logo

Proxies & Proxies

It took me a whole year to learn about VPN connections, tunnels, proxies, SSH connections, site-to-sites, subnetting, creating multiple networks, and learning how to divide them, but it was worth it. I learned to create servers, and I'm also learning how to hide connections from firewalls or avoid their detection.

Learned Skills Summary

    • VPN connections
    • Tunnels
    • Proxies
    • SSH connections
    • Site-to-sites
    • Subnetting
    • Creating multiple networks
    • Network division
    • Server creation
    • Firewall evasion
    • SSH management with Termius
    • Ansible scripting for command execution and host tracking
    • Proxychains usage for accessing machines
    • Utilization of Wireguard for reliable connections
    • Reverse proxy setup
    • Ngrok implementation
    • Troubleshooting firewall issues
    • Network scanning detection and mitigation

  • Termius and Taislcale.

    First, I tried simply adding all the hosts using Tailscale and Nagios. It worked, but I needed something to keep track of them and not forget their usernames. I relied on Termius, which is an SSH management app https://termius.com. 
    tails
[sudo] password for nat: 
100.89.31.16    macpropromox         emowersmn@   linux   -
100.86.212.118  archive              emowersmn@   linux   offline
100.65.128.115  c-c                  emowersmn@   linux   offline
100.64.129.75   casiton              emowersmn@   linux   idle, tx 152708 rx 20220
100.87.248.31   ccdc                 emowersmn@   linux   idle, tx 224648 rx 34264
100.69.148.92   cell-1               emowersmn@   linux   offline
100.99.52.88    dns-2                emowersmn@   linux   idle; offline, tx 6216 rx 0
100.124.151.63  dns                  emowersmn@   linux   offline
100.89.233.128  dnsserver            emowersmn@   linux   offline
100.115.245.98  gateway-ccdc         emowersmn@   linux   -
100.87.166.1    kali-xps             emowersmn@   linux   offline
100.95.182.29   loca22               emowersmn@   linux   offline
100.101.96.84   macpro               emowersmn@   linux   offline
100.122.207.7   macproqem            emowersmn@   linux   offline
100.66.25.11    nagios-server        emowersmn@   linux   offline
100.79.56.72    ntp-4                emowersmn@   linux   offline
100.68.192.22   ntp-5                emowersmn@   linux   idle; offline, tx 6216 rx 0
100.122.89.114  ntp                  emowersmn@   linux   idle; offline, tx 6216 rx 0
100.72.181.55   olas                 emowersmn@   linux   idle; offline, tx 6216 rx 0
100.90.111.44   ozonos-mac-mini      emowersmn@   macOS   offline
100.79.6.69     protegemesenor       emowersmn@   linux   offline
100.73.114.71   purple-server        emowersmn@   linux   offline
100.104.252.47  splunk-1             emowersmn@   linux   offline
100.91.226.86   splunk               emowersmn@   linux   offline
100.76.181.110  wero-pi3             emowersmn@   linux   idle; offline, tx 6216 rx 0
100.93.170.114  windows10            emowersmn@   linux   offline
100.105.61.173  winxps               emowersmn@   linux   offline
100.117.195.45  xps-kali-vm          emowersmn@   linux   offline

  • Ansible.

    I even created several Ansible scripts to send commands, check which hosts are still online, and so on. All the scripts are on my GitHub here: [http://github.com/4rji/ansible].. 
     ansip
macpro : online
Ccdc : online
181 : offline
183 : offline
179 : offline
187 : offline
188 : offline
189 : offline
172 : offline
44 : offline
65-Raspb3 : offline
148 : offline
kali : offline
10.0.0.999 : offline
Raspi : offline
191 : offline
196 : offline
olas : offline
Casiton : offline
NewhostName : offline

  • SSH -D, SSH Jump, Squid & Proxychains

    Then I continued experimenting with SSH -D, SSH Jump, Squid & Proxychains, creating some scripts to quickly connect using Ansible and SSH Jumps. With Proxychains and Firefox, I could access several machines. 
    #Some scripts available:
sshcom
sshmoni
sshmonitorsc
sshmoni
ssh80
fixsshhost
copyssh
fixssh
sshconf
sshhost
sshjump
sshlist
sshhuesped
sshic
sshmont

  • Tailscale (no thanks) Wireguard, DNS.

    The connection with Tailscale isn't reliable or fast. I switched to Wireguard and set up a reverse proxy instead. I've been trying many options, like Site-to-Site, VPN servers, Wireguard server, Ngrok, but in the end, what I'm using is Wireguard with a server on a modem. I installed it on Unifi, but I had certain issues with the firewall, and sometimes it would disconnect.


    I also noticed strange behavior on the Tailscale network; a server was scanning without any reason. Because of this, I decided to stop using it. I didn't find anything unusual on the server, but it seemed to be just an influx of connections, possibly normal in network maintenance, but I didn't like it.

  • The winners: Wireguard - DNS -SSH

    I created a script to install Wireguard on all servers, enabled it to start at boot, so all servers communicate automatically among themselves and upon system startup, which is necessary for the next step: Dropboxes.



    Code Example with Copy Functionality 
    #!/bin/bash
# Check if the configuration file was provided as an argument
echo -e "\033[0;32m"
echo "_________________________________________________________"
echo ""
if [ $# -eq 0 ]; then
    echo -e "\033[0;31mError: No configuration file provided."
    echo -e "Usage: $0 path/to/file.conf\033[0m"
    exit 1
fi
echo -e "\033[0m"

# Take the first argument as the configuration file
config_file=$1

# Extract the base name of the file to use in the commands
file_name=$(basename "$config_file")

echo -e "\033[0;34mCopying the configuration file to /etc/wireguard/\033[0m"
# Copy the configuration file to the WireGuard directory
sudo cp "$config_file" "/etc/wireguard/$file_name"
rm -f "$config_file" 
# Adjust configuration file permissions
sudo chmod 600 "/etc/wireguard/$file_name"

# Check if the file name ends in '.conf'
if [[ $file_name == *.conf ]]; then
    interface_name="${file_name%.*}"
else
    interface_name="$file_name"
fi

echo -e "\033[0;35mBringing up the WireGuard connection...\033[0m"
# Bring up the WireGuard connection
sudo wg-quick up "$interface_name"

echo -e "\033[0;36mCurrent status of WireGuard:\033[0m"
# Display WireGuard status
sudo wg
echo ""
echo -e "\n\033[1;32m_________________________________________________________\033[0m\n"

echo "Connecting."
sleep .5
echo " Connecting.."
sleep 1
echo ""
echo -e "\033[0;31mYour public IP address is:\033[0m"
# Display the public IP address
minet


echo ""
echo -e "\n\033[1;33m_________________________________________________________\033[0m\n"
echo ""
echo "To end the connection use down, to start again use up:"
echo "sudo wg-quick down \"$interface_name\""

echo -e "\n\033[1;33m_________________________________________________________\033[0m\n"

# Ask the user
echo "Do you wish to enable the network to start automatically? [y/n]"
read response

# Check if the response is 'y'
if [ "$response" = "y" ]; then
        
    # Execute the command to enable the interface at startup
#    sudo wg-quick enable@"$interface_name"
    sudo systemctl enable wg-quick@"$interface_name"

    echo "sudo systemctl enable wg-quick@\"$interface_name\""



    echo "The interface $interface_name has been enabled to start automatically."
else
    echo "No changes have been made."
fi
echo -e "\n\033[1;33m_________________________________________________________\033[0m\n"


echo -e "\033[1;37mADVISORY: This script should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own computers and/or with the computer owner's permission.\033[0m"

echo ""