Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 14
Guests Online: 14
Members Online: 0

Registered Members: 82822
Newest Member: TheBunter
Latest Articles

SSH Tunneling

Arrow Image SSH tunneling basics.



_________ _________ ___ ___
/ _____// _____// | \\
\\_____ \\ \\_____ \\/ ~ \\
/ \\/ \\ Y /
/_______ /_______ /\\___|_ /
\\/ \\/ \\/
___________ .__ .__
\\__ ___/_ __ ____ ____ ____ | | |__| ____ ____
| | | | \\/ \\ / \\_/ __ \\| | | |/ \\ / ___\\
| | | | / | \\ | \\ ___/| |_| | | \\/ /_/ >
|____| |____/|___| /___| /\\___ >____/__|___| /\\___ /
\\/ \\/ \\/ [Haykuro] \\//_____/


.TABLE OF CONTENTS

A. SSH
.Telnet
.Putty

B. Tunneling Explanation
C. SSH Tunneling
.Telnet
.Putty

C. CREDITS


A. SSH
.TELNET

\"Telnet is a user command using TCP/IP protocols to access a computer remotely. To have access to that computer, you must have permission, meaning you must authenticate to the system with a valid username and password. When you are connected to the network using telnet, you can enter commands and they will be executed as if the were being entered directly onto the server console.\" - www.greencomputer.com/solutions/glossary.html

Telnet in short, is used to connect to a remote computer and interact with it. Telnet can be used for many reasons, terminal based SMTP servers, terminal based FTP servers, terminal based HTTP servers (sorta like the old BBS boards).

.Putty

\"PuTTY is an SSH, Telnet, rlogin, and raw TCP client. It was originally available only for Windows, but is now also available on various Unix platforms, with work-in-progress ports to Classic Mac OS and Mac OS X. Other people have contributed unofficial ports to other platforms. It is written and maintained primarily by Simon Tatham, and is open source, licensed under the MIT license.\" - en.wikipedia.org/wiki/PuTTY

Sumarized, putty is used alot like telnet but less buggy and much more user friendly. It also comes with a GUI to help out those who do not want to launch commands via the command prompt (such as \"putty -ssh .....\")


B. Tunneling Explanation

Tunneling is used to do 3 things.
1) Avoid web filters.
2) Avoid sniffers on a untrusted network.
3) Getting to a trusted internet source at airports, hotels, starbucks, and other places with hotspots. (Yes, this can also be used to gain free internet at places like this, but that is illegal and I dont recommend doing so. Getting arrested over stealing some internet at a cafe is just plain stupid.)

Tunneling is basicly just creating a \"tunnel\" between you and a trusted computer.

Example:
NOT TUNNELED:
Untrusted network -> You -> Website
SNIFFER WOULD PICK UP THE PACKETS AND PASSWORDS CLEARLY.


Untrusted network -> You -ENCRYPTED> Trusted computer -> Website
SNIFFERS WOULD EIGTHER NOT PICK UP THE PACKETS, OR GET THEM ENCRYPTED.

So your only using the internet of the untrusted network to connect to the trusted computer via SSH. The trusted computer is then the one who browses and sends back data, its used like a SOCKS proxy.

C. SSH Tunneling
.TELNET

To do SSH tunneling via telnet you must forward any port not being used by another application. Then open CMD and type:
telnet TRUSTED_COMPUTER_IP 22

this will connect to the trusted computer on port 22 (ssh).
login if prompted.

Now run firefox and click Tools>>Options.
Then click Connection Settings.
Now tick Manual Proxy Configuration.
Leave HTTP/SSL/FTP/Gopher proxy\'s blank and fill in the SOCKS Host boxes.
The first box is localhost (or 127.0.0.1)
The port is whatever port you forwarded.
Now just click ok and click ok again at the main options screen.
Now try surfing to google or something and it should now be surfing under the IP of the trusted computer. (go to www.whatismyip.com to see the trusted computer IP instead of urs).

.Putty

Run putty.
Click Connection->SSH then click on Tunnels.
Now on the box that sais Source Port fill in the port to be forwarded.
Then tick Dynamic.
Then click the ADD button.
You should now see something like \"D#\" where # is the port you forwarded.

Now click Session at the right.

Under the box that sais Host Name (or IP adress) enter the trusted computers host name or IP.

Under port put 22 (ssh).

Set protocol to SSH.

OPTIONAL: if you do not want to go thru this again, under the text that sais Saved Sessions type anything you want and hit save, next time you wish to tunnel just click it in the list one time and hit load.

Now click open.
login if prompted.

Now run firefox and click Tools>>Options.
Then click Connection Settings.
Now tick Manual Proxy Configuration.
Leave HTTP/SSL/FTP/Gopher proxy\'s blank and fill in the SOCKS Host boxes.
The first box is localhost (or 127.0.0.1)
The port is whatever port you forwarded.
Now just click ok and click ok again at the main options screen.
Now try surfing to google or something and it should now be surfing under the IP of the trusted computer. (go to www.whatismyip.com to see the trusted computer IP instead of urs).


C. CREDITS

Written by: Haykuro
Written on: 1/17/05

Comments

Nubzzzon January 21 2006 - 17:08:41
good article
thomasantonyon January 23 2006 - 16:45:26
It would be nice if someone could give me some help on finding remote SSHs Grin Google hasn't given me anything yet.Good article BTW.
PhaZoron January 24 2006 - 21:24:04
It seems to me that this is only useful when you really need to use a bit of free Internet. Other than that, a standard cgi web-proxy wouldn't hurt.
Haykuroon January 30 2006 - 13:01:58
this way is basicly used so others cant sniff ur passwords/emails/chat convo's/ect.. as for u, thomasantony, i wud suggest searching google for "free SSH accounts" i found some good ones Smile thx all for reading Smile
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.