β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de PART 2
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) If the driver has been compiled into the kernel: The PCI test program at system startup will automatically find all relevant network cards. The ISA card can also be automatically detected, but in some cases, the ISA card still needs to do the following configuration work: add configuration information to "/etc/lilo.conf", the method is to use the LILO program to start parameters Information is passed to the kernel. For ISA cards, edit the "lilo.conf" file, add the following:
> the append = "ether =" 0, 0, eth0 ether = "0, 0, eth1"
/ etc / sysconfig / Network-scripts / file ethN the ifcfg-
2) in In RedHat, the configuration files of system network devices are saved in "/ etc / sysconfig / network-scripts" In the directory, ifcfg-eth0 contains the configuration information of the first network card, ifcfg-eth1 contains the configuration information of the second network card, etc.
3) If you want to manually modify the network address or add a new network interface to the new interface, you can modify the corresponding File (ifcfg-ethN) or create a new file to achieve.
DEVICE = name name indicates the name of the physical device
IPADDR = addr addr indicates the IP address assigned to the card
NETMASK = mask mask indicates the network mask
NETWORK = addr addr indicates the network address
BROADCAST = addr addr indicates the broadcast address
ONBOOT = yes / no At startup Whether to activate the card
> none: no need to start the protocol
bootp: use the bootp protocol
dhcp: use the dhcp protocol
USERCTL = yes / no whether to allow non-root users to control the device
/etc/resolv.conf file
4) This file is a configuration file used by the domain name resolver (resolver, a library that resolves IP addresses based on host names), An example is as follows:
> search domainname.com
nameserver 208.164.186.1
nameserver 208.164.186.2
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de PART 2
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) If the driver has been compiled into the kernel: The PCI test program at system startup will automatically find all relevant network cards. The ISA card can also be automatically detected, but in some cases, the ISA card still needs to do the following configuration work: add configuration information to "/etc/lilo.conf", the method is to use the LILO program to start parameters Information is passed to the kernel. For ISA cards, edit the "lilo.conf" file, add the following:
> the append = "ether =" 0, 0, eth0 ether = "0, 0, eth1"
/ etc / sysconfig / Network-scripts / file ethN the ifcfg-
2) in In RedHat, the configuration files of system network devices are saved in "/ etc / sysconfig / network-scripts" In the directory, ifcfg-eth0 contains the configuration information of the first network card, ifcfg-eth1 contains the configuration information of the second network card, etc.
3) If you want to manually modify the network address or add a new network interface to the new interface, you can modify the corresponding File (ifcfg-ethN) or create a new file to achieve.
DEVICE = name name indicates the name of the physical device
IPADDR = addr addr indicates the IP address assigned to the card
NETMASK = mask mask indicates the network mask
NETWORK = addr addr indicates the network address
BROADCAST = addr addr indicates the broadcast address
ONBOOT = yes / no At startup Whether to activate the card
> none: no need to start the protocol
bootp: use the bootp protocol
dhcp: use the dhcp protocol
USERCTL = yes / no whether to allow non-root users to control the device
/etc/resolv.conf file
4) This file is a configuration file used by the domain name resolver (resolver, a library that resolves IP addresses based on host names), An example is as follows:
> search domainname.com
nameserver 208.164.186.1
nameserver 208.164.186.2
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 3 Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) "search domainname.com" means that when a host name is provided that does not include the full domain name, add the suffix of domainname.com after the host name; "nameserver" Indicates that the host specified by this address is used as the name server when resolving the domain name. The domain name server is queried in the order in which they appear in the file.
/etc/host.conf file
3) This file specifies how to resolve host names. Linux uses the resolver library to obtain the IP address corresponding to the host name. The following is an example of "/etc/host.conf":
order bind, hosts
γγmulti on
γγospoof on
3) "order bind, hosts" specifies the order of host name query. It is specified here that DNS is used to resolve the domain name, and then "/ etc / hosts "file (and vice versa).
4) "Multi on" specifies whether the hosts specified in the "/ etc / hosts" file can have multiple addresses, and hosts with multiple IP addresses are generally called multi-homed hosts.
5) "Nospoof on" means that IP address spoofing is not allowed for this server. IP spoofing is a means of attacking the security of the system. By masquerading the IP address as another computer, it can gain the trust of other computers.
/ etc / hosts file
6) When the machine starts, before it can query DNS, the machine needs to query some hostname to IP address matches. These matches are stored in the / etc / hosts file. In the absence of a domain name server, all network programs on the system query the file to resolve the IP address corresponding to a host name.
> The following is an example of a "/ etc / hosts" file:
γγIP Address Hostname Alias
γγ127.0.0.1 Localhost Gate.openarch.com
γγ208.164.186.1 gate.openarch.com Gate
γγ............
7) The leftmost column is Host IP information. The middle column is the host name. Any subsequent columns are aliases for that host. Once the machine's network profile is configured, the network should be restarted for the changes to take effect. Use the following command to restart the network: /etc/rc.d/init.d/network restart.
/etc/inetd.conf file
8) As we all know, as a server, the more service ports are open, the more difficult it is to ensure system security and stability. Therefore, the server providing specific services should be as open as possible to provide the necessary ports, and services that are not related to the server service should be closed. For example, a machine that serves as the www and ftp server should only open ports 80 and 25. Other unrelated services such as finger auth are turned off to reduce system vulnerabilities.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 3 Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) "search domainname.com" means that when a host name is provided that does not include the full domain name, add the suffix of domainname.com after the host name; "nameserver" Indicates that the host specified by this address is used as the name server when resolving the domain name. The domain name server is queried in the order in which they appear in the file.
