Scribd Logo
Upload

Welcome to Scribd!

  • Tema2 2021 (10-13)

    Uploaded by

    Duta Cosmin
    11 views3 pages
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    11 views3 pages

    Tema2 2021 (10-13)

    Uploaded by

    Duta Cosmin
    The document provides instructions for setting up a WireGuard VPN between two systems called blue and green. It describes generating keys, setting up interfaces, configuring allowed IPs and endpoints to establish the connection between the systems.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 3

    9

    ===PE RED===

    mkdir scripts
    cd scripts
    nano whereswaldo
    ====
    wget -r -q -np -R "index.html*" --http-user ana --http-password face_ReLe
    http://host/.X/
    find . -name waldo.txt | xargs cat
    ====
    chmod 775 whereswaldo
    ./whereswaldo

    10)

    [comenzi]

    [student]
    sudo su
    cd /root
    mkdir scripts
    cd scripts
    nano ftp-upload

    [editare fisier]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

    USER="fs"
    PASSWORD="talent+valoare"

    touch filtered_files
    touch buffer
    ls -p | grep -v / | cat > buffer
    grep -E *[UVT]([0-9][0-9]{0,3}|10000).txt buffer | cat > filtered_files
    rm buffer
    FILES=sed -z 's/\n/,/g;s/,$/\n/' filtered_files
    rm filtered_files

    curl --user "$USER:$PASSWORD" --upload-file "{$FILES}" ftp://red/upload/ --ftp-


    create-dirs

    %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

    chmod +x ftp-upload
    exit

    13
    go red
    apt install nmap
    yes
    sudo su
    cd ~
    mkdir scripts
    cd scripts
    nano check-port

    scrie:
    nmap -p $1 -sS host >> port_info

    if grep -q open port_info; then


    echo adevarat
    else
    echo nah
    fi
    rm port_info

    ??

    D:>scp student@192.168.0.106:/home/student/tema2-exported.cz .
    neneaaaaaaaa ? — 01/26/2022 11:02 PM
    sudo iptables -I FORWARD 2 -p tcp -s blue -d green --dport telnet -j LOG --log-
    prefix "insecure-telnet: "
    sudo iptables -A FORWARD -p tcp -s blue -d green --dport telnet -j REJECT
    Dragos 🐭 — 01/26/2022 11:04 PM
    cd /
    cd var
    cd log
    touch insecure.log

    cd /
    cd etc
    ls
    cd rsyslog.d
    ls
    touch 00-conf_t2.conf
    ls
    nano 00-conf_t2.conf

    :msg,contains,"[insecure-telnet: ]" -/var/log/insecure.log


    & stop

    iptables -A FORWARD -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23 -


    j REJECT
    iptables -I FORWARD 2 -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23
    -j LOG --log-prefix="insecure-telnet: "

    sudo systemctl restart rsyslog


    soldatescu — 01/26/2022 11:28 PM
    sudo su
    iptables-save > /etc/iptables/rules.v4
    exit
    Dragos 🐭 — 01/26/2022 11:38 PM
    root@blue:~# cd /etc
    root@blue:/etc# cd /wireguard
    root@blue:/etc/wireguard# umask 077
    root@blue:/etc/wireguard# wg genkey | tee privatekey | wg pubkey > publickey

    root@blue:/etc/wireguard# ls
    privatekey publickey
    root@blue:/etc/wireguard# ip link add wg-rl type wireguard
    root@blue:/etc/wireguard# ip addr add 2022:0:36::2/64 dev wg-rl
    root@blue:/etc/wireguard# wg set wg-rl private-key ./privatekey
    root@blue:/etc/wireguard# ip link set wg-rl up
    root@blue:/etc/wireguard#

    root@blue:/etc/wireguard# ip addr

    de aici copiezi ip ul de sub 3: eth0 : inet6 2022:4:206:66::2 scope global


    root@blue:/etc/wireguard# wg

    copiezi cheia publica si portul

    aceleasi pt verde

    dai comanda
    root@blue:/etc/wireguard# wg set wg-rl peer cheieVerde allowed-ips 2022:0:F::1
    endpoint ipv6eth0verde:portverde

    apoi dai comanda asta pe verde


    cu wg set wg-rl peer cheieblue allowed-ips 2022:0:F::2 endpoint
    ipv6eth0blue:portblue
    wg genkey | tee privatekey | wg pubkey > publickey
    wg set wg-rl peer vmPnlyjG9FWzNB3vqMdVw3xr5FzXfBon1ErEL7SpRko= allowed-ips
    2022:0:36::2 endpoint 2022:4:206:66::2:44218

    wg set wg-rl peer z3+Xy4fk7fMxnreDoAXNPCW/hlsutxbvlWdUKgMFDWY= allowed-ips


    2022:0:36::1 endpoint 2022:3:206:52::2:54539

    You might also like