Visits

 [+/-]
Today:
Yesterday:
Day before yesterday: 		29
389
372
+17
This week:
Last week:
Week before last week: 		1515
2427
2483
-56

Last month:
Month before last month:		10693
9885
8946
+939

Visitor Data

IP ADDRESS
38.107.191.86
-
Location
United States
-
Browser
Unknown Browser
-
Operating System
Unknown Operating System

Most Downloaded


No Documents
Add to: JBookmarks Add to: Bookmarks.cc Add to: Digg Add to: Reddit Add to: Upchuckr Add to: StumbleUpon Add to: Slashdot Add to: Blogmarks Add to: Technorati Add to: Newsvine Add to: Blinkbits Add to: Smarking Add to: Spurl Add to: Google Information

10

Oct

SSH Backdoor

Many times I'll be at a site where I need remote support from someone who is blocked on the outside by a company firewall. Few people realize that if you can get out to the world through a firewall, then it is relatively easy to open a hole so that the world can come into you.

In its crudest form, this is called "poking a hole in the firewall." I'll call it an SSH back door. To use it, you'll need a machine on the Internet that you can use as an intermediary.

In our example, we'll call our machine blackbox.example.com. The machine behind the company firewall is called ginger. Finally, the machine that technical support is on will be called tech. Figure 4 explains how this is set up.


Figure 4. Poking a hole in the firewall
Poking a hole in the firewall

Here's how to proceed:

  1. Check that what you're doing is allowed, but make sure you ask the right people. Most people will cringe that you're opening the firewall, but what they don't understand is that it is completely encrypted. Furthermore, someone would need to hack your outside machine before getting into your company. Instead, you may belong to the school of "ask-for-forgiveness-instead-of-permission." Either way, use your judgment and don't blame me if this doesn't go your way.
  2. SSH from ginger to blackbox.example.com with the -R flag. I'll assume that you're the root user on ginger and that tech will need the root user ID to help you with the system. With the -R flag, you'll forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH tunnel. Note that only SSH traffic can come into ginger: You're not putting ginger out on the Internet naked.

    You can do this with the following syntax:

    ~# ssh -R 2222:localhost:22 This e-mail address is being protected from spambots. You need JavaScript enabled to view it

    Once you are into blackbox, you just need to stay logged in. I usually enter a command like:

    thedude@blackbox:~$ while [ 1 ]; do date; sleep 300; done

    to keep the machine busy. And minimize the window.

  3. Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH flags. You'll have to give them your password:

    root@tech:~# ssh This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

  4. Once tech is on the blackbox, they can SSH to ginger using the following command:

    thedude@blackbox:~$: ssh -p 2222 root@localhost

  5. Tech will then be prompted for a password. They should enter the root password of ginger.
  6. Now you and support from tech can work together and solve the problem. You may even want to use screen together!
< Prev   Next >
 


All Documents are Rights of their Owners :: 2008 Legitcode.com : All Rights Reserved