I'm very new to computers and hacking.
The questions I have:
How does one use a reverse shell over a global IP?
Do I need a server or will my pc/Raspberry Pi running on my router work?
Our Router has a dynamic IP, but it doesn't change often. Might this cause trouble?
Thanks!
1. How does one use a reverse shell over a global IP?
You need to host a listener on your device, then your need to port forward your router to allow the listener to be publicly accessible.
2. Do I need a server or will my pc/Raspberry Pi running on my router work?
Any pc/raspberry pi is fine. Only thing to note is that the reverse shell will only accept connections if the device is turned on.
3. Our Router has a dynamic IP, but it doesn't change often. Might this cause trouble?
If your router's public IP address changes, then all your currently deployed clients will stop working. Either be prepared to remake them each time it changes, or setup dynamic DNS for your router and use that to create your binaries.
Related
I am using Nodejs with the express, bcrypt and body-parser packages on an ubuntu linux system.
Everything works fine so far.
However, I´ve been wondering if there is an easier way to connect to my website.
Until now, I have to type in my IP adress, e.g. https://XXX.XXX.XXX:3000 to actually see the content.
I´ve already tried avahi-daemon but did not get it work. Whenver I try 'hostname.local' I get the same error: Firefox is unable to connect to server.
However, using the IP-Adress: https://XXX.XXX.XXX:3000 works.
I would like to access my NodeJS sever with something similar to: computername.local
FYI: I just want to use it in my local network at home.
Does anybody have any idea how to get this work?
You have a couple choices. The easiest,if available, is probably to setup your home router to always assign it the same IP address (how to do that will vary based on your router). If your router has it available, you could also set a host name for it there in DNS settings.
If your router doesn't have DNS settings available, then you can add a line to each of your home computers /etc/hosts file (if memory serves Windows has it in C:\etc\hosts). Let's say the IP you give the server is 172.16.1.11, your hosts entry would be
172.16.1.11 computername.local
You could also setup your own DNS server in your house, possibly even on the same machine as has your node app, and then configure it to handle the one address before forwarding DNS requests for others to your ISP but that seems like overkill if you have just one app.
I'm currently working on a project where I use a raspberry pi as a server for a home automation server. It works fine on my local network but if I want to use it from an external computer I need to forward the used port on my router.
I'm trying to find a way to make http(s) gets to the server without having to forward the port on the router. I want this because if I would install the system at someone's place (a customer maybe in the future) I don't want to have to access their router.
I've tried using SSL and https but I ran into the same problem.
Is there any way this is possible or is it a lost case?
PS I can't use port 80 since it is already in use.
Thanks in advance
There are two ways to get to the result you want:
Port forwarding, which you've dismissed
Giving the raspberry pi it's own public IP address (which requires a public IP address and access to the router to configure the traffic routing, which you've dismissed).
So let's go back to port forwards.
Most consumer routers these days support NAT traversal via uPNP.
You can use the nat-pmp module to reqest the the router forward a port for you, without having to have direct access to the router.
I want build a router to control my internet access (wlan via server).
Only a few websites (via white/blacklist) should be available at specific times.
Are there any good packages for routing/proxying web (http/s, ftp) and email (pop/imap/smtp) traffic?
What you actually need is a good Firewall. Any decent firewall should be able to filter traffic by day-of-week and time-of-day. Even many of the better SOHO routers can do this. If your router can't do this, you should use a spare PC or server to act as a gateway, run Linux or BSD on that and configure a firewall accordingly. Most Linux versions have IPTABLES which is a simple but effective firewall which will do what you want.
To make things easy, set the PC up to be the DHCP server for the network and configure it so that, when other PC's get an IP address, the gateway IP is set to the same box (you may be able to get your normal router to do this instead otherwise turn off DHCP on the router).
Ideally, if using a gateway PC, set your routers to ONLY accept traffic from that gateway - better still, turn off NAT on the router and let the gateway do it too.
Here is a fairly comprehensive "how-to".
If all of that seems too much, you should consider upgrading your router to one that does all this for you. I personally use the Billion 7800N which would probably be suitable.
If you need an HTTP proxy check out node-http-proxy. I don't know much about FTP and mail proxies though.