/etc/host.conf file
3) This file specifies how to resolve host names. Linux uses the resolver library to obtain the IP address corresponding to the host name. The following is an example of "/etc/host.conf":
order bind, hosts
γγmulti on
γγospoof on
3) "order bind, hosts" specifies the order of host name query. It is specified here that DNS is used to resolve the domain name, and then "/ etc / hosts "file (and vice versa).
4) "Multi on" specifies whether the hosts specified in the "/ etc / hosts" file can have multiple addresses, and hosts with multiple IP addresses are generally called multi-homed hosts.
5) "Nospoof on" means that IP address spoofing is not allowed for this server. IP spoofing is a means of attacking the security of the system. By masquerading the IP address as another computer, it can gain the trust of other computers.
/ etc / hosts file
6) When the machine starts, before it can query DNS, the machine needs to query some hostname to IP address matches. These matches are stored in the / etc / hosts file. In the absence of a domain name server, all network programs on the system query the file to resolve the IP address corresponding to a host name.
> The following is an example of a "/ etc / hosts" file:
γγIP Address Hostname Alias
γγ127.0.0.1 Localhost Gate.openarch.com
γγ208.164.186.1 gate.openarch.com Gate
γγ............
7) The leftmost column is Host IP information. The middle column is the host name. Any subsequent columns are aliases for that host. Once the machine's network profile is configured, the network should be restarted for the changes to take effect. Use the following command to restart the network: /etc/rc.d/init.d/network restart.
/etc/inetd.conf file
8) As we all know, as a server, the more service ports are open, the more difficult it is to ensure system security and stability. Therefore, the server providing specific services should be as open as possible to provide the necessary ports, and services that are not related to the server service should be closed. For example, a machine that serves as the www and ftp server should only open ports 80 and 25. Other unrelated services such as finger auth are turned off to reduce system vulnerabilities.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 4 Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) And inetd, also known as "super server", is a daemon that monitors some network requests, and it calls the corresponding service process to process connection requests according to the network request. inetd.conf is the configuration file for inetd.
2) The inetd.conf file tells inetd which network ports to listen on and which service to start for each port. The first thing to do with a Linux system in any network environment is to understand what services the server will provide.
3) Those services that are not needed should be banned, it is better to uninstall them, so that hackers have less chance to attack the system. Check the "/etc/inetd.conf" file to see what services inetd provides. Use the comment method (add the # sign at the beginning of a line) to prohibit any unnecessary services, and then send a SIGHUP signal to the inetd process:
π¦
1) Change the permission of the file to 600.
[root @ deep] # chmod 600 /etc/inetd.conf
2) Make sure the owner of the file is root.
[root @ deep] # stat /etc/inetd.conf
3) Edit the "inetd.conf" file (vi /etc/inetd.conf) and ban all unnecessary services, such as ftp, telnet, shell, login, exec, talk, ntalk, imap, pop-2, pop-3, finger, auth, and more. If you find some services useful, don't ban them.
4) After changing the "inetd.conf" file, don't forget to send a SIGHUP signal (killall -HUP inetd) to the inetd process.
γ[root @ deep / root] # killall -HUP inetd
5) In order to ensure the security of the "inetd.conf" file, you can use the chattr command to make it immutable. To make the file immutable, just use the following command:
[root @ deep] # chattr + i /etc/inetd.conf
6) The file of the "i" attribute cannot be changed: it cannot be deleted or renamed, it cannot be created Link, you cannot write data to this file. Only the system administrator can set and clear this property. If you want to change the inetd.conf file, you must first clear the flag that does not allow changes:
[root @ deep] # chattr -i /etc/inetd.conf
7) but for things like sendmail, Named, www and other services, because they are not like finger, telnet and other services, the inet daemon starts the corresponding process to provide services when the request comes, but runs as a daemon when the system starts. For redhat linux, a linuxconfig command is provided, which can be used to interactively set whether to run related services at startup through the graphical interface. You can also use commands to set whether to start a service at startup, such as: [root @ deep] # chkconfig -level 35 named off.
/etc/hosts.allow file
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 4 Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) And inetd, also known as "super server", is a daemon that monitors some network requests, and it calls the corresponding service process to process connection requests according to the network request. inetd.conf is the configuration file for inetd.
2) The inetd.conf file tells inetd which network ports to listen on and which service to start for each port. The first thing to do with a Linux system in any network environment is to understand what services the server will provide.
3) Those services that are not needed should be banned, it is better to uninstall them, so that hackers have less chance to attack the system. Check the "/etc/inetd.conf" file to see what services inetd provides. Use the comment method (add the # sign at the beginning of a line) to prohibit any unnecessary services, and then send a SIGHUP signal to the inetd process:
π¦
1) Change the permission of the file to 600.
[root @ deep] # chmod 600 /etc/inetd.conf
2) Make sure the owner of the file is root.
[root @ deep] # stat /etc/inetd.conf
3) Edit the "inetd.conf" file (vi /etc/inetd.conf) and ban all unnecessary services, such as ftp, telnet, shell, login, exec, talk, ntalk, imap, pop-2, pop-3, finger, auth, and more. If you find some services useful, don't ban them.
