β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FRESH ELITE PROXIES
T.me/UndercodeTesting
47.106.170.9 8000 1 hour ago
1945 ms 32% (75) cn China Elite -
47.94.200.124 3128 1 hour ago
1440 ms 25% (72) cn China - Hangzhou Elite -
80.187.140.26 8080 1 hour ago
740 ms 92% (57) de Germany Elite -
82.119.170.106 8080 1 hour ago
729 ms 87% (52) de Germany - Berlin Elite -
5.202.192.149 8080 1 hour ago
3873 ms 14% (68) ir Iran Elite -
91.205.174.26 80 1 hour ago
1041 ms 85% (60) de Germany - Munich Elite -
167.99.75.87 8080 1 hour ago
1517 ms 57% (53) sg Singapore Elite -
178.128.53.246 8080 1 hour ago
1118 ms 73% (47) gr Greece Elite -
195.209.176.2 8080 1 hour ago
3626 ms 16% (69) ru Russia Elite -
109.195.131.124 8080 1 hour ago
763 ms 70% (49) ru Russia Elite -
124.106.86.10 8080 1 hour ago
2659 ms 50% (51) ph Philippines Elite -
159.138.20.247 80 1 hour ago
2623 ms 7% (77) hk Hong Kong Elite -
155.93.240.101 8080 1 hour ago
2541 ms 38% (56) za South Africa - Brackenfell Elite -
211.149.252.155 8888 1 hour ago
923 ms 3% (90) cn China Elite -
202.138.241.166 8080 1 hour ago
2964 ms 15% (69) id Indonesia - Bandung Elite -
37.111.42.210 8080 1 hour ago
3993 ms 23% (70) mm Myanmar Elite -
49.81.26.214 4216 1 hour ago
4105 ms 55% (46) cn China Elite -
101.132.39.115 8080 1 hour ago
2282 ms 26% (66) cn China - Hangzhou Elite -
77.38.21.239 8080 1 hour ago
4513 ms 10% (73) si Slovenia - Smartno pri Slovenj Gradcu Elite -
187.60.163.242 8081 1 hour ago
3554 ms 19% (72) br Brazil - Linhares Elite -
103.253.113.54 80 1 hour ago
3960 ms 9% (86) id Indonesia Elite -
113.254.182.241 80 1 hour ago
817 ms 19% (55) hk Hong Kong - Central Elite -
159.65.43.38 8118 1 hour ago
1133 ms 7% (95) us United States - Clifton Elite -
159.8.114.37 25 1 hour ago
377 ms 100% (43) fr France - Clichy Elite -
144.76.214.158 1080 1 hour ago
3079 ms 66% (52) de Germany Elite -
159.138.21.170 80 1 hour ago
2561 ms 13% (72) hk Hong Kong Elite -
79.137.44.85 3129 1 hour ago
2201 ms 58% (71) es Spain - Madrid Elite -
62.213.14.166 8080 1 hour ago
2917 ms 26% (62) ru Russia - Samara Elite -
91.236.61.65 8080 1 hour ago
3438 ms 28% (72) ru Russia - Ivanovo Elite -
188.40.183.185 1080 1 hour ago
2935 ms 72% (60) de Germany Elite -
35.220.131.188 80 1 hour ago
992 ms 29% (70) us United States Elite -
36.37.177.186 8080 1 hour ago
3356 ms 41% (62) kh Cambodia Elite -
34.214.16.51 8080 1 hour ago
3325 ms 3% (89) us United States - Boardman Elite -
159.138.22.112 443 1 hour ago
3658 ms 30% (67) hk Hong Kong Elite -
169.57.157.148 25 1 hour ago
586 ms 100% (43) br Brazil - SΓ£o Paulo Elite -
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ FRESH ELITE PROXIES
T.me/UndercodeTesting
47.106.170.9 8000 1 hour ago
1945 ms 32% (75) cn China Elite -
47.94.200.124 3128 1 hour ago
1440 ms 25% (72) cn China - Hangzhou Elite -
80.187.140.26 8080 1 hour ago
740 ms 92% (57) de Germany Elite -
82.119.170.106 8080 1 hour ago
729 ms 87% (52) de Germany - Berlin Elite -
5.202.192.149 8080 1 hour ago
3873 ms 14% (68) ir Iran Elite -
91.205.174.26 80 1 hour ago
1041 ms 85% (60) de Germany - Munich Elite -
167.99.75.87 8080 1 hour ago
1517 ms 57% (53) sg Singapore Elite -
178.128.53.246 8080 1 hour ago
1118 ms 73% (47) gr Greece Elite -
195.209.176.2 8080 1 hour ago
