Quick and dirty NAT/Firewall bypass using SSH and ngrok

by on Jun.13, 2018, under Posts

If you have a system that is behind a router/gateway/firewall device that you cannot poke holes in and you want to expose your system to the WAN, I recommend you check out ngrok. You can make a free account, download, and use the tool for free as well (with some limitations).

Once you have followed the simple instructions here, you can then put the ngrok executable into your $PATH (or %PATH%).  Provided if you have ssh listening on port 22 on your system that you’re trying to expose to the WAN, you can then simply run the following command: ngrok tcp 22. The output might look something like this:

Version 2.2.8
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding tcp://0.tcp.ngrok.io:15551 -> localhost:22

Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.0

The beautiful thing about this is that you can see forwarding location by logging into your ngrok.com account and going to status. So this means you could script ngrok (via rc.local, shell:startup, crontab, etc…) to connect out on a regular basis and find the new forwarding location by going to your status page on ngrok.com. The port from my experience is dynamic and changes, but interestingly enough you have to remember to be careful, I was able to find other ssh servers and open ports by scanning  port ranges on 0.tcp.ngrok.io.

Want to access the internal network using a browser? No problem! In this instance you would simply do: ssh -D 8000 username@0.tcp.ngrok.io -p 15551 and then set your browser to use your socks5 proxy on 127.0.0.1 8000.

There are other similar services like like portmap.io and openport.io, but so far I like ngrok the best.

 

 

Leave a Comment :, , , , , , , more...

K.I.S.S. Windows Server Backup Failure Notification Powershell script

by on May.03, 2018, under Code, Posts

$value = get-wbsummary | select -expandproperty lastbackupresulthr

if ( $value -ne 0 )
{
$EmailFrom = “YourGmailAccount@gmail.com”
$EmailTo = “WhoYouWantTonotify@domain.com”
$Subject = “Notification from Windows Server Backup”
$Body = “Last backup may have failed…”
$SMTPServer = “smtp.gmail.com”
$SMTPClient = New-Object Net.Mail.SmtpClient($SmtpServer, 587)
$SMTPClient.EnableSsl = $true
$SMTPClient.Credentials = New-Object System.Net.NetworkCredential(“YourGmailAccount”, “yourcleartextpassword”);
$SMTPClient.Send($EmailFrom, $EmailTo, $Subject, $Body)
}

The code is pretty self explanatory. (The main block I just found from howtogeek.com) Granted it is not secure because it’s storing a cleartext password. You can save this in a .ps1 file and create a scheduled task that runs with at least admin privileges (the function ‘get-wbsummary’ requires admin rights) after a backup has ran.

The $EmailTo variable you could use an SMS gateway to get a text notification. (See this list.) For instance if your phone number is 6165559876 and you have Verizon, it would look like this: $EmailTo = 6165559876@vtext.com.

Leave a Comment :, , , , , , , , , , , , more...

Hack.lu 2017 The Bicho: An Advanced Car Backdoor Maker by Sheila Ayelen Berta and Claudio Caracciolo

by on Mar.13, 2018, under Videos

https://github.com/UnaPibaGeek/CBM

Some things to consider about this: ODB2 is pretty standard in most cars but each car manufacturer has their own subset of protocols,  (i.e. if you’re having car issues and use a basic scanner, the scanner won’t always be able to give you the right diagnostics information) but this is still very interesting.

Lastly, a potentially very useful website for car hackers mentioned in the presentation: http://opencandb.online/

Leave a Comment :, , , , , , more...

Kali Linux for WSL now available on Windows Store

by on Mar.06, 2018, under Posts

This is pretty neat:

https://tech.slashdot.org/story/18/03/06/1334255/kali-linux-for-wsl-now-available-in-the-windows-store

However, I have a couple concerns. First, how useful will it be? Currently on a Windows 10 system, I have WSL setup and nmap is essentially useless:

tester@Win10virtual:~$ sudo nmap -sP -n -T4 192.168.1.254

Starting Nmap 7.01 ( https://nmap.org ) at 2018-03-06 14:10 STD
dnet: Failed to open device eth0
QUITTING!

There is discussion about this issue here:

https://github.com/Microsoft/WSL/issues/1349

There is discussion of other network tools having socket related issues.

Second, how will AV handle tools like metasploit, powersploit, social engineering toolkit and the like that may set off AV engines?

I honestly think WSL is awesome but at this point I would recommend running whatever Linux distro of your desire on VirtualBox or the like.

Leave a Comment :, , , , , , , , more...

[593] Gallium vs. Titalium – Abus Padlock Meets a Gruesome End

by on Feb.19, 2018, under Lock Picking, Videos

Another interesting way of attacking a lock. Looks like you can get Gallium on amazon:

https://www.amazon.com/Gallium-Metal-99-99-Grams-Shipping/dp/B00F3IXF9M

Leave a Comment :, , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!