4) After changing the "inetd.conf" file, don't forget to send a SIGHUP signal (killall -HUP inetd) to the inetd process.
γ[root @ deep / root] # killall -HUP inetd
5) In order to ensure the security of the "inetd.conf" file, you can use the chattr command to make it immutable. To make the file immutable, just use the following command:
[root @ deep] # chattr + i /etc/inetd.conf
6) The file of the "i" attribute cannot be changed: it cannot be deleted or renamed, it cannot be created Link, you cannot write data to this file. Only the system administrator can set and clear this property. If you want to change the inetd.conf file, you must first clear the flag that does not allow changes:
[root @ deep] # chattr -i /etc/inetd.conf
7) but for things like sendmail, Named, www and other services, because they are not like finger, telnet and other services, the inet daemon starts the corresponding process to provide services when the request comes, but runs as a daemon when the system starts. For redhat linux, a linuxconfig command is provided, which can be used to interactively set whether to run related services at startup through the graphical interface. You can also use commands to set whether to start a service at startup, such as: [root @ deep] # chkconfig -level 35 named off.
/etc/hosts.allow file
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 5-FINAL Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) In the / etc directory, there are two files: hosts.deny hosts.allow By configuring these two files, you can specify which machines can use these services and which cannot use them.
/ etc / services file
2) The correspondence between port numbers and standard services is defined in detail in RFC 1700 "Assigned Numbers". The "/ etc / services" file enables the server and client programs to convert the service name into a port number.
30 This table exists on each host and its file name is "/ etc / services". Only the "root" user has permission to modify this file, and under normal circumstances it is not necessary to modify this file, because this file already contains the port numbers corresponding to commonly used services. For added security, we can protect this file from unauthorized deletion and alteration. To protect this file, you can use the following command:
[root @ deep] # chattr + i / etc / services
/ etc / securetty file The
"/ etc / securetty" file allows you to specify that the "root" user can log in from that TTY device. The login program (usually "/ bin / login") needs to read the "/ etc / securetty" file. Its format is: all listed tty devices are allowed to log in. Anything that is commented out or does not exist in this file is not allowed to log in as root.
/ etc / inittab file
4) Commenting out a line in the file can prevent the computer from being shut down with Control-Alt-Delete. This is important if the server is not in a secure place.
Edit the inittab file (vi / etc / inittab) and change this line:
γca :: ctrlaltdel: / sbin / shutdown -t3 -r now
to:
#ca :: ctrlaltdel: / sbin / shutdown -t3 -r now
5) Use the following command to make the changes take effect:
[root @ deep] # / sbin / init q
/etc/rc.d/init.d/
/ etc / rc. The scripts under d / init.d / mainly contain script programs for starting services. There is no need for the average user to know the contents of the script file. So you should change the permissions of these script files.
γγ[root @ deep] # chmod -R 700 /etc/rc.d/init.d/*
6) Only root can read, write, and execute scripts in this directory.
[Back to list]
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦PART 5-FINAL Speed Optimization-Detailed Network Configuration File for Tuning Linux Network Performance FULL by Underc0de
instagram.com/UndercOdeTestingCompany
π¦ ππΌππ πππΈβπ :
1) In the / etc directory, there are two files: hosts.deny hosts.allow By configuring these two files, you can specify which machines can use these services and which cannot use them.
/ etc / services file
2) The correspondence between port numbers and standard services is defined in detail in RFC 1700 "Assigned Numbers". The "/ etc / services" file enables the server and client programs to convert the service name into a port number.
30 This table exists on each host and its file name is "/ etc / services". Only the "root" user has permission to modify this file, and under normal circumstances it is not necessary to modify this file, because this file already contains the port numbers corresponding to commonly used services. For added security, we can protect this file from unauthorized deletion and alteration. To protect this file, you can use the following command:
[root @ deep] # chattr + i / etc / services
/ etc / securetty file The
"/ etc / securetty" file allows you to specify that the "root" user can log in from that TTY device. The login program (usually "/ bin / login") needs to read the "/ etc / securetty" file. Its format is: all listed tty devices are allowed to log in. Anything that is commented out or does not exist in this file is not allowed to log in as root.
/ etc / inittab file
4) Commenting out a line in the file can prevent the computer from being shut down with Control-Alt-Delete. This is important if the server is not in a secure place.
Edit the inittab file (vi / etc / inittab) and change this line:
γca :: ctrlaltdel: / sbin / shutdown -t3 -r now
to:
#ca :: ctrlaltdel: / sbin / shutdown -t3 -r now
5) Use the following command to make the changes take effect:
[root @ deep] # / sbin / init q
/etc/rc.d/init.d/
/ etc / rc. The scripts under d / init.d / mainly contain script programs for starting services. There is no need for the average user to know the contents of the script file. So you should change the permissions of these script files.
γγ[root @ deep] # chmod -R 700 /etc/rc.d/init.d/*
6) Only root can read, write, and execute scripts in this directory.
[Back to list]
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking Wireless Networks on Raspberry Pi full by UndercOde :
Most of the commands can run normally on BackTrack5 or Kali. The wireless penetration test that can be implemented on Kali can also be run on the Raspberry Pi. part 1
> Kali Linux operating system on the Raspberry Pi, and the following will introduce the wireless attack on the Raspberry Pi.