3626 ms 16% (69) ru Russia Elite -
109.195.131.124 8080 1 hour ago
763 ms 70% (49) ru Russia Elite -
124.106.86.10 8080 1 hour ago
2659 ms 50% (51) ph Philippines Elite -
159.138.20.247 80 1 hour ago
2623 ms 7% (77) hk Hong Kong Elite -
155.93.240.101 8080 1 hour ago
2541 ms 38% (56) za South Africa - Brackenfell Elite -
211.149.252.155 8888 1 hour ago
923 ms 3% (90) cn China Elite -
202.138.241.166 8080 1 hour ago
2964 ms 15% (69) id Indonesia - Bandung Elite -
37.111.42.210 8080 1 hour ago
3993 ms 23% (70) mm Myanmar Elite -
49.81.26.214 4216 1 hour ago
4105 ms 55% (46) cn China Elite -
101.132.39.115 8080 1 hour ago
2282 ms 26% (66) cn China - Hangzhou Elite -
77.38.21.239 8080 1 hour ago
4513 ms 10% (73) si Slovenia - Smartno pri Slovenj Gradcu Elite -
187.60.163.242 8081 1 hour ago
3554 ms 19% (72) br Brazil - Linhares Elite -
103.253.113.54 80 1 hour ago
3960 ms 9% (86) id Indonesia Elite -
113.254.182.241 80 1 hour ago
817 ms 19% (55) hk Hong Kong - Central Elite -
159.65.43.38 8118 1 hour ago
1133 ms 7% (95) us United States - Clifton Elite -
159.8.114.37 25 1 hour ago
377 ms 100% (43) fr France - Clichy Elite -
144.76.214.158 1080 1 hour ago
3079 ms 66% (52) de Germany Elite -
159.138.21.170 80 1 hour ago
2561 ms 13% (72) hk Hong Kong Elite -
79.137.44.85 3129 1 hour ago
2201 ms 58% (71) es Spain - Madrid Elite -
62.213.14.166 8080 1 hour ago
2917 ms 26% (62) ru Russia - Samara Elite -
91.236.61.65 8080 1 hour ago
3438 ms 28% (72) ru Russia - Ivanovo Elite -
188.40.183.185 1080 1 hour ago
2935 ms 72% (60) de Germany Elite -
35.220.131.188 80 1 hour ago
992 ms 29% (70) us United States Elite -
36.37.177.186 8080 1 hour ago
3356 ms 41% (62) kh Cambodia Elite -
34.214.16.51 8080 1 hour ago
3325 ms 3% (89) us United States - Boardman Elite -
159.138.22.112 443 1 hour ago
3658 ms 30% (67) hk Hong Kong Elite -
169.57.157.148 25 1 hour ago
586 ms 100% (43) br Brazil - SΓ£o Paulo Elite -
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ install kali tools in Termux tool METHODE 2 for beginers :-
t.me/UndercodeTesting
step 1 :- Install Termux from Play Store
step 2:- Open Termux application
step 3:- Update termux using this command apt update
step 4:- now install some important packages
pkg install clang
pkg install git
step 5 :- install python2, you must be install python2
pkg install python2
step 6 :- install lazymux on Your Termux
git clone https://github.com/Gameye98/Lazymux.git
step 7 :- make the python file executable
chmod +x lazymux.py
step 8 :- Now run Lazymux :- python2 lazymux.py
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ install kali tools in Termux tool METHODE 2 for beginers :-
t.me/UndercodeTesting
step 1 :- Install Termux from Play Store
step 2:- Open Termux application
step 3:- Update termux using this command apt update
step 4:- now install some important packages
pkg install clang
pkg install git
step 5 :- install python2, you must be install python2
pkg install python2
step 6 :- install lazymux on Your Termux
git clone https://github.com/Gameye98/Lazymux.git
step 7 :- make the python file executable
chmod +x lazymux.py
step 8 :- Now run Lazymux :- python2 lazymux.py
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 ATTACKS FOR HACK WIFI
Rogue Wireless Devices: ...
