IF="ppp0"

# ensure key files
for file in $KEY_FILE ${KEY_FILE%key}private
do
if [ ! -r $file ]; then
echo "$(basename $0): ERROR: $file is not readable."
exit 1
fi
done

# prepare initial script
test -f $UPDATE_SCR || {
cat >| $UPDATE_SCR <<-ENDSCR
server NS_SERVER
update delete HOST_NAME A
update add HOST_NAME 0 A NEW_IP
send
ENDSCR # <----- 請將 ENDSCR 前面的空白換成 tab ！
test "$?" = "0" || {
echo "$(basename $0): ERROR: could not create $UPDATE_SCR."
exit 2
}
}

# ensure the server is connectable
host $NS_SERVER $NS_SERVER | grep "$NS_SERVER" &>/dev/null || {
echo "$(basename $0): ERROR: could not contact nameserver $NS_SERVER."
exit 3
}

# get current ip
NEW_IP=$(ifconfig | grep "$IF " -A 1
| awk '/inet/ {print $2}' | sed -e 's/.*://')

# do a test then update
host $HOST_NAME $NS_SERVER | grep "$NEW_IP" &>/dev/null || {
/bin/cat $UPDATE_SCR | sed s/NEW_IP/$NEW_IP/
| sed s / NS_SERVER / $ NS_SERVER /
| sed s / HOST_NAME / $ HOST_NAME /
> | $ UPDATE_DATA
/ usr / bin / nsupdate -k $ KEY_FILE -v $ UPDATE_DATA || rm -rf $ UPDATE_DATA
}

# -end of script -# The

above script can be downloaded here:
http://study-area.ks.edu.tw/linux/src/newip.sh.tgz

Currently this script can only be executed on the linux client,
but I think, through Simple cgi function, then any windows client can also be easily updated,
but this part needs other friends to help set up.

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

103 views21:44

UNDERCODE COMMUNITY

This media is not supported in your browser

VIEW IN TELEGRAM

99 views21:44

UNDERCODE COMMUNITY

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Miscellaneous tools-do not compile kernel support rh8 BY UNDERCODE
FB.COM/uNDERCODEtESTING

My Method (original rh8, not upgraded or compiled kernel):
1. Search on google.com And download kernel-ntfs-2.4.18-14.i686.rpm
2. rpm -ivh kernel-ntfs-2.4.18-14.i686.rpm
3. mkdir / mnt / c
4. mount -t ntfs / dev / hda1 / mnt / c

Original
http://fr2.rpmfind.net/linux/rpm2html/search.php?query=kernel-ntfs
This method is really great. If you go down to an RPM, it will be OK. Choose the kernel that corresponds to your system RPM

#uname -a
will have a message similar to the following
Linux LinuxSir01 2.4.18-17.8.0 # 1 Tue Oct 8 13:51:08 EDT 2002 i686 i686 i386 GNU / Linux
This is about to download and 2.4.18-17.8 Corresponding to the kernel. . We need to analyze specific issues.
The above is the Intel CPU. . . . .

If you have an AMD CPU, it's something like this. .

Linux LinuxSir01 2.4.18-14 # 1 Wed Sep 4 12:13:11 EDT 2002 i686 athlon i386 GNU / Linux
Take a look here, is there an athlon in the red letters? Then you need to download the end of athlon.rpm, but it can not be the file name and do not carry smp or the like, the above example is the same.

Then install the downloaded RPM on

#rpm -ivh ker * rpm --nodeps --force

mount partition for some specific work:

#mkdir / mnt / WinC
#mount -t ntfs / dev / hda1 / mnt / WinC
#cd / mnt / WinC to

see if it can be accessed? If you cannot access it, it means that the downloaded RPM does not correspond to the kernel version. Think about what you should download. . . . .

WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Facebook

Undercode Testing Company

103 views21:44

UNDERCODE COMMUNITY

This media is not supported in your browser

VIEW IN TELEGRAM

103 views21:44

UNDERCODE COMMUNITY

Google

HubSpot Sales

Email tracking, CRM for Gmail, and sales productivity tools in your inbox

117 views21:44

UNDERCODE COMMUNITY

This media is not supported in your browser

VIEW IN TELEGRAM

109 views21:44

UNDERCODE COMMUNITY

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST 2020 PHISHING & KEYLOGGER for HACK facebook & INSTAGRAM & MUCH MORE ... ON TERMUX- LINUX :
t.me/UndercodeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

A) 1) git clone https://github.com/thelinuxchoice/shellphish

2) cd shellphish

3) bash shellphish.sh

B) hidden eye

1) git clone https://github.com/DarkSecDevelopers/HiddenEye.git

2) chmod 777 HiddenEye

3) sudo apt install python3-pip

4) cd HiddenEye

5) sudo pip3 install -r requirements.txt

6) sudo pip3 install requests

8) python3 HiddenEye.py

> on BlackArch official repository

sudo pacman -S hidden-eye
to run just use

sudo hidden-eye

159 views21:44

UNDERCODE COMMUNITY

111 views21:44

About

Blog

Apps

Platform