π¦ ππΌππ πππΈβπ :
1) Use the ifconfig command on the Raspberry Pi to check whether the wireless network card is recognized. The execution command is as follows:
> root@kali:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:7a:59:75
inet addr:192.168.0.112 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe7a:5975/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:240510 errors:0 dropped:0 overruns:0 frame:0
TX packets:130632 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:275993519 (263.2 MiB) TX bytes:26073827 (24.8 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1706270 errors:0 dropped:0 overruns:0 frame:0
TX packets:1706270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250361463 (238.7 MiB) TX bytes:250361463 (238.7 MiB)
wlan0 Link encap:Ethernet HWaddr 22:34:f7:f6:c1:d0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
2) From the output, you can see that there is an interface named wlan0. This indicates that the wireless network card has been identified. If you don't see similar information, execute the following command to start the wireless network, as shown below:
root@kali:~# ifconfig wlan0 up
3) View the wireless network card information. The execution command is as follows:
> e information output above shows the information about the wireless network card. Such as network card MAC address, channel, encryption, rate and mode.
4) Enable the wireless network card to monitor mode. The execution command is as follows:
fom the output information, you can see that the wireless interface wlan0 has started listening mode, and its listening interface is mon0. You can now use this interface to capture wireless management and control frames.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Cracking Wireless Networks on Raspberry Pi full by UndercOde :
Most of the commands can run normally on BackTrack5 or Kali. The wireless penetration test that can be implemented on Kali can also be run on the Raspberry Pi. part 1
> Kali Linux operating system on the Raspberry Pi, and the following will introduce the wireless attack on the Raspberry Pi.
π¦ ππΌππ πππΈβπ :
1) Use the ifconfig command on the Raspberry Pi to check whether the wireless network card is recognized. The execution command is as follows:
> root@kali:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0c:29:7a:59:75
inet addr:192.168.0.112 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe7a:5975/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:240510 errors:0 dropped:0 overruns:0 frame:0
TX packets:130632 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:275993519 (263.2 MiB) TX bytes:26073827 (24.8 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1706270 errors:0 dropped:0 overruns:0 frame:0
TX packets:1706270 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:250361463 (238.7 MiB) TX bytes:250361463 (238.7 MiB)
wlan0 Link encap:Ethernet HWaddr 22:34:f7:f6:c1:d0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
2) From the output, you can see that there is an interface named wlan0. This indicates that the wireless network card has been identified. If you don't see similar information, execute the following command to start the wireless network, as shown below:
root@kali:~# ifconfig wlan0 up
3) View the wireless network card information. The execution command is as follows:
> e information output above shows the information about the wireless network card. Such as network card MAC address, channel, encryption, rate and mode.
4) Enable the wireless network card to monitor mode. The execution command is as follows:
fom the output information, you can see that the wireless interface wlan0 has started listening mode, and its listening interface is mon0. You can now use this interface to capture wireless management and control frames.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦T he Raspberry Pi, you can use Wireshark's command line programs tcpdump or tshark to capture data. If you don't like to operate on the command line, you can use Wireshark's graphical interface. PART 2
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Start the Wireshark tool. The execution command is as follows:
> root@kali:~# wireshark
2) Select the mon0 interface in the interface list of Wireshark, and click the Start button
3) After starting Wireshark capture, the interface will show
4) In this interface, you can see that the 106 frame is the client sends a Probe Reques packet, requesting to connect to the router. The 107-frame router sent a Probe Response packet in response to the client's request.
5) From the above information, you can see that using a hidden SSID does not mean that it is a secure network. In Wireshark, using MAC address filtering is also not the most effective method. Here you can use the airodump command to monitor a wireless access point and obtain the MAC address of any device connected to the access point. The syntax is as follows:
> airodump-ng βc AP βa bssid(AP MAC ) mon0
6)W hen the client's MAC address is successfully obtained, the user only needs to use the macchanger command to modify the MAC address of their wireless network card to the client's MAC address, and they can successfully connect to the network.
π¦ Use Fern WiFi Cracker tool to attack WEP and WPA / WPA2 wireless networks on Raspberry Pi. The specific operation steps are shown below.
1) Start the Fern WiFi Cracker tool. The execution command is as follows:
> root@kali:~# fern-wifi-cracker
2) Fern WiFi Cracker main interface
> Select the wireless network interface on this interface, and click the Scan for Access points icon to scan the wireless network
3) Select the WiFi WEP or WiFi WPA icon on this interface
4) Select the attack target in this interface. Then click the WiFi Attack button to start the attack
5) From this interface, you can see that 6556 packets have been captured. When about 20,000 packets are captured, the password will be cracked. But this process takes quite a long time and requires patience.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦T he Raspberry Pi, you can use Wireshark's command line programs tcpdump or tshark to capture data. If you don't like to operate on the command line, you can use Wireshark's graphical interface. PART 2
twitter.com/UndercOdeTC
π¦ ππΌππ πππΈβπ :
1) Start the Wireshark tool. The execution command is as follows:
> root@kali:~# wireshark
2) Select the mon0 interface in the interface list of Wireshark, and click the Start button
3) After starting Wireshark capture, the interface will show
4) In this interface, you can see that the 106 frame is the client sends a Probe Reques packet, requesting to connect to the router. The 107-frame router sent a Probe Response packet in response to the client's request.