Peer-to-peer Attacks: ...
Eavesdropping: ...
Encryption Cracking: ...
Authentication Attacks: ...
MAC Spoofing: ...
Management Interface Exploits: ...
Wireless Hijacking:
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 ATTACKS FOR HACK WIFI
Rogue Wireless Devices: ...
Peer-to-peer Attacks: ...
Eavesdropping: ...
Encryption Cracking: ...
Authentication Attacks: ...
MAC Spoofing: ...
Management Interface Exploits: ...
Wireless Hijacking:
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WIFI HACKING -great rogue hotspad in 2020 :
fb.com/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/InfamousSYN/rogue.git
2) cd rogue
3) python install.py
usage: python rogue.py -i wlan0 -h g -c 6 -e rogue --auth open --internet
π¦FEATURES :
> ostile portal
> Integration with metasploit
> Add an automated update system
> Create automation DNS spoofing system for cloned websites
> Add support to allow for RDP MITM attacks
> Add support for keyboard interruption closing
> Add support for 3 additional user-defined sslsplit selections
> Segment freeradius-wpe.conf file into individual EAP mode templates for increased control, and add an "all" mode.
> INCLUDE :
hostapd-wpe
freeradius-wpe
isc-dhcp-server
httrack
sslsplit
responder
be3f framework
apache2/httpd
openssl
tcpdump
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WIFI HACKING -great rogue hotspad in 2020 :
fb.com/UndercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
1) git clone https://github.com/InfamousSYN/rogue.git
2) cd rogue
3) python install.py
usage: python rogue.py -i wlan0 -h g -c 6 -e rogue --auth open --internet
π¦FEATURES :
> ostile portal
> Integration with metasploit
> Add an automated update system
> Create automation DNS spoofing system for cloned websites
> Add support to allow for RDP MITM attacks
> Add support for keyboard interruption closing
> Add support for 3 additional user-defined sslsplit selections
> Segment freeradius-wpe.conf file into individual EAP mode templates for increased control, and add an "all" mode.
> INCLUDE :
hostapd-wpe
freeradius-wpe
isc-dhcp-server
httrack
sslsplit
responder
be3f framework
apache2/httpd
openssl
tcpdump
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How prevent this kind of wifi attack ?
T.me/UndercodeTesting
Look for the following rogue AP characteristics:
1) Odd SSIDs, including the popular default ones such as linksys and free wifi.
2) Odd AP system names β that is, the name of the AP if your hardware supports this feature. Not to be confused with the SSID.
3) MAC addresses that donβt belong on your network. Look at the first three bytes of the MAC address, which specify the vendor name. You can perform a MAC-address vendor lookup to find information on APs youβre unsure of.
4) Weak radio signals, which can indicate that an AP has been hidden away or is adjacent to or even outside of your building.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ How prevent this kind of wifi attack ?
T.me/UndercodeTesting
Look for the following rogue AP characteristics:
1) Odd SSIDs, including the popular default ones such as linksys and free wifi.
2) Odd AP system names β that is, the name of the AP if your hardware supports this feature. Not to be confused with the SSID.
