# Put WLAN device in monitoring mode
airmon-ng start wlan0
# Scan for access points
airodump-ng wlan0mon
# Capture WPA2 handshake, use $BSSID and $CHANNEL from previous scan
# Wait until airodump says 'WPA handshake: ...' in the upper right of the terminal, then press `Ctrl+c` to stop scanning
airodump-ng -c $CHANNEL --bssid $BSSID -w $CAPTURE_FILE wlan0mon
iptables -A INPUT -p udp --dport 60000:61000 -j ACCEPT
Install packages:
apt-get update
apt-get install hostapd udhcpd tor iptables-persistent
Disable WLAN interface:
iptables -t mangle -A POSTROUTING -o eth0 -j TTL --ttl-set `cat /proc/sys/net/ipv4/ip_default_ttl`
Alternative:
iptables -t mangle -A POSTROUTING -o eth0 -j TTL --ttl-inc 1
# Enable RDP
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
# Allow RDP in firewall
Set-NetFirewallRule -Name RemoteDesktop-UserMode-In-TCP -Enabled true
# Enable secure RDP authentication
set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
iptables -A OUTPUT -p icmp -j REJECT
iptables -t nat -A OUTPUT ! -o lo -p tcp -m owner --uid-owner $USER -m tcp -j REDIRECT --to-ports 9040
iptables -t nat -A OUTPUT ! -o lo -p udp -m owner --uid-owner $USER -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner $USER -m tcp --dport 9040 -j ACCEPT
iptables -t filter -A OUTPUT -p udp -m owner --uid-owner $USER -m udp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT ! -o lo -m owner --uid-owner $USER -j DROP
- Create
ssh_wrapper.exp
:
#!/usr/bin/expect -f
eval spawn [lrange $argv 1 end]
expect "*?assword:*"
send [lindex $argv 0]
send "\r"
interact
cat $SERIALIZED_PHP_FILE | php -r 'echo json_encode(unserialize(file_get_contents("php://stdin")));'
# $LOCAL_IP: 'localhost' or machine from local network
# $LOCAL_PORT: open port on local machine
# $REMOTE_IP: remote localhost or IP from remote network
# $REMOTE_PORT: open port on remote site
# Forward Tunnel: map port from remote machine/network on local machine
ssh -L $LOCAL_PORT:$REMOTE_IP:$REMOTE_PORT $USER@$SERVER
# Reverse Tunnel: make local port accessable to remote machine