5) From the above information, you can see that using a hidden SSID does not mean that it is a secure network. In Wireshark, using MAC address filtering is also not the most effective method. Here you can use the airodump command to monitor a wireless access point and obtain the MAC address of any device connected to the access point. The syntax is as follows:
> airodump-ng βc AP βa bssid(AP MAC ) mon0
6)W hen the client's MAC address is successfully obtained, the user only needs to use the macchanger command to modify the MAC address of their wireless network card to the client's MAC address, and they can successfully connect to the network.
π¦ Use Fern WiFi Cracker tool to attack WEP and WPA / WPA2 wireless networks on Raspberry Pi. The specific operation steps are shown below.
1) Start the Fern WiFi Cracker tool. The execution command is as follows:
> root@kali:~# fern-wifi-cracker
2) Fern WiFi Cracker main interface
> Select the wireless network interface on this interface, and click the Scan for Access points icon to scan the wireless network
3) Select the WiFi WEP or WiFi WPA icon on this interface
4) Select the attack target in this interface. Then click the WiFi Attack button to start the attack
5) From this interface, you can see that 6556 packets have been captured. When about 20,000 packets are captured, the password will be cracked. But this process takes quite a long time and requires patience.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Crading Tutorials by Underc0de :
> The evolution of security systems
π¦ ππΌππ πππΈβπ :
1) In the first popular bank cards, all information was stored on a magnetic strip, and most of it was not encrypted in any way, including the account number, name of the issuing bank and data on the parameters of the available credit limit.
2) The PIN code of the card was also stored on the same strip, with which the cardholder could log in to banking services and cash out funds, but in an encrypted form.
3) It is worth noting that, as conceived by the creators of this security system, the owner does not need a PIN code to make purchases - just pass the card through the reader. This was supposed to make the use of the card convenient for the owner, but gave rise to a hacking method that for decades has allowed fraudsters to stay afloat.
4) Most modern banks have already abandoned these types of cards, but they, albeit in small quantities, continue to be used.
> To steal funds from such a card, you only need to steal data from the magnetic strip.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Crading Tutorials by Underc0de :
> The evolution of security systems
π¦ ππΌππ πππΈβπ :
1) In the first popular bank cards, all information was stored on a magnetic strip, and most of it was not encrypted in any way, including the account number, name of the issuing bank and data on the parameters of the available credit limit.
2) The PIN code of the card was also stored on the same strip, with which the cardholder could log in to banking services and cash out funds, but in an encrypted form.
3) It is worth noting that, as conceived by the creators of this security system, the owner does not need a PIN code to make purchases - just pass the card through the reader. This was supposed to make the use of the card convenient for the owner, but gave rise to a hacking method that for decades has allowed fraudsters to stay afloat.
4) Most modern banks have already abandoned these types of cards, but they, albeit in small quantities, continue to be used.
> To steal funds from such a card, you only need to steal data from the magnetic strip.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Methode 1> Protect yourself from it
>1) attackers use a special device - a skimmer to completely copy data from a bank card, and then make a full copy of it. After that, the fraudster usually tries to take possession of money as soon as possible - he makes a number of expensive purchases and sells goods for cash.
2) Currently, bank cards use a more modern security system - a chip. It, unlike a magnetic strip, is sewn into a plastic card and stores almost all information about the owner in encrypted form.
3) The exception is the card number, several recent transactions and other information that is determined by the issuing bank and the payment system. At the same time, customer data is not transmitted directly through the terminal - instead, a specially generated code is sent, which is checked in the bank database.
4) this protection is not absolutely safe. For example, in France, a group of hackers was able to steal more than $ 680 thousand, bypassing a similar protection system. Specialists from Γcole Normale SupΓ©rieure (Higher Normal School) had to conduct a whole study to find out how hackers managed to carry out the theft.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Methode 1> Protect yourself from it
>1) attackers use a special device - a skimmer to completely copy data from a bank card, and then make a full copy of it. After that, the fraudster usually tries to take possession of money as soon as possible - he makes a number of expensive purchases and sells goods for cash.
2) Currently, bank cards use a more modern security system - a chip. It, unlike a magnetic strip, is sewn into a plastic card and stores almost all information about the owner in encrypted form.
3) The exception is the card number, several recent transactions and other information that is determined by the issuing bank and the payment system. At the same time, customer data is not transmitted directly through the terminal - instead, a specially generated code is sent, which is checked in the bank database.