3) MAC addresses that donβt belong on your network. Look at the first three bytes of the MAC address, which specify the vendor name. You can perform a MAC-address vendor lookup to find information on APs youβre unsure of.
4) Weak radio signals, which can indicate that an AP has been hidden away or is adjacent to or even outside of your building.
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦NETWORK ATTACKs & How works For beginers by Undercode
t.me/UndercodeTesting
1) Illegal use of wireless network: Campus wireless network often happens to send advertising letters, infringing intellectual property rights; and the hacker's favorite wireless network is a wireless network that does not require certification, such as school teachers and students often set up by themselves Wireless network, and using a wireless network access point that has not changed the factory settings at all, can easily be used by hackers to do illegal things. Finally, the teachers and students who set up the wireless network access point are the ones behind it.
2) Eavesdropping (Eavesdropping): Eavesdropping refers to intruders monitoring wireless network communication content and using the eavesdropping content to obtain the victim's personal information such as account / password; the most common example is to steal the victim's login account when logging in to the wireless network password.
3) Traffic Analysis: Traffic analysis is to analyze the traffic, content, and behavior of wireless network communications. Through the analysis of communication content or traffic, you can obtain considerable data on the target network, such as: server address, Communication mode, etc.
4) Masquerade: Masquerade refers to an attacker setting up an illegally disguised wireless network system to deceive users. For example, an attacker can set a wireless network identification code (SSID, Service Set Identifier) ββthat requires authentication, such as disguising the wireless network ntu system of NTU campus, after defrauding the victim βs account account password, log in to the school and use the account account password Any system certified.
5) Replay: Replay means that the attacker will resend some communication content (such as authentication information) intercepted from the wireless network to deceive the wireless network authentication system.
6) Message Modification: Message modification refers to an attacker adding, deleting, or changing the content of wireless network communications.
7) Denial of service: Denial of service is probably the most familiar attack method. Attackers use various possible methods (ICMP flooding, UDP flooding, etc.) to prevent users and administrators from obtaining system resources. And services. However, the bandwidth of wireless network users is much lower than that of back-end wired devices, so when encountering a service denial attack, other users who are using wireless networks will not easily notice. However, there is another type of service blocking attack that exploits IP protocol vulnerabilities. For example, the attacker acts as a DHCP server to allow the user to obtain an incorrect IP when requesting an IP. Another example is when the attacker tells the user to attack via ARP (Address Resolution Protocol). The user's computer is the default gateway (Default Gateway). At this time, the user's traffic goes to the attacker's computer, and the victim cannot use the wireless network.
8) Man-in-the-middle attack: refers to an attacker who can act as a man-in- the-middle, allowing communication between the two ends to pass through him, and reading, inserting, and changing the transmission without the knowledge of both ends of the communication message.
γWRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦NETWORK ATTACKs & How works For beginers by Undercode
t.me/UndercodeTesting
1) Illegal use of wireless network: Campus wireless network often happens to send advertising letters, infringing intellectual property rights; and the hacker's favorite wireless network is a wireless network that does not require certification, such as school teachers and students often set up by themselves Wireless network, and using a wireless network access point that has not changed the factory settings at all, can easily be used by hackers to do illegal things. Finally, the teachers and students who set up the wireless network access point are the ones behind it.
2) Eavesdropping (Eavesdropping): Eavesdropping refers to intruders monitoring wireless network communication content and using the eavesdropping content to obtain the victim's personal information such as account / password; the most common example is to steal the victim's login account when logging in to the wireless network password.
3) Traffic Analysis: Traffic analysis is to analyze the traffic, content, and behavior of wireless network communications. Through the analysis of communication content or traffic, you can obtain considerable data on the target network, such as: server address, Communication mode, etc.
