9

===PE RED===

mkdir scripts
cd scripts
nano whereswaldo
====
wget -r -q -np -R "index.html*" --http-user ana --http-password face_ReLe
http://host/.X/
find . -name waldo.txt | xargs cat
====
chmod 775 whereswaldo
./whereswaldo

10)

[comenzi]

[student]
sudo su
cd /root
mkdir scripts
cd scripts
nano ftp-upload

[editare fisier]%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

USER="fs"
PASSWORD="talent+valoare"

touch filtered_files
touch buffer
ls -p | grep -v / | cat > buffer
grep -E *[UVT]([0-9][0-9]{0,3}|10000).txt buffer | cat > filtered_files
rm buffer
FILES=sed -z 's/\n/,/g;s/,$/\n/' filtered_files
rm filtered_files

curl --user "$USER:$PASSWORD" --upload-file "{$FILES}" ftp://red/upload/ --ftp-

create-dirs

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

chmod +x ftp-upload
exit

13
go red
apt install nmap
yes
sudo su
cd ~
mkdir scripts
cd scripts
nano check-port

scrie:
nmap -p $1 -sS host >> port_info

if grep -q open port_info; then

echo adevarat
else
echo nah
fi
rm port_info

??

D:>scp [email protected]:/home/student/tema2-exported.cz .
neneaaaaaaaa ? — 01/26/2022 11:02 PM
sudo iptables -I FORWARD 2 -p tcp -s blue -d green --dport telnet -j LOG --log-
prefix "insecure-telnet: "
sudo iptables -A FORWARD -p tcp -s blue -d green --dport telnet -j REJECT
Dragos 🐭 — 01/26/2022 11:04 PM
cd /
cd var
cd log
touch insecure.log

cd /
cd etc
ls
cd rsyslog.d
ls
touch 00-conf_t2.conf
ls
nano 00-conf_t2.conf

:msg,contains,"[insecure-telnet: ]" -/var/log/insecure.log

& stop

iptables -A FORWARD -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23 -

j REJECT
iptables -I FORWARD 2 -p tcp -s blue -d green -i veth-blue -o veth-green --dport 23
-j LOG --log-prefix="insecure-telnet: "

sudo systemctl restart rsyslog

soldatescu — 01/26/2022 11:28 PM
sudo su
iptables-save > /etc/iptables/rules.v4
exit
Dragos 🐭 — 01/26/2022 11:38 PM
root@blue:~# cd /etc
root@blue:/etc# cd /wireguard
root@blue:/etc/wireguard# umask 077
root@blue:/etc/wireguard# wg genkey | tee privatekey | wg pubkey > publickey

root@blue:/etc/wireguard# ls
privatekey publickey
root@blue:/etc/wireguard# ip link add wg-rl type wireguard
root@blue:/etc/wireguard# ip addr add 2022:0:36::2/64 dev wg-rl
root@blue:/etc/wireguard# wg set wg-rl private-key ./privatekey
root@blue:/etc/wireguard# ip link set wg-rl up
root@blue:/etc/wireguard#

root@blue:/etc/wireguard# ip addr

de aici copiezi ip ul de sub 3: eth0 : inet6 2022:4:206:66::2 scope global

root@blue:/etc/wireguard# wg

copiezi cheia publica si portul

aceleasi pt verde

dai comanda
root@blue:/etc/wireguard# wg set wg-rl peer cheieVerde allowed-ips 2022:0:F::1
endpoint ipv6eth0verde:portverde

apoi dai comanda asta pe verde

cu wg set wg-rl peer cheieblue allowed-ips 2022:0:F::2 endpoint
ipv6eth0blue:portblue
wg genkey | tee privatekey | wg pubkey > publickey
wg set wg-rl peer vmPnlyjG9FWzNB3vqMdVw3xr5FzXfBon1ErEL7SpRko= allowed-ips
2022:0:36::2 endpoint 2022:4:206:66::2:44218

wg set wg-rl peer z3+Xy4fk7fMxnreDoAXNPCW/hlsutxbvlWdUKgMFDWY= allowed-ips

2022:0:36::1 endpoint 2022:3:206:52::2:54539