Scribd Logo
Upload

Welcome to Scribd!

  • 51 views

    Tema2 2021 (10-13)

    Uploaded by

    Duta Cosmin
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    Tema2 2021 (10-13)

    Uploaded by

    Duta Cosmin
    51 views3 pages
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    51 views3 pages

    Tema2 2021 (10-13)

    Uploaded by

    Duta Cosmin
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    You are on page 1of 3

    9

    ===PE RED===

    mkdir scripts
    cd scripts
    nano whereswaldo
    ====
    wget -r -q -np -R "index.html*" --http-user ana --http-password face_ReLe
    http://host/.X/
    find . -name waldo.txt | xargs cat
    ====
    chmod 775 whereswaldo
    ./whereswaldo

    10)

    [comenzi]

    [student]
    sudo su
    cd /root
    mkdir scripts
    cd scripts
    nano ftp-upload

    [editare fisier]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

    USER="fs"
    PASSWORD="talent+valoare"

    touch filtered_files
    touch buffer
    ls -p | grep -v / | cat > buffer
    grep -E *[UVT]([0-9][0-9]{0,3}|10000).txt buffer | cat > filtered_files
    rm buffer
    FILES=sed -z 's/\n/,/g;s/,$/\n/' filtered_files
    rm filtered_files

    curl --user "$USER:$PASSWORD" --upload-file "{$FILES}" ftp://red/upload/ --ftp-


    create-dirs

    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

    chmod +x ftp-upload
    exit

    13
    go red
    apt install nmap
    yes
    sudo su
    cd ~
    mkdir scripts
    cd scripts
    nano check-port

    scrie:
    nmap -p $1 -sS host >> port_info

    if grep -q open port_info; then


    echo adevarat
    else
    echo nah
    fi
    rm port_info

    ??

    D:>scp student@192.168.0.106:/home/student/tema2-exported.cz .
    neneaaaaaaaa ? — 01/26/2022 11:02 PM
    sudo iptables -I FORWARD 2 -p tcp -s blue -d green --dport telnet -j LOG --log-
    prefix "insecure-telnet: "
    sudo iptables -A FORWARD -p tcp -s blue -d green --dport telnet -j REJECT
    Dragos 🐭 — 01/26/2022 11:04 PM
    cd /
    cd var
    cd log
    touch insecure.log

    cd /
    cd etc
    ls
    cd rsyslog.d
    ls
    touch 00-conf_t2.conf
    ls
    nano 00-conf_t2.conf

    :msg,contains,"[insecure-telnet: ]" -/var/log/insecure.log


    & stop

    iptables -A FORWARD -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23 -


    j REJECT
    iptables -I FORWARD 2 -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23
    -j LOG --log-prefix="insecure-telnet: "

    sudo systemctl restart rsyslog


    soldatescu — 01/26/2022 11:28 PM
    sudo su
    iptables-save > /etc/iptables/rules.v4
    exit
    Dragos 🐭 — 01/26/2022 11:38 PM
    root@blue:~# cd /etc
    root@blue:/etc# cd /wireguard
    root@blue:/etc/wireguard# umask 077
    root@blue:/etc/wireguard# wg genkey | tee privatekey | wg pubkey > publickey

    root@blue:/etc/wireguard# ls
    privatekey publickey
    root@blue:/etc/wireguard# ip link add wg-rl type wireguard
    root@blue:/etc/wireguard# ip addr add 2022:0:36::2/64 dev wg-rl
    root@blue:/etc/wireguard# wg set wg-rl private-key ./privatekey
    root@blue:/etc/wireguard# ip link set wg-rl up
    root@blue:/etc/wireguard#

    root@blue:/etc/wireguard# ip addr

    de aici copiezi ip ul de sub 3: eth0 : inet6 2022:4:206:66::2 scope global


    root@blue:/etc/wireguard# wg

    copiezi cheia publica si portul

    aceleasi pt verde

    dai comanda
    root@blue:/etc/wireguard# wg set wg-rl peer cheieVerde allowed-ips 2022:0:F::1
    endpoint ipv6eth0verde:portverde

    apoi dai comanda asta pe verde


    cu wg set wg-rl peer cheieblue allowed-ips 2022:0:F::2 endpoint
    ipv6eth0blue:portblue
    wg genkey | tee privatekey | wg pubkey > publickey
    wg set wg-rl peer vmPnlyjG9FWzNB3vqMdVw3xr5FzXfBon1ErEL7SpRko= allowed-ips
    2022:0:36::2 endpoint 2022:4:206:66::2:44218

    wg set wg-rl peer z3+Xy4fk7fMxnreDoAXNPCW/hlsutxbvlWdUKgMFDWY= allowed-ips


    2022:0:36::1 endpoint 2022:3:206:52::2:54539

    You might also like