4) Masquerade: Masquerade refers to an attacker setting up an illegally disguised wireless network system to deceive users. For example, an attacker can set a wireless network identification code (SSID, Service Set Identifier) ββthat requires authentication, such as disguising the wireless network ntu system of NTU campus, after defrauding the victim βs account account password, log in to the school and use the account account password Any system certified.
5) Replay: Replay means that the attacker will resend some communication content (such as authentication information) intercepted from the wireless network to deceive the wireless network authentication system.
6) Message Modification: Message modification refers to an attacker adding, deleting, or changing the content of wireless network communications.
7) Denial of service: Denial of service is probably the most familiar attack method. Attackers use various possible methods (ICMP flooding, UDP flooding, etc.) to prevent users and administrators from obtaining system resources. And services. However, the bandwidth of wireless network users is much lower than that of back-end wired devices, so when encountering a service denial attack, other users who are using wireless networks will not easily notice. However, there is another type of service blocking attack that exploits IP protocol vulnerabilities. For example, the attacker acts as a DHCP server to allow the user to obtain an incorrect IP when requesting an IP. Another example is when the attacker tells the user to attack via ARP (Address Resolution Protocol). The user's computer is the default gateway (Default Gateway). At this time, the user's traffic goes to the attacker's computer, and the victim cannot use the wireless network.
8) Man-in-the-middle attack: refers to an attacker who can act as a man-in- the-middle, allowing communication between the two ends to pass through him, and reading, inserting, and changing the transmission without the knowledge of both ends of the communication message.
γWRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ penetrated two layers of NAT
> SSH direction tunnel connection tutorial :
instagram.com/UndercodeTesting
> This means that B actively initiates an SSH tunnel from B to A, and forwards port 6766 of A to port B. As long as the tunnel is not closed, this forwarding is effective. Only need to visit A's 6766 port to connect to B in reverse.
π¦ ππΌπ'π πππΈβπ
First establish an SSH tunnel on B, and forward port 6766 of A to port 22 of B:
1) B $ ssh -p 22 -qngfNTR 6766: localhost: 22 usera@a.site
Then use 6766 on A to reverse SSH to B
2) A $ ssh -p 6766 userb @ localhost
The thing to do is actually that simple.
Tunnel maintenance
Stability maintenance
3) Unfortunately, the SSH connection will be closed overtime. If the connection is closed and the tunnel cannot be maintained, then A cannot use the reverse tunnel to penetrate the NAT where B is located. Therefore, we need a solution to provide a stable To the tunnel.
4) One of the easiest methods is autossh. This software will automatically establish an SSH tunnel after timeout, which solves the problem of tunnel stability. If you use Arch Linux, you can obtain it like this:
> $ sudo pacman -S autossh
5) The following does something similar on B, except that the tunnel will be maintained by autossh:
> B $ autossh -p 22 -M 6777 -NR 6766: localhost: 22 usera@a.site
6) The port specified by the -M parameter is used to monitor the status of the tunnel, regardless of port forwarding.
> Then you can access B through port 6766 on A:
7) A $ ssh -p 6766 user @ localhost
Automatic tunnel establishment
However, this has another problem. If B restarts the tunnel, it will disappear. Then there needs to be a means autossh to establish an SSH tunnel every time B starts . One idea is to make the service very natural, then it will be given in systemd a solution under the program.
"Punch"
8) The reason why the title starts so because I think this thing is a bit similar to UDP hole punching, that is, through a machine on the public network, let two machines located behind their respective NAT can establish SSH connection.
9) The following demonstrates how to use SSH reverse tunnel to connect C to B.
10) First edit the configuration file on A , and turn on the switch:sshd/etc/ssh/sshd_configGatewayPorts
> GtaewayPorts yes
Then restart ssh
> A $ sudo systemct1 restart sshd
11) Then on B, modify the autossh command used previously:
12) B $ autossh -p 22 -M 6777 -NR '*: 6766: localhost: 22' user@a.site
After that, connect to B on C using A's 6766 port SSH:
> C $ ssh -p 6766 user@a.site
At this point you have easily penetrated two layers of NAT
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ penetrated two layers of NAT
> SSH direction tunnel connection tutorial :
instagram.com/UndercodeTesting
> This means that B actively initiates an SSH tunnel from B to A, and forwards port 6766 of A to port B. As long as the tunnel is not closed, this forwarding is effective. Only need to visit A's 6766 port to connect to B in reverse.