4) this protection is not absolutely safe. For example, in France, a group of hackers was able to steal more than $ 680 thousand, bypassing a similar protection system. Specialists from Γcole Normale SupΓ©rieure (Higher Normal School) had to conduct a whole study to find out how hackers managed to carry out the theft.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Bin
> Dropbox
Bin: 489504xxxxxxxxxx
Date: 02/24
IP: USA
zip: 40018
π¦EBAY BIN
434256403xxxxxxx
468451005665xxxx
01-21
137
542432147777xxxx
|05|
2022
516737100287xxxx 05/21
IP: Estados unidos
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Bin
> Dropbox
Bin: 489504xxxxxxxxxx
Date: 02/24
IP: USA
zip: 40018
π¦EBAY BIN
434256403xxxxxxx
468451005665xxxx
01-21
137
542432147777xxxx
|05|
2022
516737100287xxxx 05/21
IP: Estados unidos
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Good Proxies :
177.66.195.82:4145 185.189.208.177:51693 103.247.13.129:4145 31.171.71.74:4145 85.187.255.6:4145 92.255.178.64:4145 177.11.245.17:4145 177.86.159.92:61316 95.179.158.90:32204 50.247.72.33:54321 103.112.129.82:1080 138.59.233.46:10801 50.253.49.189:54321 188.242.224.144:42622 85.206.57.202:4145 181.113.25.106:55137 123.108.249.82:58853 140.82.59.139:31125 221.120.98.49:44553 117.254.60.67:4145 196.3.98.109:14888 203.160.59.153:38631 181.113.25.146:41944 89.208.176.12:4145 178.79.46.5:39046 134.209.189.228:9999 177.84.115.89:4145 103.41.147.152:42867 103.247.100.154:4145 168.121.137.64:10801 168.227.212.129:4145 190.184.144.146:43806 177.66.89.50:63253 41.223.234.74:4145 178.215.170.83:7070 190.214.55.218:30662 109.160.97.49:4145 88.87.81.217:61407 217.30.73.152:40546 103.197.48.49:8291 36.66.151.189:41838 36.66.116.7:41185 195.20.102.248:53423 103.67.16.221:4153 45.77.55.103:32444 50.251.183.1:32100 113.11.136.28:4145 202.40.186.226:32324 93.191.14.103:9999 116.90.237.106:39992 177.67.242.222:4145 103.14.251.144:34432 80.78.64.70:4145 202.84.35.134:48538 138.255.14.6:63253 103.108.128.178:4153 194.177.31.138:40761 200.195.26.66:4145 189.50.11.198:33555 177.23.104.38:40760 103.75.100.241:4145 117.252.69.153:44550 179.49.59.227:10801 203.188.252.239:43393 181.16.136.40:45827 180.250.196.178:4145 45.77.138.197:31762 177.190.170.11:60120 189.105.30.246:4145 110.74.193.108:55762 103.255.73.10:61990 103.206.253.58:53934 188.235.107.77:59891 93.87.9.66:3629 45.164.88.2:4145 89.250.149.114:59599 90.188.40.74:4145 173.199.70.238:32002 209.250.249.214:31443 199.247.28.53:32244 173.199.71.126:32762 177.10.144.22:1080 103.211.152.242:51039 179.99.246.216:4145 110.232.74.13:47094 37.26.86.118:31826 109.251.76.229:4145 88.119.136.221:55616 79.101.63.194:4145 109.69.4.148:4145 178.151.143.112:56264 195.110.53.148:4153 200.233.220.166:43801 217.13.222.129:4145 103.76.243.186:4145 177.38.166.7:4145 177.220.170.34:4145 180.245.36.191:4145 80.78.73.222:4145 45.63.43.205:33524 181.209.82.154:14888 138.255.14.15:63253 143.208.146.246:55909 41.60.232.194:59341 45.7.133.174:4145 82.114.86.91:44358 85.92.183.37:4145 202.191.121.66:4145 110.232.249.159:4145 45.64.134.34:45984 95.65.69.139:1080 31.135.125.253:4145 196.61.14.7:39979 103.85.163.138:40679 103.245.19.73:42204 103.54.30.94:43657 103.239.255.170:58733 103.200.40.194:4145 45.63.41.113:32002 119.42.118.175:4145 137.59.161.226:33716 80.168.155.141:61650 124.41.240.66:59534 45.114.72.27:44550 103.113.229.202:4145 81.33.4.214:49311 178.69.12.30:50893 103.8.58.5:49587 118.175.207.240:4145 177.129.136.173:63253 181.114.33.22:4145 103.26.245.190:34836 196.250.0.207:4145 179.108.137.82:4145 181.112.62.122:40372 37.192.194.50:35437 31.209.96.173:51688 79.164.176.68:4145 77.93.248.67:4145 177.74.118.5:39593 203.83.162.70:13629 82.198.187.83:4145 181.129.74.58:41760 202.152.135.241:4145 178.16.138.198:4145 185.188.218.14:4145 109.175.29.7:51372 116.199.172.210:59311 160.238.163.18:4145 176.36.89.203:60155 31.129.175.214:54512 191.37.147.210:4145 189.45.42.150:40063 212.107.232.45:4145 103.37.82.118:36500 190.90.7.130:10801 103.113.104.136:1080 117.206.83.122:44550 168.90.91.22:4145 138.68.41.90:1080 109.160.55.202:4145 91.122.193.80:4145 93.42.192.110:34145 158.58.133.15:30992 185.253.74.206:1080 103.68.1.46:34285 103.242.14.8:37318 182.163.102.150:4145 186.226.170.240:8291 45.55.27.15:1080 45.55.27.161:1080 116.206.153.2:40428 185.51.92.108:51327 94.100.220.20:40543 117.102.77.204:4145 80.245.115.97:4145 43.245.140.190:4153 94.230.134.77:52425 191.102.250.145:4145 94.127.144.179:37302 87.120.179.74:4145 220.135.2.247:59171 199.247.28.82:31165 45.63.116.11:33926
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Good Proxies :