I've been developing locally on a little ubuntu netbook with xampp for about 7 months. Two weeks ago I got a computer I'd like to use as a server. I've installed the latest Ubuntu distribution and xampp, moved all my files over, and forwarded port 80. I've also got a domain name from dyndns.com which is being updated by a client which runs in my router (a Netgear WGR6154 v8).
Now, when I try to access my server by typing in the address I got from dyndns.com the browser loads until it timesout. I can access everything locally using localhost as the address so I believe xampp is running, just unable to connect with the internet.
In order to be able to view my files over the internet what should I do next?
Thanks to all in advance...
[I'm starting a bounty for the first person to help me get my files successfully online]
You have a combination of issues here, and that is something of a problem. Each issue is complex in an of itself. Here is what I would recommend to get you going for certain.
First verify that you can surf the web from your server. This will confirm that you have a working ethernet interface.
Step 1 make sure that XAMPP, and your files are viewable from your home network. I assume you are using something like 192.168.1.X for your network and perhaps your server is 192.168.1.10
Go to another computer in your house and type http://192.168.1.10/ and see if you can see your files. If you can then you know that the server is properly configured and XAMPP is working.
Then add an entry to your hosts file to resolve yourdnsrecord.com (or whatever your dyndns record is) to your private ip address. Then when you type yourdnsrecord.com into a browser from that computer you should still get your files. This will rule out your server being improperly configured to listen for that domain name.
Next you need to test to see if there is a firewall problem. To simplify this, first remove your home router from the equation. Instead, place your new server directly onto your internet connection. (assuming you can). This way, you do not need to have NAT or firewalls properly configured. Your dyndns name should map to a public IP and your server should then have that IP and be connected directly to the Internet. If you have your server directly connected, and the command ifconfig from the root prompt returns the same public IP address that your dynamic dns record is point to, then it should work.
It will make your life easier if you have an iphone or some other way to test how your network is seen from the Internet.
If your public IP as shown by ifconfig is different than the IP record in your dyndns account, then your dynamic dns update script is broken. manually set the IP, and see if things work.
It is very possible that this will not work. Some ISPs firewall port 80 preventing their subscribers from hosting servers. Once you have your server directly connected to the internet you can test this (even if your dns is not working) by using the public IP address. As root, type ifconfig from the command prompt to get your public ip address. Then type the command tcpdump -i eth? port 80 from the root prompt. eth? needs to be the same interface that you saw had a public IP address from the ifconfig command. usually this is eth0 but it might be wire0 or something like that.
This command will show you all traffic coming on port 80 to your server.
From an iphone (or whatever second Internet connection you have) browse to the IP address that you got from your ifconfig command. If you see something on your server (and it is directly connected to your ISP) then your ISP is not firewalling you.
If you can get to your server, when it is directly connected to the Internet, either by IP address or by DynDNS address, then your ISP is OK and it is time to debug your firewall.
Two things need to work for your firewall to be configured NAT, where the public address that your router gets from your ISP is converted into your private network and a firewall rule which permits that traffic. If you get this far, then you know your firewall is the problem and then it is just a matter of getting its configuration correct. There are far to many home routers to document here, but you usually can find how-to instructions for your router for this task from the manufacturers website (usually it is part of the manual)
If you follow these instructions exactly you will get your system working. Make comments on the process and I will be happy to modify this to make it clearer.
HTH,
-FT
You should make sure your xampp is not listening to only the localhost.
to do so edit your apache configuration file and check and search for Listen directive
you should be able to know also by analysing the output of netstat -a.
After that make sure your router is forwarding properly, using tcpdump would help.
drop me a comment if you need more help.
Cheers
I have a Linux server with multiple ips (so, multiple eth0, eth0:0, eth0:1 etc).
The script I'm trying to start is a php CLI script which is downloading stuff from an another server API, and I would like to change the IP based on different parameters. Once the script is started, I don't need anymore to change the ip OF THAT SPECIFIC script until his end.
Do you have any clue if it is possible to achieve it?
My other solution was to install Xen or OpenVZ and create N different VPS per each IP, but as you can see is definitely a PITA :-)
You don't specify how you connect to the other server, but with sockets you can try socket_bind.
EDIT:
With curl you can try curl_setopt.
CURLOPT_INTERFACE The name of the outgoing network interface to use. This can be an interface name, an IP address or a host name.
I know how to do it in C - you use bind() on your socket before you call connect(), and you bind to the IP address assigned to the desired interface, passing 0 for port. I don't know how to do it in PHP.