π¦ ππΌπ'π πππΈβπ
First establish an SSH tunnel on B, and forward port 6766 of A to port 22 of B:
1) B $ ssh -p 22 -qngfNTR 6766: localhost: 22 usera@a.site
Then use 6766 on A to reverse SSH to B
2) A $ ssh -p 6766 userb @ localhost
The thing to do is actually that simple.
Tunnel maintenance
Stability maintenance
3) Unfortunately, the SSH connection will be closed overtime. If the connection is closed and the tunnel cannot be maintained, then A cannot use the reverse tunnel to penetrate the NAT where B is located. Therefore, we need a solution to provide a stable To the tunnel.
4) One of the easiest methods is autossh. This software will automatically establish an SSH tunnel after timeout, which solves the problem of tunnel stability. If you use Arch Linux, you can obtain it like this:
> $ sudo pacman -S autossh
5) The following does something similar on B, except that the tunnel will be maintained by autossh:
> B $ autossh -p 22 -M 6777 -NR 6766: localhost: 22 usera@a.site
6) The port specified by the -M parameter is used to monitor the status of the tunnel, regardless of port forwarding.
> Then you can access B through port 6766 on A:
7) A $ ssh -p 6766 user @ localhost
Automatic tunnel establishment
However, this has another problem. If B restarts the tunnel, it will disappear. Then there needs to be a means autossh to establish an SSH tunnel every time B starts . One idea is to make the service very natural, then it will be given in systemd a solution under the program.
"Punch"
8) The reason why the title starts so because I think this thing is a bit similar to UDP hole punching, that is, through a machine on the public network, let two machines located behind their respective NAT can establish SSH connection.
9) The following demonstrates how to use SSH reverse tunnel to connect C to B.
10) First edit the configuration file on A , and turn on the switch:sshd/etc/ssh/sshd_configGatewayPorts
> GtaewayPorts yes
Then restart ssh
> A $ sudo systemct1 restart sshd
11) Then on B, modify the autossh command used previously:
12) B $ autossh -p 22 -M 6777 -NR '*: 6766: localhost: 22' user@a.site
After that, connect to B on C using A's 6766 port SSH:
> C $ ssh -p 6766 user@a.site
At this point you have easily penetrated two layers of NAT
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Result : penetrated two layers of NAT
t.me/UndercodeTesting
The final solution
Integrating the aforementioned, the final solution is as follows:
1) First turn on the GatewayPorts switch of sshd on A, and restart sshd.
2) Then create a new user autossh on B. According to the idea of minimizing permissions, the autossh service handout on B runs as an autossh user, avoiding security issues as much as possible:
> B $ sudo useradd -m autossh
> B $ sudo passwd autossh
3) Next, create an SSH key for autossh user on B and upload it to A:
>1 B $ su-autossh B
2 $ ssh-keygen -t; rsa '-C' autossh @ B '
3 B $ ssh-copy-id user@a.site
Note that the key should not be set with a password , that is ssh-keygen , do not enter extra characters despite the carriage return while running the command.