177.66.195.82:4145 185.189.208.177:51693 103.247.13.129:4145 31.171.71.74:4145 85.187.255.6:4145 92.255.178.64:4145 177.11.245.17:4145 177.86.159.92:61316 95.179.158.90:32204 50.247.72.33:54321 103.112.129.82:1080 138.59.233.46:10801 50.253.49.189:54321 188.242.224.144:42622 85.206.57.202:4145 181.113.25.106:55137 123.108.249.82:58853 140.82.59.139:31125 221.120.98.49:44553 117.254.60.67:4145 196.3.98.109:14888 203.160.59.153:38631 181.113.25.146:41944 89.208.176.12:4145 178.79.46.5:39046 134.209.189.228:9999 177.84.115.89:4145 103.41.147.152:42867 103.247.100.154:4145 168.121.137.64:10801 168.227.212.129:4145 190.184.144.146:43806 177.66.89.50:63253 41.223.234.74:4145 178.215.170.83:7070 190.214.55.218:30662 109.160.97.49:4145 88.87.81.217:61407 217.30.73.152:40546 103.197.48.49:8291 36.66.151.189:41838 36.66.116.7:41185 195.20.102.248:53423 103.67.16.221:4153 45.77.55.103:32444 50.251.183.1:32100 113.11.136.28:4145 202.40.186.226:32324 93.191.14.103:9999 116.90.237.106:39992 177.67.242.222:4145 103.14.251.144:34432 80.78.64.70:4145 202.84.35.134:48538 138.255.14.6:63253 103.108.128.178:4153 194.177.31.138:40761 200.195.26.66:4145 189.50.11.198:33555 177.23.104.38:40760 103.75.100.241:4145 117.252.69.153:44550 179.49.59.227:10801 203.188.252.239:43393 181.16.136.40:45827 180.250.196.178:4145 45.77.138.197:31762 177.190.170.11:60120 189.105.30.246:4145 110.74.193.108:55762 103.255.73.10:61990 103.206.253.58:53934 188.235.107.77:59891 93.87.9.66:3629 45.164.88.2:4145 89.250.149.114:59599 90.188.40.74:4145 173.199.70.238:32002 209.250.249.214:31443 199.247.28.53:32244 173.199.71.126:32762 177.10.144.22:1080 103.211.152.242:51039 179.99.246.216:4145 110.232.74.13:47094 37.26.86.118:31826 109.251.76.229:4145 88.119.136.221:55616 79.101.63.194:4145 109.69.4.148:4145 178.151.143.112:56264 195.110.53.148:4153 200.233.220.166:43801 217.13.222.129:4145 103.76.243.186:4145 177.38.166.7:4145 177.220.170.34:4145 180.245.36.191:4145 80.78.73.222:4145 45.63.43.205:33524 181.209.82.154:14888 138.255.14.15:63253 143.208.146.246:55909 41.60.232.194:59341 45.7.133.174:4145 82.114.86.91:44358 85.92.183.37:4145 202.191.121.66:4145 110.232.249.159:4145 45.64.134.34:45984 95.65.69.139:1080 31.135.125.253:4145 196.61.14.7:39979 103.85.163.138:40679 103.245.19.73:42204 103.54.30.94:43657 103.239.255.170:58733 103.200.40.194:4145 45.63.41.113:32002 119.42.118.175:4145 137.59.161.226:33716 80.168.155.141:61650 124.41.240.66:59534 45.114.72.27:44550 103.113.229.202:4145 81.33.4.214:49311 178.69.12.30:50893 103.8.58.5:49587 118.175.207.240:4145 177.129.136.173:63253 181.114.33.22:4145 103.26.245.190:34836 196.250.0.207:4145 179.108.137.82:4145 181.112.62.122:40372 37.192.194.50:35437 31.209.96.173:51688 79.164.176.68:4145 77.93.248.67:4145 177.74.118.5:39593 203.83.162.70:13629 82.198.187.83:4145 181.129.74.58:41760 202.152.135.241:4145 178.16.138.198:4145 185.188.218.14:4145 109.175.29.7:51372 116.199.172.210:59311 160.238.163.18:4145 176.36.89.203:60155 31.129.175.214:54512 191.37.147.210:4145 189.45.42.150:40063 212.107.232.45:4145 103.37.82.118:36500 190.90.7.130:10801 103.113.104.136:1080 117.206.83.122:44550 168.90.91.22:4145 138.68.41.90:1080 109.160.55.202:4145 91.122.193.80:4145 93.42.192.110:34145 158.58.133.15:30992 185.253.74.206:1080 103.68.1.46:34285 103.242.14.8:37318 182.163.102.150:4145 186.226.170.240:8291 45.55.27.15:1080 45.55.27.161:1080 116.206.153.2:40428 185.51.92.108:51327 94.100.220.20:40543 117.102.77.204:4145 80.245.115.97:4145 43.245.140.190:4153 94.230.134.77:52425 191.102.250.145:4145 94.127.144.179:37302 87.120.179.74:4145 220.135.2.247:59171 199.247.28.82:31165 45.63.116.11:33926
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HACK CC FROM ZEUS TORGAN-DETAILS
t.me/UndercOdeTesting
1) Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows.
2) While it can be used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. It is also used to install the CryptoLocker ransomware.
3) Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation,
> it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek.
4) Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected(powered by wiki-posted on underc0de
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HACK CC FROM ZEUS TORGAN-DETAILS
t.me/UndercOdeTesting
1) Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows.
2) While it can be used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. It is also used to install the CryptoLocker ransomware.
3) Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation,
> it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek.
4) Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected(powered by wiki-posted on underc0de
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Linux tool script>. chinia script
Linux daily life, coding
T.me/UndercOdeTesting
PS: This script is only used for Debian, Kali,Linux Mint Please write your own for other distributions.
