Get Started. It's Free
or sign up with your email address
SSH by Mind Map: SSH

1. IP TABLES

1.1. COMMANDS

1.1.1. FLUSHING

1.1.1.1. iptables -F iptables -X

1.1.2. SSH Local port forwarding

1.1.2.1. #!/bin/bash # Clear iptables rules iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F iptables -X # SSH Scenario iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 3389 -m state --state NEW -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT iptables -A INPUT -p tcp --dport 8080 -m state --state NEW -j ACCEPT iptables -A INPUT -i lo -j ACCEPT

2. SSH

2.1. sudo ssh -N -L 0.0.0.0:445:192.168.1.110:445 [email protected]

3. Basic Config

3.1. Append to: /etc/samba/smb.conf

3.1.1. min protocol = SMB2

3.2. Restart the Saba Daemon: sudo /etc/init.d/smbd restart

4. 2

5. SSH INFO

5.1. SSH KEYS

5.1.1. Host Keys

5.1.1.1. The host keys can be used to conduct a MITM attack against the device, but do not provide direct access.

5.1.1.2. Key:

5.1.2. Authorized Keys

5.1.2.1. The authorized keys can be used to gain access to a device with this public key

5.1.2.2. add the public key to the ~/.ssh/authorized_keys

6. Set up public key authentication

6.1. ssh-keygen -t rsa

6.1.1. sh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/kali/.ssh/id_rsa): Created directory '/home/kali/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/kali/.ssh/id_rsa Your public key has been saved in /home/kali/.ssh/id_rsa.pub The key fingerprint is: SHA256:SQR8aJt15EAl/VybgxlZzbWDRYbuitfWwjlZ9MXaSuE [email protected] The key's randomart image is: +---[RSA 3072]----+ | ..+=+o o+*o| | +.o+o o.= +| | . =...o.* * | | o. . =.=.+| | S ...=o| | .E.o| | . +.=. | | . o O.. | | . . o | +----[SHA256]-----+

6.2. ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]

6.2.1. ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected] /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/kali/.ssh/id_rsa.pub" The authenticity of host '192.168.185.190 (192.168.185.190)' can't be established. ED25519 key fingerprint is SHA256:8XQJTekqXU8Mu5jMFbju83vVevvFwOkOO7wqCWelEsg. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys [email protected]'s password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh '[email protected]'" and check to make sure that only the key(s) you wanted were added.

6.3. client: sudo systemctl start ssh.service

6.4. Client: sudo systemctl status ssh.service

6.5. Client: sudo systemctl enable ssh.service

7. 3

8. Delete default keys

8.1. cd /etc/ssh

8.2. mkdir old_keys

8.3. mv ssh_host_* old_keys/

8.4. dpkg-reconfigure openssh-server

9. hydra -l kali -P /usr/share/wordlists/rockyou.txt ssh://127.0.0.1

10. non-root shell Linux client

10.1. ssh -N -R 10.11.0.4:2221:127.0.0.1:3306 [email protected]

10.2. Discover: MySQL server is running on TCP port 3306.

11. TEMPLATE

11.1. Windows Server 2016 172.16.137.44 exercise: 192.168.1.110

11.2. Kali

11.3. internet

11.4. remote shares on the Windows Server 2016

11.5. c

11.6. firewall

11.7. computer 2

11.8. ROOT

11.9. b

11.10. d

11.11. e

11.12. time

12. firewall blocking inbound TCP port 22

13. Kali: 10.11.0.4

13.1. SSH remote port forwarding

13.1.1. IP TABLES

13.1.1.1. #!/bin/bash # Clear iptables rules iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F iptables -X # SSH Scenario iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp --dport 3389 -m state --state NEW -j ACCEPT iptables -A INPUT -i lo -j ACCEPT

13.2. sudo nmap -sS -sV 127.0.0.1 -p 2221

14. internet

15. Linux client 192.168.137.44 exercise: 10.11.0.128

16. Forward port 445 on Kali to port 445 on Windows server 2016

16.1. sudo ssh -N -L 0.0.0.0:445:192.168.1.110:445 [email protected]

16.1.1. -N' Do not execute a remote command

16.1.2. -L, bind_address:]port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.

16.2. Append "min protocol = SMB2" to /etc/samba/smb.conf

16.3. Restart the Saba Daemon: sudo /etc/init.d/smbd restart

16.4. smbclient -L 127.0.0.1 -U Administrator

17. Windows Server 2016 172.16.137.44 exercise: 192.168.1.110

18. Kali

19. firewall

20. remote shares on the Windows Server 2016

21. computer 2

22. Firewall & Client allow TCP port 22, 2289 and 8080 inbound and outbound

23. Outbound TCP port 22 is allowed through the firewall

24. Crack SSH