π¦ Then create a service file called with autossh user rights on B. Write the following text to the file and set the permission to 644:autossh/lib/systemd/system/autossh.service
1 [Unit]
2 Description = Auto SSH Tunnel
3 After = network-online.target
4 [Service]
5 User = autossh
6 Type = simple
7 ExecStart = / bin / autossh -p 22 -M 6777 -NR '*: 6766: localhost: 22' usera@a.site -i /home/autossh/.ssh/id_rsa
8 ExecReload = / bin / kill -HUP $ MAINPID
9 KillMode = process
10 Restart = always
11 [Install]
12 WantedBy = multi-user.target
13 WantedBy = graphical.target
Setting network-online.target on B takes effect:
1 B $ systemctl enable NetworkManager-wait-online
If you use systemd-networkd, you need to restart the service should be systemd-networkd-wait-online. Then set the service to start automatically:
1 B $ systemctl enable autossh
If you want, you can start it immediately after this:
1 B $ systemctl start autossh
Then you can use this reverse tunnel on A to penetrate the NAT SSH where B is located to connect to B:
1 C $ ssh -p 6766 user @ localhost
Or connect directly to C through C through two layers of NAT SSH:
1 C $ ssh -p 6766 user@a.site
If you are familiar with ssh, you can use this tunnel to do more things, for example, you can specify dynamic port forwarding when you connect in the reverse direction:
1 C $ ssh -p 6766 -qngfNTD 7677 user@site.a
Joining C is the computer in your home, A is your VPS, and B is your company's computer. If you do as above, then after the browser port is set to the sock4 local (localhost) proxy of 7677, you can see the company's web page on the browser at home.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Result : penetrated two layers of NAT
t.me/UndercodeTesting
The final solution
Integrating the aforementioned, the final solution is as follows:
1) First turn on the GatewayPorts switch of sshd on A, and restart sshd.
2) Then create a new user autossh on B. According to the idea of minimizing permissions, the autossh service handout on B runs as an autossh user, avoiding security issues as much as possible:
> B $ sudo useradd -m autossh
> B $ sudo passwd autossh
3) Next, create an SSH key for autossh user on B and upload it to A:
>1 B $ su-autossh B
2 $ ssh-keygen -t; rsa '-C' autossh @ B '
3 B $ ssh-copy-id user@a.site
Note that the key should not be set with a password , that is ssh-keygen , do not enter extra characters despite the carriage return while running the command.
π¦ Then create a service file called with autossh user rights on B. Write the following text to the file and set the permission to 644:autossh/lib/systemd/system/autossh.service
1 [Unit]
2 Description = Auto SSH Tunnel
3 After = network-online.target
4 [Service]
5 User = autossh
6 Type = simple
7 ExecStart = / bin / autossh -p 22 -M 6777 -NR '*: 6766: localhost: 22' usera@a.site -i /home/autossh/.ssh/id_rsa
8 ExecReload = / bin / kill -HUP $ MAINPID
9 KillMode = process
10 Restart = always
11 [Install]
12 WantedBy = multi-user.target
13 WantedBy = graphical.target
Setting network-online.target on B takes effect:
1 B $ systemctl enable NetworkManager-wait-online
If you use systemd-networkd, you need to restart the service should be systemd-networkd-wait-online. Then set the service to start automatically:
1 B $ systemctl enable autossh
If you want, you can start it immediately after this:
1 B $ systemctl start autossh
Then you can use this reverse tunnel on A to penetrate the NAT SSH where B is located to connect to B:
1 C $ ssh -p 6766 user @ localhost
Or connect directly to C through C through two layers of NAT SSH:
1 C $ ssh -p 6766 user@a.site
If you are familiar with ssh, you can use this tunnel to do more things, for example, you can specify dynamic port forwarding when you connect in the reverse direction:
1 C $ ssh -p 6766 -qngfNTD 7677 user@site.a
Joining C is the computer in your home, A is your VPS, and B is your company's computer. If you do as above, then after the browser port is set to the sock4 local (localhost) proxy of 7677, you can see the company's web page on the browser at home.