> Small ps: If you have good suggestions (or applications and terminal tools), or use some places that you do not understand, you are welcome to join the community QQ group exchange;
use:
1) git clone https://github.com/YGoldking/DailyLinux.git
2) cd DailyLinux/
3) chmod +x install.sh
4) ./install.sh
5) Update this script to run:./upgrade.sh
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Linux tool script>. chinia script
Linux daily life, coding
T.me/UndercOdeTesting
PS: This script is only used for Debian, Kali,Linux Mint Please write your own for other distributions.
> Small ps: If you have good suggestions (or applications and terminal tools), or use some places that you do not understand, you are welcome to join the community QQ group exchange;
use:
1) git clone https://github.com/YGoldking/DailyLinux.git
2) cd DailyLinux/
3) chmod +x install.sh
4) ./install.sh
5) Update this script to run:./upgrade.sh
@UndercOdeOfficial
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Intranet penetration using SSH reverse tunnel
instagram.com/UndercOdeTestingCompany
1) No matter it is infiltration or in the open air, intranet penetration is an important link. We and our assigned intranet IP cannot be accessed through the extranet, so this article will show you how to use Linux. SSH reverse tunnel for intranet penetration.
2) Suppose machines A and B, A has a public IP, and B is behind NAT and has no available port forwarding.
3) Now I want to initiate an SSH connection to B from A. Because B is behind the NAT, there is no such combination of public IP + port available , so A cannot penetrate NAT. This article deals with this situation. Also encountered by most people.
π¦ Let's first assume the following machines:
Machine code Machine position address Account ssh / sshd port Do you need to run sshd
A Public network a.site usera twenty two Yes
B Behind NAT localhost userb twenty two Yes
C Behind NAT localhost userc twenty two no
SSH direction tunnel connection
4) This method refers to the active establishment of an SSH tunnel from B to A, which forwards port 6766 of A to port B. As long as the tunnel is not closed, this forwarding is effective. You only need to access A's 6766 port to connect to B in reverse.
5) First establish an SSH tunnel on B, and forward port 6676 of A to port 22 of B:
> B $ ssh -p 22 -qngfNTR 6766: localhost: 22 usera@a.site
Then use 6766 reverse SSH to B on A
> A $ ssh -p 6766 userb @ localhost
The thing to do is actually that simple.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Intranet penetration using SSH reverse tunnel
instagram.com/UndercOdeTestingCompany
1) No matter it is infiltration or in the open air, intranet penetration is an important link. We and our assigned intranet IP cannot be accessed through the extranet, so this article will show you how to use Linux. SSH reverse tunnel for intranet penetration.
2) Suppose machines A and B, A has a public IP, and B is behind NAT and has no available port forwarding.
3) Now I want to initiate an SSH connection to B from A. Because B is behind the NAT, there is no such combination of public IP + port available , so A cannot penetrate NAT. This article deals with this situation. Also encountered by most people.
π¦ Let's first assume the following machines:
Machine code Machine position address Account ssh / sshd port Do you need to run sshd
A Public network a.site usera twenty two Yes
B Behind NAT localhost userb twenty two Yes
C Behind NAT localhost userc twenty two no
SSH direction tunnel connection
4) This method refers to the active establishment of an SSH tunnel from B to A, which forwards port 6766 of A to port B. As long as the tunnel is not closed, this forwarding is effective. You only need to access A's 6766 port to connect to B in reverse.
5) First establish an SSH tunnel on B, and forward port 6676 of A to port 22 of B:
> B $ ssh -p 22 -qngfNTR 6766: localhost: 22 usera@a.site
Then use 6766 reverse SSH to B on A
> A $ ssh -p 6766 userb @ localhost
The thing to do is actually that simple.
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Maintenance of the tunnel
> Stability maintenance
1) Unfortunately, the SSH connection will be closed overtime. If the connection is closed and the tunnel cannot be maintained, then A cannot use the reverse tunnel to penetrate B's NAT.
2) Therefore, we need a solution to provide a stable SSH To the tunnel.
3) One of the easiest methods is autossh. This software will automatically establish an SSH tunnel after a timeout. This solves the problem of tunnel stability. If you use Arch Linux, you can get it like this:
> $ sudo pacman -S autossh
4) Let's do something similar on B before, except that the tunnel will be maintained by autossh:
> B $ autossh -p 22 -M 6777 -NR 6766: localhost: 22 usera@a.site
5) The port specified by the -M parameter is used to monitor the status of the tunnel and has nothing to do with port forwarding.
> Then you can access B on port 6766 on A:
> A $ ssh -p 6766 user @ localhost
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Maintenance of the tunnel
> Stability maintenance
1) Unfortunately, the SSH connection will be closed overtime. If the connection is closed and the tunnel cannot be maintained, then A cannot use the reverse tunnel to penetrate B's NAT.
2) Therefore, we need a solution to provide a stable SSH To the tunnel.
3) One of the easiest methods is autossh. This software will automatically establish an SSH tunnel after a timeout. This solves the problem of tunnel stability. If you use Arch Linux, you can get it like this:
> $ sudo pacman -S autossh
4) Let's do something similar on B before, except that the tunnel will be maintained by autossh:
> B $ autossh -p 22 -M 6777 -NR 6766: localhost: 22 usera@a.site
5) The port specified by the -M parameter is used to monitor the status of the tunnel and has nothing to do with port forwarding.
> Then you can access B on port 6766 on A:
> A $ ssh -p 6766 user @ localhost
Written by UndercOde
β β β ο½ππ»βΊπ«Δπ¬πβ β β β