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DDOS TUTORIAL 2020
instagram.com/UnDERCODETesting
A ) types of ddos :
> Volume-based attacks,
> Protocol attacks
> Application layer attacks
B) Following are the methods of doing DDoS attacks:
> UDP flood
> ICMP (Ping) flood
> SYN flood
> Ping of Death
> Slowloris
>NTP Amplification
>HTTP flood
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DDOS TUTORIAL 2020
instagram.com/UnDERCODETesting
A ) types of ddos :
> Volume-based attacks,
> Protocol attacks
> Application layer attacks
B) Following are the methods of doing DDoS attacks:
> UDP flood
> ICMP (Ping) flood
> SYN flood
> Ping of Death
> Slowloris
>NTP Amplification
>HTTP flood
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Most Popular Top DDoS Attack Tools In 2020
T.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) HULK It generates unique and obscure traffic It may fail in hiding the identity. Traffic coming through HULK can be blocked.
https://github.com/grafov/hulk
2) Torβs Hammer Apache & IIS server Running the tool through the Tor network will have an added advantage as it hides your identity.
https://sourceforge.net/projects/torshammer/
3) Slowloris Send authorized HTTP traffic to the server As it makes the attack at a slow rate, traffic can be easily detected as abnormal and can be blocked.
https://github.com/gkbrk/slowloris
4) LOIC UDP, TCP, and HTTP requests to the server HIVEMIND mode will allow you to control remote LOIC systems. With the help of this, you can control other computers in Zombie network.
https://sourceforge.net/projects/loic/
5) XOIC DoS attack with TCP or HTTP or UDP or ICMP message Attack made using XOIC can be easily detected and blocked
https://sourceforge.net/directory/?q=xoic
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Most Popular Top DDoS Attack Tools In 2020
T.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) HULK It generates unique and obscure traffic It may fail in hiding the identity. Traffic coming through HULK can be blocked.
https://github.com/grafov/hulk
2) Torβs Hammer Apache & IIS server Running the tool through the Tor network will have an added advantage as it hides your identity.
https://sourceforge.net/projects/torshammer/
3) Slowloris Send authorized HTTP traffic to the server As it makes the attack at a slow rate, traffic can be easily detected as abnormal and can be blocked.
https://github.com/gkbrk/slowloris
4) LOIC UDP, TCP, and HTTP requests to the server HIVEMIND mode will allow you to control remote LOIC systems. With the help of this, you can control other computers in Zombie network.
https://sourceforge.net/projects/loic/
5) XOIC DoS attack with TCP or HTTP or UDP or ICMP message Attack made using XOIC can be easily detected and blocked
https://sourceforge.net/directory/?q=xoic
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 SOLUTION FOR PREVENT DDOS
T.me/UndercodeTesting
> SolarWinds provides a Security Event Manager that is effective mitigation and prevention software to stop the DDoS Attack.
> It will monitor the event logs from a wide range of sources for detecting and preventing DDoS activities.
π¦ download :
> https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?CMP=BIZ-RVW-SWTH-DDoSAttackTools-SEM-UC-Q120
π¦FEATURES :
> Centralized log collection and normalization
> Automated threat detection and response
> Integrated compliance reporting tools
> Intuitive dashboard and user interface
> Built-in file integrity monitoring
> Simple and affordable licensing
π¦Their is much more plugins free can use as another tools ...
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦POPULAR 2020 SOLUTION FOR PREVENT DDOS
T.me/UndercodeTesting
> SolarWinds provides a Security Event Manager that is effective mitigation and prevention software to stop the DDoS Attack.
> It will monitor the event logs from a wide range of sources for detecting and preventing DDoS activities.
π¦ download :
> https://www.solarwinds.com/security-event-manager/use-cases/ddos-attack?CMP=BIZ-RVW-SWTH-DDoSAttackTools-SEM-UC-Q120
π¦FEATURES :
> Centralized log collection and normalization
> Automated threat detection and response
> Integrated compliance reporting tools
> Intuitive dashboard and user interface
> Built-in file integrity monitoring
> Simple and affordable licensing
π¦Their is much more plugins free can use as another tools ...
WRITTEN BY UNDERCODE
β β β ο½ππ»βΊπ«Δπ¬πβ β β β